$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0d59ec0e-e692-43d0-8c28-b0a696f2980c.roa File: 0d59ec0e-e692-43d0-8c28-b0a696f2980c.roa (raw, json) Hash identifier: bWW3ph9wTv6HH8QS7SX4R6WvEm3z3O/jVCpk5ZFralU= Subject key identifier: E6:35:F2:2D:EF:50:83:A7:31:B6:9D:79:F0:86:B4:B7:98:F1:B5:AF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0A1B17E24ED9AEEA93FB4CD41E2A4372A4CD97D8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0d59ec0e-e692-43d0-8c28-b0a696f2980c.roa Signing time: Sat 01 Nov 2025 00:00:04 +0000 ROA not before: Sat 01 Nov 2025 00:00:04 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:dab9:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:1b:17:e2:4e:d9:ae:ea:93:fb:4c:d4:1e:2a:43:72:a4:cd:97:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:04 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=828f780572b5f837a6c3e8f624eec74b8d59605a87a1fbee6d46f15687ae535c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:d0:f2:fd:f2:24:c0:cd:69:88:3e:75:80:e0: c4:c6:fb:a1:a0:77:61:3b:32:42:bf:49:ca:bf:8c: 27:6d:6d:8a:cd:ad:d5:ce:9a:3e:f1:85:53:24:52: 35:02:f5:d3:dd:4d:f5:9a:a3:c3:53:98:7c:b4:8a: 0b:e3:96:13:e7:df:91:80:bb:d9:c7:c9:b3:4b:f9: 5c:9c:ed:57:6f:70:1c:59:ce:77:82:6c:ec:27:c8: b3:79:22:e9:e9:c6:3f:6b:80:61:46:d7:ef:3b:48: 77:fe:21:1e:e3:ea:93:25:82:1e:8f:71:7b:08:ba: c2:12:f1:50:ec:34:70:35:07:5d:b9:7d:69:d4:ff: 48:a2:00:22:eb:81:03:30:db:f9:05:c6:ce:7b:75: 4f:6c:30:29:f2:52:e3:52:09:80:ca:c1:54:61:c8: 7d:d7:db:c7:a6:56:ae:c8:ca:dc:3d:e5:da:84:19: 7a:06:0a:c9:9a:d3:3c:45:e6:76:3a:7d:0d:48:81: 96:fd:70:c1:3b:9d:d0:61:df:97:ee:c4:20:dd:37: 10:a7:78:e9:1a:23:15:bf:2b:ed:d7:26:b5:31:0a: 64:ec:2d:c0:72:c7:ce:35:01:cb:33:60:87:79:15: 3e:cf:6a:d1:88:cb:53:e7:56:c4:27:2f:42:55:bc: d2:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:35:F2:2D:EF:50:83:A7:31:B6:9D:79:F0:86:B4:B7:98:F1:B5:AF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0d59ec0e-e692-43d0-8c28-b0a696f2980c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:c800::/40 Signature Algorithm: sha256WithRSAEncryption 8c:7d:ee:03:69:e9:ab:9b:92:67:e8:1d:8e:8f:b7:fd:fe:07: 77:19:60:18:94:7d:33:bc:e1:fd:e9:f7:8c:a1:8d:68:83:be: a9:a3:2d:d0:da:3b:2f:b3:a6:2d:56:97:5d:6b:74:de:57:30: 70:24:0e:96:ed:ed:9d:d3:9c:0e:cf:73:1f:a0:71:c9:1b:28: 1f:19:94:e3:49:5f:a4:f7:ca:22:45:8a:67:29:de:d7:d1:c9: 43:8a:58:c6:90:cf:54:11:e8:8c:09:18:e3:9f:93:bb:ee:fa: 06:45:1a:d0:85:f1:06:7b:ad:ea:0a:6e:20:9b:43:1e:6c:dc: ab:6f:00:14:aa:6b:24:3b:89:2c:6d:35:4f:dd:ab:26:8b:74: 7b:a5:ea:4b:6f:7f:4a:82:90:c8:b4:2c:1b:43:46:76:01:d6: cd:2b:5c:0f:9a:90:5f:ea:67:27:bb:2e:72:39:77:73:46:90: ad:91:a1:fe:8d:84:96:1d:e6:ad:d0:d4:96:9b:43:ef:f1:52: d5:22:1d:8d:64:ee:cf:a3:9a:91:ac:5e:83:bd:3e:72:2a:f4: 7c:bd:a3:eb:7a:29:08:cc:16:08:d2:de:74:d0:f3:17:3d:0e: 19:c1:5f:90:0f:69:7b:40:65:f7:ee:f5:35:34:20:08:d4:fc: ca:ce:ab:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUChsX4k7ZruqT+0zUHipDcqTNl9gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDAwNFoX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAODI4Zjc4MDU3MmI1ZjgzN2E2YzNl OGY2MjRlZWM3NGI4ZDU5NjA1YTg3YTFmYmVlNmQ0NmYxNTY4N2FlNTM1YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9Dy/fIkwM1piD51gODExvuhoHdh OzJCv0nKv4wnbW2Kza3Vzpo+8YVTJFI1AvXT3U31mqPDU5h8tIoL45YT59+RgLvZ x8mzS/lcnO1Xb3AcWc53gmzsJ8izeSLp6cY/a4BhRtfvO0h3/iEe4+qTJYIej3F7 CLrCEvFQ7DRwNQdduX1p1P9IogAi64EDMNv5BcbOe3VPbDAp8lLjUgmAysFUYch9 19vHplauyMrcPeXahBl6BgrJmtM8ReZ2On0NSIGW/XDBO53QYd+X7sQg3TcQp3jp GiMVvyvt1ya1MQpk7C3AcsfONQHLM2CHeRU+z2rRiMtT51bEJy9CVbzSEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOY18i3vUIOnMbadefCGtLeY8bWvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBkNTllYzBlLWU2OTItNDNkMC04YzI4LWIwYTY5NmYyOTgwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaucgwDQYJKoZIhvcNAQELBQADggEBAIx97gNp6aubkmfoHY6P t/3+B3cZYBiUfTO84f3p94yhjWiDvqmjLdDaOy+zpi1Wl11rdN5XMHAkDpbt7Z3T nA7Pcx+gcckbKB8ZlONJX6T3yiJFimcp3tfRyUOKWMaQz1QR6IwJGOOfk7vu+gZF GtCF8QZ7reoKbiCbQx5s3KtvABSqayQ7iSxtNU/dqyaLdHul6ktvf0qCkMi0LBtD RnYB1s0rXA+akF/qZye7LnI5d3NGkK2Rof6NhJYd5q3Q1JabQ+/xUtUiHY1k7s+j mpGsXoO9PnIq9Hy9o+t6KQjMFgjS3nTQ8xc9DhnBX5APaXtAZffu9TU0IAjU/MrO q5I= -----END CERTIFICATE-----Generated at Wed Nov 5 09:49:27 2025 by rpki-client