$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6029da1d-7ade-4067-b6f0-551ead7b37a6.roa File: 6029da1d-7ade-4067-b6f0-551ead7b37a6.roa (raw, json) Hash identifier: 90LteaeZkO3Lm1lU03zAa6GOXUcwWh6I6eKhUSx/p94= Subject key identifier: 74:D2:9C:C1:4F:0C:2F:7D:A8:24:4E:1B:80:10:07:FD:A6:79:58:CB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A373AE5A1980904451B0F791EDD703FD9D1120B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6029da1d-7ade-4067-b6f0-551ead7b37a6.roa Signing time: Sat 01 Nov 2025 00:00:36 +0000 ROA not before: Sat 01 Nov 2025 00:00:36 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:37:3a:e5:a1:98:09:04:45:1b:0f:79:1e:dd:70:3f:d9:d1:12:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:36 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=e647b8166a8109a525430522344d9a3d370405fcbb9f156300afc2cb93219a74, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:b5:55:4f:a9:1e:d0:28:2c:3e:68:a4:66:6e: d3:c3:ea:0f:5d:35:ad:e8:d0:4b:fb:f0:fb:34:a5: 6f:13:0a:ea:38:c9:8b:d2:de:ce:05:2e:f8:72:4d: 1d:cf:2e:a2:60:5b:79:5a:6c:83:2a:8f:63:5c:9e: 78:d6:03:0a:4e:26:d9:10:3b:2f:ec:ba:4c:b6:6b: a0:be:69:32:6b:ae:5c:6e:cf:b7:96:4b:91:48:d8: 3f:74:84:a8:7b:85:23:02:01:02:32:2d:f9:25:c4: 04:a5:29:52:cb:d9:95:90:e7:39:53:c6:15:12:d1: 46:8e:0b:c2:46:bb:12:1d:40:77:ae:0e:64:d0:b4: 55:07:ce:8e:95:39:2b:20:50:cd:23:35:f5:cd:02: b1:15:3e:66:b0:08:2d:37:df:3a:73:d8:65:e9:49: f3:96:43:7b:24:a9:c5:af:41:13:56:42:46:62:4f: 87:fc:d0:5e:13:e6:fc:60:49:ff:1c:81:89:d8:4c: de:0e:9a:37:0f:7b:60:f6:1d:50:2c:a6:12:18:46: e6:5b:bf:f2:bd:35:df:25:9f:1f:42:93:ac:b5:6d: 62:3e:f3:ff:2a:0d:d0:07:51:66:44:c9:7d:4d:53: 21:6e:8d:91:68:12:bc:36:7e:67:4e:21:11:9c:95: d6:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:D2:9C:C1:4F:0C:2F:7D:A8:24:4E:1B:80:10:07:FD:A6:79:58:CB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6029da1d-7ade-4067-b6f0-551ead7b37a6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:2800::/40 Signature Algorithm: sha256WithRSAEncryption 52:0e:47:a3:57:dc:93:eb:c5:e2:bb:9b:57:f2:db:dd:3b:7b: 9a:b1:6c:5f:f5:ca:6a:e8:7a:29:d9:58:89:0f:fa:75:c0:08: de:49:37:ed:42:3e:2a:c2:af:23:2b:eb:bf:b4:ae:3a:6c:05: 1a:ba:6b:93:f1:b5:8e:ed:72:ff:16:a9:6e:db:43:37:1d:ee: b8:73:93:81:1a:e2:bc:86:df:af:5a:84:ea:35:66:76:4e:31: 6f:c2:d7:0d:6f:05:47:a4:95:60:39:59:bd:5f:21:9b:98:11: 61:85:d9:1e:10:4c:fc:49:a2:62:71:b3:c2:fa:26:8c:b4:34: bd:fd:5e:89:7b:17:59:19:c1:7f:e2:9c:f4:e2:0b:a2:7b:e5: d5:77:ff:6d:b4:89:93:ed:17:0f:75:b8:18:2f:17:b4:67:5e: c9:f4:8c:d9:e7:e8:4a:7c:30:cb:94:be:5d:9d:45:7c:f5:bc: 70:d2:68:d5:66:2f:ea:45:8f:51:c8:e9:d4:2a:9c:6a:0c:98: cf:70:ac:a2:3c:97:32:4d:02:9b:69:3c:91:37:fc:28:c4:71: 1c:a2:dc:c8:99:3f:a3:03:2e:85:e7:d5:db:87:a3:43:46:ed: 64:c0:8d:62:c9:2a:4f:94:06:1a:64:53:d9:e6:c6:bb:c9:e3: cd:5e:34:9f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOjc65aGYCQRFGw95Ht1wP9nREgswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDAzNloX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAZTY0N2I4MTY2YTgxMDlhNTI1NDMw NTIyMzQ0ZDlhM2QzNzA0MDVmY2JiOWYxNTYzMDBhZmMyY2I5MzIxOWE3NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrVVT6ke0CgsPmikZm7Tw+oPXTWt 6NBL+/D7NKVvEwrqOMmL0t7OBS74ck0dzy6iYFt5WmyDKo9jXJ541gMKTibZEDsv 7LpMtmugvmkya65cbs+3lkuRSNg/dISoe4UjAgECMi35JcQEpSlSy9mVkOc5U8YV EtFGjgvCRrsSHUB3rg5k0LRVB86OlTkrIFDNIzX1zQKxFT5msAgtN986c9hl6Unz lkN7JKnFr0ETVkJGYk+H/NBeE+b8YEn/HIGJ2EzeDpo3D3tg9h1QLKYSGEbmW7/y vTXfJZ8fQpOstW1iPvP/Kg3QB1FmRMl9TVMhbo2RaBK8Nn5nTiERnJXW7QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHTSnMFPDC99qCROG4AQB/2meVjLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwMjlkYTFkLTdhZGUtNDA2Ny1iNmYwLTU1MWVhZDdiMzdhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauSgwDQYJKoZIhvcNAQELBQADggEBAFIOR6NX3JPrxeK7m1fy 2907e5qxbF/1ymroeinZWIkP+nXACN5JN+1CPirCryMr67+0rjpsBRq6a5PxtY7t cv8WqW7bQzcd7rhzk4Ea4ryG369ahOo1ZnZOMW/C1w1vBUeklWA5Wb1fIZuYEWGF 2R4QTPxJomJxs8L6Joy0NL39Xol7F1kZwX/inPTiC6J75dV3/220iZPtFw91uBgv F7RnXsn0jNnn6Ep8MMuUvl2dRXz1vHDSaNVmL+pFj1HI6dQqnGoMmM9wrKI8lzJN AptpPJE3/CjEcRyi3MiZP6MDLoXn1duHo0NG7WTAjWLJKk+UBhpkU9nmxrvJ481e NJ8= -----END CERTIFICATE-----Generated at Wed Nov 5 07:59:04 2025 by rpki-client