$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa File: 64aa810d-cc7f-45fe-b794-d290c3a511c5.roa (raw, json) Hash identifier: xANCxUHIi2KgGqmd6MgeHfV8XBUxfZ+2EPDA13l8z/c= Subject key identifier: C6:AF:37:A4:47:D7:AA:4E:3C:4C:DA:8C:AC:6C:DB:E5:40:EA:57:FD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 168EFA269F932407BBC933907DC071D9524CA9F1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa Signing time: Sun 09 Nov 2025 00:50:10 +0000 ROA not before: Sun 09 Nov 2025 00:50:10 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Nov 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:8e:fa:26:9f:93:24:07:bb:c9:33:90:7d:c0:71:d9:52:4c:a9:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:50:10 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=541990250c4997b45740325ca326e378245195d710b93ced62a2db66d4b2421c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:32:c2:db:4d:4b:d9:2b:21:b3:3f:7f:40:f7: 7b:49:7d:3f:b5:19:07:b9:52:79:60:25:f4:a8:62: 73:e3:fa:42:a6:59:02:99:d4:db:62:40:f9:a4:23: 19:39:08:e6:ff:e5:b8:c4:8f:88:6e:ff:8f:dc:49: ee:f4:a4:71:69:b6:e3:dc:2f:9d:cd:e1:31:e0:3b: 78:ac:a3:50:9c:79:02:5d:33:8e:bf:dc:05:80:f9: ff:cc:40:30:91:af:f2:80:31:ad:7f:0b:7e:47:2b: 70:47:b9:38:78:c7:f0:28:f9:3e:e6:62:b8:6d:85: a7:3a:4b:16:ad:86:28:17:ef:2f:b9:f7:4c:37:60: ef:19:df:02:cc:4a:f2:80:e6:8b:18:bf:e1:92:af: 85:d3:69:01:d4:74:88:11:1a:3f:61:c5:9c:ac:d8: a0:cc:1d:02:ef:30:9a:17:90:08:52:19:c6:e4:51: a9:ed:dd:56:6b:a9:51:dc:a0:4c:c3:7f:66:7a:fb: 98:6c:fb:f7:67:92:d9:20:3a:81:e0:cc:8c:77:72: 62:44:d8:68:c5:84:70:f0:57:04:1e:45:5b:62:a0: 26:f2:c1:34:a7:1c:f1:a4:13:e0:a8:38:7a:af:9a: 16:fe:88:fe:87:2b:70:55:fc:37:68:01:a8:35:2b: b5:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:AF:37:A4:47:D7:AA:4E:3C:4C:DA:8C:AC:6C:DB:E5:40:EA:57:FD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:e000::/40 Signature Algorithm: sha256WithRSAEncryption 05:e1:3f:d4:50:5a:72:06:48:5b:26:82:b3:84:42:d2:58:8b: 03:91:8d:97:7d:93:8e:58:38:1c:e3:bc:91:fe:3d:85:c6:36: c9:0b:7c:39:46:54:67:ce:5a:6b:52:a2:35:74:91:44:52:4f: 2d:06:09:83:2b:45:b7:3d:f8:a3:57:09:16:2f:21:4d:83:8c: 88:e8:54:09:0f:e4:34:67:41:e4:04:95:da:8e:ae:b9:bc:47: 51:80:cf:cc:00:76:e0:8a:dc:04:52:45:9f:19:6a:e7:1a:43: 22:ba:74:2b:ec:29:38:57:d2:24:de:2e:99:68:1b:35:1b:e4: c0:6b:37:5f:de:e8:82:7e:c8:bf:3e:92:ef:3e:49:bd:35:74: ce:84:27:d4:c6:f3:fd:15:c4:dd:14:9d:d0:0b:2e:60:4e:17: 6d:8d:d7:81:6f:9f:8a:27:71:d3:24:63:0e:fe:6b:15:80:30: 99:b6:42:e3:a0:00:d6:5e:d7:ab:2b:1f:7d:b8:07:a8:f8:93: 9e:9d:3a:4f:5c:d9:2d:16:c7:f5:8b:57:42:96:b8:35:f8:80: 73:9f:2e:4c:c7:22:c1:c8:7f:fc:b8:37:5b:b0:a8:94:65:0e: 9c:eb:ac:43:7b:f8:25:17:d3:06:c1:8d:49:d8:95:57:9d:66: 37:f3:0f:50 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFo76Jp+TJAe7yTOQfcBx2VJMqfEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNTAxMFoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNANTQxOTkwMjUwYzQ5OTdiNDU3NDAz MjVjYTMyNmUzNzgyNDUxOTVkNzEwYjkzY2VkNjJhMmRiNjZkNGIyNDIxYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDLC201L2Sshsz9/QPd7SX0/tRkH uVJ5YCX0qGJz4/pCplkCmdTbYkD5pCMZOQjm/+W4xI+Ibv+P3Enu9KRxabbj3C+d zeEx4Dt4rKNQnHkCXTOOv9wFgPn/zEAwka/ygDGtfwt+RytwR7k4eMfwKPk+5mK4 bYWnOksWrYYoF+8vufdMN2DvGd8CzErygOaLGL/hkq+F02kB1HSIERo/YcWcrNig zB0C7zCaF5AIUhnG5FGp7d1Wa6lR3KBMw39mevuYbPv3Z5LZIDqB4MyMd3JiRNho xYRw8FcEHkVbYqAm8sE0pxzxpBPgqDh6r5oW/oj+hytwVfw3aAGoNSu1RwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMavN6RH16pOPEzajKxs2+VA6lf9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY0YWE4MTBkLWNjN2YtNDVmZS1iNzk0LWQyOTBjM2E1MTFjNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8eAwDQYJKoZIhvcNAQELBQADggEBAAXhP9RQWnIGSFsmgrOE QtJYiwORjZd9k45YOBzjvJH+PYXGNskLfDlGVGfOWmtSojV0kURSTy0GCYMrRbc9 +KNXCRYvIU2DjIjoVAkP5DRnQeQEldqOrrm8R1GAz8wAduCK3ARSRZ8ZaucaQyK6 dCvsKThX0iTeLploGzUb5MBrN1/e6IJ+yL8+ku8+Sb01dM6EJ9TG8/0VxN0UndAL LmBOF22N14Fvn4oncdMkYw7+axWAMJm2QuOgANZe16srH324B6j4k56dOk9c2S0W x/WLV0KWuDX4gHOfLkzHIsHIf/y4N1uwqJRlDpzrrEN7+CUX0wbBjUnYlVedZjfz D1A= -----END CERTIFICATE-----Generated at Sat Nov 15 08:54:29 2025 by rpki-client