$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa File: 671d95a3-c003-4a86-88c6-405cd8ceff9e.roa (raw, json) Hash identifier: jvvzssoDXeW0tDmnD3I2EkI2FfK8pY34vkIrV8xdjsQ= Subject key identifier: B2:4B:48:45:73:C4:30:52:70:39:B2:60:97:FC:D5:7F:9B:9E:EC:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B4FB0BB0259E3522C61C586D5CD01B20D878E9E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa Signing time: Tue 21 Oct 2025 00:00:49 +0000 ROA not before: Tue 21 Oct 2025 00:00:49 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:4f:b0:bb:02:59:e3:52:2c:61:c5:86:d5:cd:01:b2:0d:87:8e:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:49 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=7d3f8451b58a0bb65af9357503b46e59a7c5dc56a0cb8ace39e197f7ddfe20d7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:40:26:90:f1:dc:1d:cb:9b:62:0f:09:50:85: 1e:31:fb:fb:d0:0b:9d:83:7b:c2:23:07:ff:ff:a1: a0:e6:dc:01:11:b5:1b:1d:41:72:d2:25:c0:05:55: ad:42:88:68:ae:fe:1b:d8:68:57:98:04:0f:99:be: 67:c2:8f:4e:79:35:51:e9:9b:17:1e:1d:7e:9b:33: ab:45:b8:6c:50:8c:54:d9:5c:03:66:7a:36:27:c6: e3:7f:c0:08:7e:cb:4a:af:2a:87:32:d0:7a:1f:3f: 03:30:b1:b6:08:cf:f9:ec:d3:dd:35:c5:69:9f:ca: a2:55:2c:d0:fe:14:c1:9b:ee:e7:7a:22:5e:48:2e: b4:44:09:a0:fd:9f:af:b3:db:39:b9:90:70:f8:17: 39:a5:dd:68:62:0b:51:47:ed:54:19:8b:e9:98:d6: 4d:1f:07:a8:65:1d:2f:d2:44:44:9d:b3:28:9f:9e: 4c:d1:3f:be:da:f9:47:08:a0:dc:56:0f:36:48:09: 25:2c:97:97:da:85:5a:85:5f:34:55:af:f1:9a:59: d8:d5:4f:ce:5f:d0:fd:c9:d0:00:d5:8e:f9:8d:3f: ba:c5:c9:1d:5b:c6:32:e1:37:a1:ac:72:8f:87:96: bd:29:9d:52:fd:1e:ec:05:d8:eb:c5:79:1c:42:a6: 4c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:4B:48:45:73:C4:30:52:70:39:B2:60:97:FC:D5:7F:9B:9E:EC:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/671d95a3-c003-4a86-88c6-405cd8ceff9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:c800::/40 Signature Algorithm: sha256WithRSAEncryption 97:ac:91:92:eb:e2:f9:41:47:55:13:c7:10:29:31:93:da:b6: 61:80:66:5e:32:c9:da:25:b1:06:85:44:df:d9:60:2f:c4:d6: cf:ff:b3:b8:5e:0a:d1:4d:52:0b:ff:d2:96:ab:ec:1d:9a:9d: 3e:2e:27:5b:84:52:ac:b5:90:05:bf:7e:ea:b5:90:97:eb:01: 85:ab:44:b9:d1:e8:03:64:c6:4f:9d:bb:98:2a:f7:ce:7c:ae: bf:e6:ea:94:63:c0:0f:9f:ac:25:27:88:3e:43:01:66:67:bd: 62:bf:ac:d0:c6:ee:3c:81:a9:74:62:c9:34:11:43:0e:8d:32: 9a:1f:ae:2c:10:1b:5b:27:d4:d0:dd:18:72:cf:7a:a2:38:6e: 13:64:21:79:1a:2f:60:05:98:f7:c2:34:10:86:27:a2:ee:c3: e8:e9:7f:0d:69:59:22:7e:05:21:1b:65:68:58:04:00:a9:01: 54:b2:1a:50:c8:4e:e8:b3:08:10:45:be:a6:6c:25:65:4f:20: 1e:b1:41:65:7a:5f:75:a6:67:c3:6c:14:dc:13:2f:8b:be:d1: c4:a8:13:f6:0b:fc:aa:e2:c7:5d:99:1d:52:55:bb:a3:ab:d3: a6:5b:1d:60:27:b7:77:81:69:c9:30:79:23:bf:d1:0b:19:6b: c5:02:fe:12 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUa0+wuwJZ41IsYcWG1c0Bsg2Hjp4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDA0OVoX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNAN2QzZjg0NTFiNThhMGJiNjVhZjkz NTc1MDNiNDZlNTlhN2M1ZGM1NmEwY2I4YWNlMzllMTk3ZjdkZGZlMjBkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkAmkPHcHcubYg8JUIUeMfv70Aud g3vCIwf//6Gg5twBEbUbHUFy0iXABVWtQohorv4b2GhXmAQPmb5nwo9OeTVR6ZsX Hh1+mzOrRbhsUIxU2VwDZno2J8bjf8AIfstKryqHMtB6Hz8DMLG2CM/57NPdNcVp n8qiVSzQ/hTBm+7neiJeSC60RAmg/Z+vs9s5uZBw+Bc5pd1oYgtRR+1UGYvpmNZN HweoZR0v0kREnbMon55M0T++2vlHCKDcVg82SAklLJeX2oVahV80Va/xmlnY1U/O X9D9ydAA1Y75jT+6xckdW8Yy4TehrHKPh5a9KZ1S/R7sBdjrxXkcQqZMywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLJLSEVzxDBScDmyYJf81X+bnuwVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3MWQ5NWEzLWMwMDMtNGE4Ni04OGM2LTQwNWNkOGNlZmY5ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba78gwDQYJKoZIhvcNAQELBQADggEBAJeskZLr4vlBR1UTxxAp MZPatmGAZl4yydolsQaFRN/ZYC/E1s//s7heCtFNUgv/0par7B2anT4uJ1uEUqy1 kAW/fuq1kJfrAYWrRLnR6ANkxk+du5gq9858rr/m6pRjwA+frCUniD5DAWZnvWK/ rNDG7jyBqXRiyTQRQw6NMpofriwQG1sn1NDdGHLPeqI4bhNkIXkaL2AFmPfCNBCG J6Luw+jpfw1pWSJ+BSEbZWhYBACpAVSyGlDITuizCBBFvqZsJWVPIB6xQWV6X3Wm Z8NsFNwTL4u+0cSoE/YL/Krix12ZHVJVu6Or06ZbHWAnt3eBackweSO/0QsZa8UC /hI= -----END CERTIFICATE-----Generated at Wed Nov 5 05:40:36 2025 by rpki-client