$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa File: 1633925d-77e5-4142-aee7-593dea039740.roa (raw, json) Hash identifier: wG3EI3ENAuirwPigZaLovIqIYmanH5jLWshr4rE+SmY= Subject key identifier: 04:43:4F:4E:CA:4B:DE:20:BA:6B:B2:65:DF:AB:F0:29:E3:3E:84:8B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09308433755EB66F34C0108D2D161CF59F8ED38F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa Signing time: Tue 04 Nov 2025 00:00:46 +0000 ROA not before: Tue 04 Nov 2025 00:00:46 +0000 ROA not after: Tue 09 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:30:84:33:75:5e:b6:6f:34:c0:10:8d:2d:16:1c:f5:9f:8e:d3:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 4 00:00:46 2025 GMT Not After : Dec 9 23:59:59 2025 GMT Subject: serialNumber=cd932045f173aeb9e532404331a1d89808f2713696b4201d6815ae3658599000, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e2:3f:a1:d6:43:dc:fd:0b:d2:df:ef:84:a5: 78:42:23:9c:5c:8d:34:fb:b8:db:43:67:80:fd:f1: 30:6c:41:e2:a1:80:38:5b:70:f1:30:a3:3a:21:ee: de:50:f6:10:20:8a:d4:39:f3:89:ea:4d:37:15:ef: 6e:85:a6:48:82:be:18:81:89:25:58:48:fa:26:9b: 31:6a:65:f3:03:ae:07:cd:da:2a:cd:de:32:0d:da: a0:6d:a0:bf:ef:f8:d6:91:2b:65:8c:00:39:d8:09: ee:e8:21:6b:6e:4e:cd:83:23:c1:30:1d:97:28:a5: b4:49:ac:42:a0:d5:fe:fb:f3:d8:e8:71:18:24:83: ca:d9:ce:20:8b:8c:bb:22:8a:8c:1e:f8:23:44:02: 98:bb:3d:86:f9:1a:22:4e:46:94:82:35:8d:2a:a3: 60:b7:fc:24:75:7e:67:88:dc:68:e4:5d:9c:81:c5: 8e:5d:18:b7:5a:1e:28:b6:c8:2a:97:63:8f:af:87: 62:2d:9b:cc:2c:94:b3:85:ac:9c:ca:0c:9a:a2:2c: a5:03:b4:1b:c2:fc:95:1f:3f:59:b6:5a:6f:06:17: b5:0b:6b:6f:1d:56:72:65:a6:b8:47:e7:42:cf:e2: 05:8c:cf:7c:d0:28:25:8c:57:b8:0b:8c:ba:17:de: 4d:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:43:4F:4E:CA:4B:DE:20:BA:6B:B2:65:DF:AB:F0:29:E3:3E:84:8B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:f000::/40 Signature Algorithm: sha256WithRSAEncryption 7c:e4:a4:4f:c7:31:81:d7:9a:22:9b:38:4a:11:1b:8e:b3:1d: f2:70:c1:94:ab:aa:82:93:2a:e3:0b:07:61:fa:6f:ce:f5:2d: e4:c0:9b:72:f1:3b:a3:ad:6c:41:2e:cf:d7:79:92:b4:70:5b: 4d:5d:73:b0:06:86:ec:08:ff:a8:b5:36:df:04:8c:14:5d:d4: 4f:06:1b:8b:f4:d9:ba:f3:0f:b4:6b:9f:20:7d:05:c7:b3:98: 90:81:ef:4c:15:21:0b:38:d2:08:e9:9c:c4:9a:0c:a4:bf:c2: aa:ee:25:57:d2:34:cc:e9:cf:cc:d8:0d:bc:ff:06:10:20:2d: c2:94:02:c4:55:c2:29:c5:9e:79:e1:97:4c:4c:a2:2f:ec:16: 42:21:d7:a3:4d:fa:95:98:06:06:9b:73:7c:b1:2f:73:41:21: ee:8b:62:03:da:a6:c0:99:2b:ce:bc:8e:c9:da:8d:34:60:bc: d7:fc:88:00:21:17:99:3e:1f:04:7b:a8:d3:7d:aa:be:e9:86: da:55:a5:7f:73:5c:4c:08:aa:10:46:9c:ce:93:6c:bb:09:aa: 0c:51:1c:71:e8:b7:cd:57:06:75:e3:a3:d1:95:df:09:de:b9: 48:8b:27:81:7d:b0:f6:bf:f3:72:20:00:05:08:17:2c:62:98: 2b:82:68:96 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCTCEM3Vetm80wBCNLRYc9Z+O048wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNDAwMDA0NloX DTI1MTIwOTIzNTk1OVowejFJMEcGA1UEBRNAY2Q5MzIwNDVmMTczYWViOWU1MzI0 MDQzMzFhMWQ4OTgwOGYyNzEzNjk2YjQyMDFkNjgxNWFlMzY1ODU5OTAwMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeI/odZD3P0L0t/vhKV4QiOcXI00 +7jbQ2eA/fEwbEHioYA4W3DxMKM6Ie7eUPYQIIrUOfOJ6k03Fe9uhaZIgr4YgYkl WEj6JpsxamXzA64Hzdoqzd4yDdqgbaC/7/jWkStljAA52Anu6CFrbk7NgyPBMB2X KKW0SaxCoNX++/PY6HEYJIPK2c4gi4y7IoqMHvgjRAKYuz2G+RoiTkaUgjWNKqNg t/wkdX5niNxo5F2cgcWOXRi3Wh4otsgql2OPr4diLZvMLJSzhaycygyaoiylA7Qb wvyVHz9ZtlpvBhe1C2tvHVZyZaa4R+dCz+IFjM980CgljFe4C4y6F95NjQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFARDT07KS94gumuyZd+r8CnjPoSLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2MzM5MjVkLTc3ZTUtNDE0Mi1hZWU3LTU5M2RlYTAzOTc0MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9vAwDQYJKoZIhvcNAQELBQADggEBAHzkpE/HMYHXmiKbOEoR G46zHfJwwZSrqoKTKuMLB2H6b871LeTAm3LxO6OtbEEuz9d5krRwW01dc7AGhuwI /6i1Nt8EjBRd1E8GG4v02brzD7RrnyB9BcezmJCB70wVIQs40gjpnMSaDKS/wqru JVfSNMzpz8zYDbz/BhAgLcKUAsRVwinFnnnhl0xMoi/sFkIh16NN+pWYBgabc3yx L3NBIe6LYgPapsCZK868jsnajTRgvNf8iAAhF5k+HwR7qNN9qr7phtpVpX9zXEwI qhBGnM6TbLsJqgxRHHHot81XBnXjo9GV3wneuUiLJ4F9sPa/83IgAAUIFyximCuC aJY= -----END CERTIFICATE-----Generated at Wed Nov 5 11:26:28 2025 by rpki-client