$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: gnryPjpgraWa085Nz1FuPRuNBcSBqODwa1lh0KXQ+BE= Subject key identifier: 67:2B:32:3C:D7:14:2B:A7:5E:B0:6A:6E:90:07:E3:86:94:49:50:5B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7D1BA2E04E832F1484F7C7C2505EB07A049B0ADA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Fri 17 Oct 2025 00:01:50 +0000 ROA not before: Fri 17 Oct 2025 00:01:50 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:1b:a2:e0:4e:83:2f:14:84:f7:c7:c2:50:5e:b0:7a:04:9b:0a:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:01:50 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=a13bf8d6130e084adf3ad4bd723cf7117358ee8558ef84ad6c47d7363ddb8eb4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:57:ba:5e:47:9c:d3:6f:ba:a7:41:ab:58:c9: 90:0c:2a:c8:3a:53:71:8d:38:e1:06:08:e3:4c:49: c0:a7:d3:30:4f:b6:fc:a4:f1:1e:45:9b:6c:03:5b: b7:bc:19:3d:b8:cb:59:3e:e3:fa:85:dc:b5:4a:6e: aa:ca:34:d1:5b:f5:dc:f6:6a:07:c3:b9:08:6b:13: f8:2c:f3:bd:77:12:c2:c6:d3:ce:9c:d5:5b:26:cd: 64:df:33:30:bb:7d:40:47:7b:f0:73:2f:2e:23:80: 58:80:b0:42:22:c3:72:ff:a4:01:15:ed:35:2c:06: 48:5e:8a:0d:3d:02:79:28:74:af:78:a0:7e:55:33: 11:fe:d6:1e:16:8d:c8:b0:23:0b:23:c8:05:ca:5d: 20:12:a9:df:24:c9:2f:73:ad:b3:01:ad:fd:5b:ca: 38:55:0f:3c:80:fc:d6:82:bb:a6:67:53:fd:92:a6: 96:bc:a1:95:49:3b:2c:a7:bd:91:fd:4e:36:55:40: 6a:1e:15:1d:d0:5e:27:84:30:e1:b2:e1:8c:5d:99: bb:22:c3:73:8f:b2:69:66:da:80:fb:d9:ac:68:58: a4:97:1d:9c:f6:9b:f8:68:6b:65:22:c0:c9:56:1b: 72:38:46:c2:e7:c8:57:d5:22:a2:9d:c2:be:8b:d3: 3f:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:2B:32:3C:D7:14:2B:A7:5E:B0:6A:6E:90:07:E3:86:94:49:50:5B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption 60:d4:84:12:c7:10:a3:1e:8d:99:50:dc:42:e1:50:97:84:ac: 4e:c6:7a:3b:a4:0b:1f:c9:b2:c0:05:51:12:7b:6f:cb:4c:2b: f7:f4:c7:c7:8a:30:5e:47:61:9c:2b:26:b6:1f:0e:38:d3:c7: 05:fc:fa:a8:c0:69:f7:60:7f:f2:6c:33:b3:41:a5:02:09:72: 39:8d:be:49:bd:c5:5e:ab:84:45:83:dc:2f:47:f8:57:30:f9: c3:29:10:91:0a:11:2b:89:21:2a:18:9b:f7:f6:87:1d:4f:2b: 21:ff:fb:7b:c7:57:25:aa:72:02:c4:76:e2:ef:1f:f8:ae:e9: 02:7d:74:b3:4c:ef:f6:f3:ca:e6:b4:ab:95:7a:cd:be:87:e7: d9:a5:49:ce:3e:f8:92:ce:e6:b9:c8:1a:26:a3:fa:13:7b:c1: 2a:c9:7b:06:b3:9d:68:7a:5b:d3:09:c3:28:dc:e1:fd:e1:ca: b5:1a:0e:be:a9:66:eb:95:8d:9c:77:a0:1c:66:11:37:a3:ba: b0:73:a9:68:c1:46:3d:d9:98:52:e7:6d:8c:74:fa:cf:7a:3e: 5a:e5:52:0a:d9:ab:bf:d1:8e:31:11:7d:06:fd:8f:61:16:bb: a2:69:1a:72:9a:72:22:fd:93:61:a2:3d:f9:c1:32:2a:85:51: 64:57:f3:f0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfRui4E6DLxSE98fCUF6wegSbCtowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDE1MFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAYTEzYmY4ZDYxMzBlMDg0YWRmM2Fk NGJkNzIzY2Y3MTE3MzU4ZWU4NTU4ZWY4NGFkNmM0N2Q3MzYzZGRiOGViNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtle6Xkec02+6p0GrWMmQDCrIOlNx jTjhBgjjTEnAp9MwT7b8pPEeRZtsA1u3vBk9uMtZPuP6hdy1Sm6qyjTRW/Xc9moH w7kIaxP4LPO9dxLCxtPOnNVbJs1k3zMwu31AR3vwcy8uI4BYgLBCIsNy/6QBFe01 LAZIXooNPQJ5KHSveKB+VTMR/tYeFo3IsCMLI8gFyl0gEqnfJMkvc62zAa39W8o4 VQ88gPzWgrumZ1P9kqaWvKGVSTssp72R/U42VUBqHhUd0F4nhDDhsuGMXZm7IsNz j7JpZtqA+9msaFiklx2c9pv4aGtlIsDJVhtyOEbC58hX1SKincK+i9M/GQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGcrMjzXFCunXrBqbpAH44aUSVBbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBAGDUhBLHEKMejZlQ3ELh UJeErE7GejukCx/JssAFURJ7b8tMK/f0x8eKMF5HYZwrJrYfDjjTxwX8+qjAafdg f/JsM7NBpQIJcjmNvkm9xV6rhEWD3C9H+Fcw+cMpEJEKESuJISoYm/f2hx1PKyH/ +3vHVyWqcgLEduLvH/iu6QJ9dLNM7/bzyua0q5V6zb6H59mlSc4++JLO5rnIGiaj +hN7wSrJewaznWh6W9MJwyjc4f3hyrUaDr6pZuuVjZx3oBxmETejurBzqWjBRj3Z mFLnbYx0+s96PlrlUgrZq7/RjjERfQb9j2EWu6JpGnKaciL9k2GiPfnBMiqFUWRX 8/A= -----END CERTIFICATE-----Generated at Wed Nov 5 07:44:13 2025 by rpki-client