$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7061fa-5c37-4494-8c7f-d198ecf9a78a.roa File: 5a7061fa-5c37-4494-8c7f-d198ecf9a78a.roa (raw, json) Hash identifier: fPpmqW/8CHQPoDnpBld6QueSVLmCc5B7TPPD4Ipllz8= Subject key identifier: 46:20:54:5F:2C:D7:AE:12:E5:AC:A9:CF:54:A2:49:F8:BA:D8:DA:AF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5E7552D584D5C71927C366378C543FD2EA9444D4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7061fa-5c37-4494-8c7f-d198ecf9a78a.roa Signing time: Wed 29 Oct 2025 00:00:48 +0000 ROA not before: Wed 29 Oct 2025 00:00:48 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:75:52:d5:84:d5:c7:19:27:c3:66:37:8c:54:3f:d2:ea:94:44:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:00:48 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=d3fe44d25b2cfcc3f7dab67545614a13d8fc2568c3fa35d75fdae9a699867afd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:7a:f0:c2:f9:e7:1a:7a:25:79:e2:92:a8:40: 3f:92:c1:73:09:71:25:e0:99:4c:2b:f7:c2:a4:52: 84:64:20:14:4a:5e:9f:43:98:d7:04:7c:99:d8:85: 9e:8c:91:fe:c3:43:6c:62:07:72:01:cf:31:77:79: e6:bd:fb:02:12:92:43:c7:98:96:52:90:70:17:4a: 28:e5:f3:5b:53:05:78:84:f9:29:50:07:d8:de:9f: d4:6c:0d:40:a4:11:6f:06:64:50:8e:52:11:d6:f8: f1:a9:67:25:03:0b:3c:9b:ca:77:cf:1e:c0:e4:7d: 80:14:2c:e0:ee:c3:a4:98:dd:22:d6:e6:c7:e8:23: 6f:1f:00:5f:c9:c1:19:e8:66:70:b6:f9:91:45:3f: a1:de:71:5e:18:67:e3:a4:8b:68:1a:48:b8:8d:b6: 01:19:ed:36:40:6a:3f:9c:bf:7a:e1:0a:61:d6:ec: 32:81:1e:24:72:c1:e8:46:ce:cd:49:1e:2d:9d:b7: f5:bc:11:c1:24:df:7c:ea:9b:19:eb:69:ca:9e:87: 61:7b:44:6d:37:e0:af:6a:89:74:d2:44:ac:67:a8: 7c:a2:1e:6c:8c:ba:9f:14:1d:44:c1:45:6d:87:d9: d8:54:02:83:ea:21:06:81:2a:d9:4f:68:9d:fa:ca: 26:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:20:54:5F:2C:D7:AE:12:E5:AC:A9:CF:54:A2:49:F8:BA:D8:DA:AF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7061fa-5c37-4494-8c7f-d198ecf9a78a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:c800::/40 Signature Algorithm: sha256WithRSAEncryption 5e:03:9e:f0:b5:7e:95:4f:35:b2:bd:99:4c:80:b8:c9:4a:31: ad:46:94:ce:7b:c0:57:29:70:52:88:db:f1:81:6f:ac:64:be: 6e:34:31:75:7c:16:73:40:50:0c:ff:c5:bd:82:02:04:9f:6c: a3:30:a6:54:ef:af:a0:d3:7a:11:c9:eb:ba:ff:03:83:a0:86: 7a:42:7f:bd:40:5f:99:ca:d6:9b:4d:22:1a:78:c6:30:2c:d5: 22:91:d4:d7:70:1f:44:59:27:f5:2c:66:8b:f9:0b:c8:9e:a2: 84:a4:ee:d1:f7:63:4d:c8:c1:2d:b6:bb:a6:b5:ec:9a:5d:08: 5d:1b:f0:04:bb:d1:32:15:0b:bb:d4:1d:01:83:8a:60:dc:31: 89:b2:ec:ff:40:31:e4:c1:1e:4a:97:bb:a9:5e:38:26:71:7b: b7:cb:cb:5b:02:18:2c:d5:d3:e1:97:13:34:89:fb:1d:a6:ca: be:6e:71:9b:b8:2f:fe:96:4e:7e:5d:d7:0d:11:98:d5:0d:79: 39:46:65:1d:6d:d6:68:f2:b1:11:e5:70:b5:3a:ad:04:9e:c8: 4e:bd:bc:e8:c8:6e:fb:3d:0c:27:c9:0c:78:53:58:c3:d1:c2: 9e:f3:1d:74:3a:68:c8:30:8b:3e:24:17:3e:7e:fd:8f:f6:24: 55:bb:12:1a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXnVS1YTVxxknw2Y3jFQ/0uqURNQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMDA0OFoX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAZDNmZTQ0ZDI1YjJjZmNjM2Y3ZGFi Njc1NDU2MTRhMTNkOGZjMjU2OGMzZmEzNWQ3NWZkYWU5YTY5OTg2N2FmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXrwwvnnGnoleeKSqEA/ksFzCXEl 4JlMK/fCpFKEZCAUSl6fQ5jXBHyZ2IWejJH+w0NsYgdyAc8xd3nmvfsCEpJDx5iW UpBwF0oo5fNbUwV4hPkpUAfY3p/UbA1ApBFvBmRQjlIR1vjxqWclAws8m8p3zx7A 5H2AFCzg7sOkmN0i1ubH6CNvHwBfycEZ6GZwtvmRRT+h3nFeGGfjpItoGki4jbYB Ge02QGo/nL964Qph1uwygR4kcsHoRs7NSR4tnbf1vBHBJN986psZ62nKnodhe0Rt N+Cvaol00kSsZ6h8oh5sjLqfFB1EwUVth9nYVAKD6iEGgSrZT2id+somiwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEYgVF8s164S5aypz1SiSfi62NqvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVhNzA2MWZhLTVjMzctNDQ5NC04YzdmLWQxOThlY2Y5YTc4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaMgwDQYJKoZIhvcNAQELBQADggEBAF4DnvC1fpVPNbK9mUyA uMlKMa1GlM57wFcpcFKI2/GBb6xkvm40MXV8FnNAUAz/xb2CAgSfbKMwplTvr6DT ehHJ67r/A4OghnpCf71AX5nK1ptNIhp4xjAs1SKR1NdwH0RZJ/UsZov5C8ieooSk 7tH3Y03IwS22u6a17JpdCF0b8AS70TIVC7vUHQGDimDcMYmy7P9AMeTBHkqXu6le OCZxe7fLy1sCGCzV0+GXEzSJ+x2myr5ucZu4L/6WTn5d1w0RmNUNeTlGZR1t1mjy sRHlcLU6rQSeyE69vOjIbvs9DCfJDHhTWMPRwp7zHXQ6aMgwiz4kFz5+/Y/2JFW7 Eho= -----END CERTIFICATE-----Generated at Wed Nov 5 11:26:16 2025 by rpki-client