$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa File: 635b223e-f641-496e-be0c-3d916b763149.roa (raw, json) Hash identifier: oVAMnAerEXylRl4msk3x5AVsXHzHgKxwPcW+noCKs9E= Subject key identifier: 84:5D:2F:F9:A8:55:89:08:6C:FF:61:B8:70:D2:E1:20:DC:63:0E:2B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 054BE7461A95CB1AF354CCA235B0638391C791FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa Signing time: Fri 31 Oct 2025 00:00:06 +0000 ROA not before: Fri 31 Oct 2025 00:00:06 +0000 ROA not after: Fri 05 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da29::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:4b:e7:46:1a:95:cb:1a:f3:54:cc:a2:35:b0:63:83:91:c7:91:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 31 00:00:06 2025 GMT Not After : Dec 5 23:59:59 2025 GMT Subject: serialNumber=5530bec4e4e06276cc76e36c5537edd5f8e40949995dc23bafdc3e0ded70a233, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:cb:ce:fe:f4:ed:b4:01:e8:f4:eb:07:94:1e: eb:b0:19:1d:5c:57:5a:e0:f5:19:52:eb:0b:74:02: 93:29:46:48:58:cc:53:04:09:08:10:58:a6:71:32: 6a:3c:b6:d3:2f:fd:6b:f6:3a:83:b1:75:8f:60:b6: 7d:b8:bb:6a:2a:14:01:2c:78:a2:bb:43:81:cc:2e: 39:0d:8e:f0:54:17:07:58:86:ee:3f:5b:e9:61:e5: 74:ed:f8:81:0a:3d:2d:58:3c:85:5f:09:28:40:03: a1:ea:c6:57:d7:a2:86:89:20:35:76:a2:6e:18:75: 47:53:76:e1:6d:53:53:3c:05:0b:9e:91:a0:eb:10: 8c:be:f9:f3:e6:38:38:79:50:c8:74:71:e6:29:c9: e9:fd:d9:5e:b0:fe:da:82:1d:6e:77:3e:92:af:2f: 16:5a:eb:52:7d:78:a6:d1:0d:06:92:47:f7:92:71: 7c:96:9f:31:0b:70:3c:04:ec:8e:23:71:46:22:54: f2:dc:1d:4f:40:fd:ba:31:0e:4b:a0:31:58:84:45: 0f:fc:be:c1:9d:6d:a6:d8:ff:a9:c5:f8:44:01:ab: 3b:ff:43:fb:ea:f6:90:cb:80:d5:c6:1b:f4:ed:c3: 0c:26:d0:5c:35:78:38:37:64:dd:2f:4f:86:67:c9: ac:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:5D:2F:F9:A8:55:89:08:6C:FF:61:B8:70:D2:E1:20:DC:63:0E:2B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da29::/36 Signature Algorithm: sha256WithRSAEncryption aa:a6:c4:69:6b:26:f1:fb:e0:5d:a6:d5:5b:8e:18:bd:2e:a8: 20:87:c9:ec:c6:ad:8a:d5:bd:df:0a:6e:a7:12:11:38:3f:80: 98:3c:e1:97:a7:22:9e:58:6f:66:4b:8d:3b:dd:25:a4:6a:81: c4:e7:ba:03:7a:00:10:5e:2d:20:e5:80:c2:74:40:d2:f6:71: 50:bc:1a:c3:22:f0:dc:31:e4:0b:51:8a:79:2b:62:27:39:30: 8e:fc:2f:2f:78:75:1e:7c:c4:a2:65:13:3e:a7:90:14:88:02: 47:03:f1:19:63:1c:40:8a:5b:0f:9e:df:d0:68:48:f0:74:42: 8a:9d:2e:48:b7:3b:12:87:34:68:c8:32:44:8c:ff:a8:f6:b6: 31:27:b3:32:a2:4e:9d:2d:9e:e0:7d:87:66:dd:4a:02:8d:e6: 95:8f:4b:31:70:2e:e6:38:3c:59:89:4e:59:fc:cf:25:40:9f: 10:9f:ee:75:bd:31:b6:56:ff:33:56:f6:be:37:dd:1e:12:2c: 8f:ce:13:9d:b3:26:d2:21:6a:3f:47:d1:88:35:40:c6:fc:5a: e9:da:f0:b0:e9:28:2c:0d:c1:b5:e0:38:a5:ae:67:9b:be:63: 40:eb:2e:80:5d:ab:10:a2:1a:10:c3:c0:17:a8:8f:63:af:13: 60:8a:51:0f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBUvnRhqVyxrzVMyiNbBjg5HHkfowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAzMTAwMDAwNloX DTI1MTIwNTIzNTk1OVowejFJMEcGA1UEBRNANTUzMGJlYzRlNGUwNjI3NmNjNzZl MzZjNTUzN2VkZDVmOGU0MDk0OTk5NWRjMjNiYWZkYzNlMGRlZDcwYTIzMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsvO/vTttAHo9OsHlB7rsBkdXFda 4PUZUusLdAKTKUZIWMxTBAkIEFimcTJqPLbTL/1r9jqDsXWPYLZ9uLtqKhQBLHii u0OBzC45DY7wVBcHWIbuP1vpYeV07fiBCj0tWDyFXwkoQAOh6sZX16KGiSA1dqJu GHVHU3bhbVNTPAULnpGg6xCMvvnz5jg4eVDIdHHmKcnp/dlesP7agh1udz6Sry8W WutSfXim0Q0Gkkf3knF8lp8xC3A8BOyOI3FGIlTy3B1PQP26MQ5LoDFYhEUP/L7B nW2m2P+pxfhEAas7/0P76vaQy4DVxhv07cMMJtBcNXg4N2TdL0+GZ8mspQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIRdL/moVYkIbP9huHDS4SDcYw4rMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYzNWIyMjNlLWY2NDEtNDk2ZS1iZTBjLTNkOTE2Yjc2MzE0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKQAwDQYJKoZIhvcNAQELBQADggEBAKqmxGlrJvH74F2m1VuO GL0uqCCHyezGrYrVvd8KbqcSETg/gJg84ZenIp5Yb2ZLjTvdJaRqgcTnugN6ABBe LSDlgMJ0QNL2cVC8GsMi8Nwx5AtRinkrYic5MI78Ly94dR58xKJlEz6nkBSIAkcD 8RljHECKWw+e39BoSPB0QoqdLki3OxKHNGjIMkSM/6j2tjEnszKiTp0tnuB9h2bd SgKN5pWPSzFwLuY4PFmJTln8zyVAnxCf7nW9MbZW/zNW9r433R4SLI/OE52zJtIh aj9H0Yg1QMb8Wuna8LDpKCwNwbXgOKWuZ5u+Y0DrLoBdqxCiGhDDwBeoj2OvE2CK UQ8= -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:43 2025 by rpki-client