$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/445d78ad-29c7-49fd-ad71-7cd16140cfce.roa File: 445d78ad-29c7-49fd-ad71-7cd16140cfce.roa (raw, json) Hash identifier: 8hGyW//WArOV8nNKdQIaaXQUIEp2SGt8XAu0MqS8gn4= Subject key identifier: FA:CD:E5:95:54:FB:B0:19:D7:66:43:35:D7:A7:14:DB:78:3E:6F:21 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D7A23FBFA5B3CC2DFCEF1480BCE697014C37523 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/445d78ad-29c7-49fd-ad71-7cd16140cfce.roa Signing time: Tue 21 Oct 2025 00:00:06 +0000 ROA not before: Tue 21 Oct 2025 00:00:06 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:7a:23:fb:fa:5b:3c:c2:df:ce:f1:48:0b:ce:69:70:14:c3:75:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:06 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=e79d67e9f82422d0a015c8a14cd362dcd4b189e2e1334747f702ebebcb9044e5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b4:c5:c9:9b:8a:59:92:b5:9c:ae:83:03:ae: d9:b3:25:ea:41:16:a5:29:34:58:12:0e:bc:8a:8f: 20:f9:76:59:1e:a5:3e:9f:40:fc:91:7f:a0:29:d3: cc:40:84:a8:34:b5:39:3a:f6:71:cb:8a:a7:92:8b: a2:e1:e5:72:77:b5:cd:e1:ee:c3:d2:2e:2a:d6:7a: 39:6f:5c:45:60:b8:cb:47:9f:4d:46:ba:42:2e:56: 60:a7:64:22:1f:93:04:b8:c3:8b:ae:d5:64:4c:49: de:58:4d:5d:39:5c:8e:bd:33:8a:2f:b3:e8:69:af: 67:cc:c8:08:6b:d1:99:38:3a:b6:77:6d:0e:63:e1: b6:b8:ce:0c:dc:3d:c6:f5:91:4a:3e:a8:05:72:e2: b0:18:ce:cf:ff:bc:cb:64:c6:fb:39:70:93:6f:e7: dc:9d:36:8c:5b:9c:fc:61:e5:61:ee:28:86:cb:37: 8c:e8:c0:35:2e:44:c4:d2:51:bc:c8:fa:8c:8c:2a: 2f:72:a5:84:5f:31:55:bc:1f:59:98:22:a9:a3:a0: 0c:56:ea:7c:90:2f:dc:76:45:a0:e4:4b:53:1c:54: e7:95:14:74:48:a3:bd:2f:d1:d9:74:a9:e6:d3:e4: 11:fd:9b:c6:de:dc:7d:7d:18:8e:a0:a7:42:60:59: dc:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:CD:E5:95:54:FB:B0:19:D7:66:43:35:D7:A7:14:DB:78:3E:6F:21 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/445d78ad-29c7-49fd-ad71-7cd16140cfce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:6000::/40 Signature Algorithm: sha256WithRSAEncryption 54:6d:24:11:91:d7:ca:82:4e:c1:dd:c6:07:b9:1a:f7:a4:38: 16:4f:0d:40:32:fd:69:8f:29:ce:d8:8b:e8:1a:ed:cd:9f:7e: 06:27:d8:5b:38:b5:ff:f5:45:a7:d4:d8:e5:1c:34:e3:21:f6: 3f:d0:47:fa:7a:96:39:b1:17:e8:09:5e:e9:46:d0:e2:7e:b4: dc:22:26:b4:22:3f:b0:82:93:a0:03:ff:9a:55:4e:93:40:b4: 44:f7:df:a1:a5:08:ea:62:10:49:fc:e4:a6:d5:e3:55:ea:90: 88:2b:8a:0a:fa:57:66:ee:be:96:6c:4c:bd:15:5a:ee:be:7b: af:1d:f8:14:7c:ba:c7:31:b5:98:e5:e0:13:9c:ec:75:ac:2c: db:f0:2d:f2:11:04:8d:61:ba:1d:15:78:07:1e:26:b4:4f:e0: 67:25:29:1f:83:6b:e8:74:2f:b3:dc:6e:64:95:75:da:d9:bb: 9f:f6:51:4e:8f:5c:a1:62:0b:cc:f1:65:7b:93:86:35:d1:ab: 24:13:c7:38:75:5a:b0:a7:c9:7a:d1:63:6f:cd:2a:38:83:99: be:38:76:64:25:c5:a4:86:e6:5d:58:72:99:a9:e6:48:65:24: f0:a3:45:ef:b6:7c:0a:46:03:c3:87:ef:9b:1e:ea:9b:93:b0: 1b:65:0d:0c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDXoj+/pbPMLfzvFIC85pcBTDdSMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDAwNloX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNAZTc5ZDY3ZTlmODI0MjJkMGEwMTVj OGExNGNkMzYyZGNkNGIxODllMmUxMzM0NzQ3ZjcwMmViZWJjYjkwNDRlNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLTFyZuKWZK1nK6DA67ZsyXqQRal KTRYEg68io8g+XZZHqU+n0D8kX+gKdPMQISoNLU5OvZxy4qnkoui4eVyd7XN4e7D 0i4q1no5b1xFYLjLR59NRrpCLlZgp2QiH5MEuMOLrtVkTEneWE1dOVyOvTOKL7Po aa9nzMgIa9GZODq2d20OY+G2uM4M3D3G9ZFKPqgFcuKwGM7P/7zLZMb7OXCTb+fc nTaMW5z8YeVh7iiGyzeM6MA1LkTE0lG8yPqMjCovcqWEXzFVvB9ZmCKpo6AMVup8 kC/cdkWg5EtTHFTnlRR0SKO9L9HZdKnm0+QR/ZvG3tx9fRiOoKdCYFncCwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPrN5ZVU+7AZ12ZDNdenFNt4Pm8hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ0NWQ3OGFkLTI5YzctNDlmZC1hZDcxLTdjZDE2MTQwY2ZjZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba72AwDQYJKoZIhvcNAQELBQADggEBAFRtJBGR18qCTsHdxge5 GvekOBZPDUAy/WmPKc7Yi+ga7c2ffgYn2Fs4tf/1RafU2OUcNOMh9j/QR/p6ljmx F+gJXulG0OJ+tNwiJrQiP7CCk6AD/5pVTpNAtET336GlCOpiEEn85KbV41XqkIgr igr6V2buvpZsTL0VWu6+e68d+BR8uscxtZjl4BOc7HWsLNvwLfIRBI1huh0VeAce JrRP4GclKR+Da+h0L7PcbmSVddrZu5/2UU6PXKFiC8zxZXuThjXRqyQTxzh1WrCn yXrRY2/NKjiDmb44dmQlxaSG5l1Ycpmp5khlJPCjRe+2fApGA8OH75se6puTsBtl DQw= -----END CERTIFICATE-----Generated at Wed Nov 5 05:45:30 2025 by rpki-client