$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f805aa7-7757-4dfc-8db8-2227e256fb3b.roa File: 5f805aa7-7757-4dfc-8db8-2227e256fb3b.roa (raw, json) Hash identifier: xJavOOS7naNnVMeYKpbKDXX6uBfdNeSevwXgIbfXyP8= Subject key identifier: F5:CF:5B:F4:92:C9:C4:3C:CA:EB:0B:96:59:A8:A7:6E:75:03:D3:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3978A5664029739C8095259798D66BCA00493CFA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f805aa7-7757-4dfc-8db8-2227e256fb3b.roa Signing time: Wed 05 Nov 2025 00:00:06 +0000 ROA not before: Wed 05 Nov 2025 00:00:06 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:78:a5:66:40:29:73:9c:80:95:25:97:98:d6:6b:ca:00:49:3c:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:06 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=231bd501f8f892d97b6b580cc20cd1fc0b3fd2d250fcbdbe1c5415f7f32abe87, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:33:06:bf:2f:15:1a:cd:78:a8:04:98:aa:36: cc:ea:b0:d6:65:6d:40:52:9c:c0:ab:16:3e:12:fc: 6e:12:84:d7:d0:0f:21:ac:6d:01:0f:a0:8f:3f:4f: 2b:f7:5f:11:13:bc:19:06:ef:f3:3d:fd:81:a2:87: 8a:d9:0a:f9:5f:a9:20:67:a8:b1:40:ed:66:e5:78: 7f:23:ac:5e:05:b8:32:24:2c:ff:c7:98:71:69:fa: ea:f2:73:d1:5f:aa:e3:8d:59:2b:8c:f9:66:41:75: dc:23:c3:94:3f:26:76:46:3c:86:51:6b:56:99:60: b8:49:04:7a:a7:ea:ea:90:74:9a:65:91:1b:66:ed: 4e:90:f6:9b:74:0b:ef:97:aa:09:63:00:80:42:1b: 32:51:f5:57:e4:a2:42:35:19:a3:cb:b9:a4:10:aa: 79:b0:55:76:d5:21:91:fa:fe:22:af:45:3e:2a:58: 44:34:74:21:b7:66:9e:59:03:1d:01:30:e7:95:54: 55:18:29:72:b8:4b:c7:02:46:72:19:84:88:6a:98: 11:15:68:dd:00:cb:3b:e7:6d:ab:73:74:a2:d1:dd: 3a:ba:00:7f:44:2b:0d:c0:c1:d9:9c:20:39:65:e8: 33:22:86:97:23:85:2a:3e:02:3a:49:0a:0c:0e:bc: dc:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:CF:5B:F4:92:C9:C4:3C:CA:EB:0B:96:59:A8:A7:6E:75:03:D3:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f805aa7-7757-4dfc-8db8-2227e256fb3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6080::/48 Signature Algorithm: sha256WithRSAEncryption 50:42:96:b9:60:a8:6d:69:0c:8c:6a:02:9f:3f:23:57:b5:9b: 52:8e:08:4f:68:82:d0:d6:a1:a6:17:55:37:5a:37:8c:dc:25: 82:1e:6f:2d:71:24:21:09:ab:8a:57:a1:6c:f5:78:cb:c0:b5: b9:f8:8f:40:0e:6b:1d:f1:4e:db:35:a7:1d:13:0b:22:53:b8: f5:fd:ae:25:f1:ad:c5:0a:95:a3:8e:07:ca:5a:aa:5b:24:b1: ac:55:d2:10:cb:81:46:3d:ed:ac:78:92:5e:6c:72:10:93:ef: 1c:d4:ef:5b:51:00:ad:e2:8c:9d:56:e7:05:f7:03:b5:0c:e2: 31:c8:28:79:cb:b7:bf:59:76:26:da:99:cd:1d:18:c1:c6:10: f1:0a:9a:07:65:e9:7c:96:43:50:80:81:ef:79:67:64:df:4b: ab:a0:8e:28:45:31:bd:85:96:73:b7:6f:cf:f4:11:12:0b:6a: 89:9d:98:f8:42:60:90:90:eb:f6:13:cf:47:bf:09:94:52:0a: f3:4b:a3:52:06:95:df:79:e8:49:37:fb:bd:73:2f:f8:ab:99: 09:00:48:eb:58:45:c8:68:5f:1d:e2:bd:d0:05:b8:b0:c7:06: 7a:62:d8:45:d5:08:d3:64:24:38:6e:41:37:51:b0:af:8e:43: f8:ed:b4:e0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOXilZkApc5yAlSWXmNZrygBJPPowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDAwNloX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAMjMxYmQ1MDFmOGY4OTJkOTdiNmI1 ODBjYzIwY2QxZmMwYjNmZDJkMjUwZmNiZGJlMWM1NDE1ZjdmMzJhYmU4NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzMGvy8VGs14qASYqjbM6rDWZW1A UpzAqxY+EvxuEoTX0A8hrG0BD6CPP08r918RE7wZBu/zPf2BooeK2Qr5X6kgZ6ix QO1m5Xh/I6xeBbgyJCz/x5hxafrq8nPRX6rjjVkrjPlmQXXcI8OUPyZ2RjyGUWtW mWC4SQR6p+rqkHSaZZEbZu1OkPabdAvvl6oJYwCAQhsyUfVX5KJCNRmjy7mkEKp5 sFV21SGR+v4ir0U+KlhENHQht2aeWQMdATDnlVRVGClyuEvHAkZyGYSIapgRFWjd AMs7522rc3Si0d06ugB/RCsNwMHZnCA5ZegzIoaXI4UqPgI6SQoMDrzcvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPXPW/SSycQ8yusLllmop251A9OcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVmODA1YWE3LTc3NTctNGRmYy04ZGI4LTIyMjdlMjU2ZmIzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGCAMA0GCSqGSIb3DQEBCwUAA4IBAQBQQpa5YKhtaQyMagKf PyNXtZtSjghPaILQ1qGmF1U3WjeM3CWCHm8tcSQhCauKV6Fs9XjLwLW5+I9ADmsd 8U7bNacdEwsiU7j1/a4l8a3FCpWjjgfKWqpbJLGsVdIQy4FGPe2seJJebHIQk+8c 1O9bUQCt4oydVucF9wO1DOIxyCh5y7e/WXYm2pnNHRjBxhDxCpoHZel8lkNQgIHv eWdk30uroI4oRTG9hZZzt2/P9BESC2qJnZj4QmCQkOv2E89HvwmUUgrzS6NSBpXf eehJN/u9cy/4q5kJAEjrWEXIaF8d4r3QBbiwxwZ6YthF1QjTZCQ4bkE3UbCvjkP4 7bTg -----END CERTIFICATE-----Generated at Wed Nov 5 11:04:25 2025 by rpki-client