$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68b5982c-6b84-43bb-b9f1-480a7de7c6b0.roa File: 68b5982c-6b84-43bb-b9f1-480a7de7c6b0.roa (raw, json) Hash identifier: zQreDCxS2bW0lCJl6nveLBJJRtFElwTnNjHGuu/bXH0= Subject key identifier: 77:9E:F4:15:9A:CE:0A:1F:B1:1F:9E:45:F0:7B:AE:E5:8A:80:DE:AC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14A7B9B2B487634B3B298982CA76664A78681FBA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68b5982c-6b84-43bb-b9f1-480a7de7c6b0.roa Signing time: Wed 29 Oct 2025 07:40:16 +0000 ROA not before: Wed 29 Oct 2025 07:40:16 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:a7:b9:b2:b4:87:63:4b:3b:29:89:82:ca:76:66:4a:78:68:1f:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 07:40:16 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=c078860d541bfdeb2b405704d6739705eeeefbdb292188bf0f8c6db7837fc2b4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:19:a9:d1:72:46:45:40:2b:0b:4e:90:36:6c: 98:95:6c:0b:6d:5f:ab:34:cd:6b:96:36:b8:7f:f4: 5d:b0:f1:97:73:a3:ae:ec:8c:f7:a3:1b:50:81:d0: b7:4c:a9:9e:2d:37:7e:e7:87:ee:d2:0e:e1:82:43: 40:c8:db:8b:8a:dc:02:e9:80:ee:aa:82:de:8b:4b: 5e:7f:16:1c:99:c1:6a:ef:dc:6f:d7:5e:41:b0:0c: dc:cf:38:3b:b8:bb:b7:e0:21:00:ae:20:6f:ed:7a: 0e:0c:23:77:1d:4c:cf:d3:04:cb:cf:c1:c9:b9:a2: e5:5d:e3:6d:09:ac:ad:24:70:a9:70:dc:86:7c:8e: 3d:60:55:27:82:fb:86:b1:32:5d:a2:f5:ab:22:e0: ec:32:2a:f7:b3:1e:7d:b6:d4:a4:37:f3:d5:37:b2: bf:bd:4d:2d:5c:a9:b6:41:5b:7f:6c:65:31:9f:76: ff:c5:ed:b9:08:38:8b:31:07:01:3b:09:d8:3c:ed: 7b:f9:61:06:7d:19:1b:69:92:8b:d9:38:ad:bc:d3: e2:43:95:0c:6e:b7:dd:39:83:29:ff:bc:13:4b:38: d9:59:45:26:06:ae:e4:b1:63:11:a0:b3:d7:80:4c: 32:b2:44:26:4b:27:6c:62:b5:9b:5a:89:2d:1b:2b: 6e:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:9E:F4:15:9A:CE:0A:1F:B1:1F:9E:45:F0:7B:AE:E5:8A:80:DE:AC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68b5982c-6b84-43bb-b9f1-480a7de7c6b0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:c800::/40 Signature Algorithm: sha256WithRSAEncryption 07:a1:5a:e2:8b:97:db:25:20:d5:2c:89:b9:7e:88:49:d4:de: 80:98:5a:a4:2b:fd:c2:52:b7:7c:dd:68:32:85:cf:b7:4d:d1: 0e:7c:21:28:45:e9:0e:65:6a:c5:ea:d0:51:fe:72:47:a2:5d: ce:bb:09:21:9b:e3:fd:87:3d:7f:aa:a1:d2:3c:a4:88:62:67: 0d:87:82:e9:80:9b:7f:c2:42:d8:3d:59:6d:95:3c:ee:02:50: 34:67:c7:14:d6:22:f7:32:10:08:0b:81:fc:c5:d1:86:f8:ef: be:a8:c4:62:12:f9:2a:23:96:88:89:9f:d8:9f:3a:e7:fe:4a: d8:d6:1c:67:7e:cf:0a:83:68:5e:0b:55:81:fc:ad:1b:9a:22: 0b:3c:23:06:d9:85:77:09:c0:bc:01:a3:d7:29:64:cc:b3:c6: 87:c8:c8:41:18:8c:c1:19:9e:34:33:1e:76:84:19:08:7f:3f: d3:f2:d1:61:65:fd:5c:be:1e:40:e0:ed:40:e3:33:0a:d3:88: 22:41:1b:c6:b2:db:b1:a9:f9:3e:8e:10:e3:cd:62:0a:da:9c: 0a:60:63:7a:aa:4c:63:8e:62:46:3f:ec:7c:b0:d0:9c:7c:df: a1:ff:28:9f:3a:da:f1:88:15:6e:b9:f7:04:f2:d3:c2:0b:1b: 92:13:ce:9d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFKe5srSHY0s7KYmCynZmSnhoH7owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTA3NDAxNloX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAYzA3ODg2MGQ1NDFiZmRlYjJiNDA1 NzA0ZDY3Mzk3MDVlZWVlZmJkYjI5MjE4OGJmMGY4YzZkYjc4MzdmYzJiNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxmp0XJGRUArC06QNmyYlWwLbV+r NM1rlja4f/RdsPGXc6Ou7Iz3oxtQgdC3TKmeLTd+54fu0g7hgkNAyNuLitwC6YDu qoLei0tefxYcmcFq79xv115BsAzczzg7uLu34CEAriBv7XoODCN3HUzP0wTLz8HJ uaLlXeNtCaytJHCpcNyGfI49YFUngvuGsTJdovWrIuDsMir3sx59ttSkN/PVN7K/ vU0tXKm2QVt/bGUxn3b/xe25CDiLMQcBOwnYPO17+WEGfRkbaZKL2TitvNPiQ5UM brfdOYMp/7wTSzjZWUUmBq7ksWMRoLPXgEwyskQmSydsYrWbWoktGytuaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHee9BWazgofsR+eRfB7ruWKgN6sMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY4YjU5ODJjLTZiODQtNDNiYi1iOWYxLTQ4MGE3ZGU3YzZiMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6sgwDQYJKoZIhvcNAQELBQADggEBAAehWuKLl9slINUsibl+ iEnU3oCYWqQr/cJSt3zdaDKFz7dN0Q58IShF6Q5lasXq0FH+ckeiXc67CSGb4/2H PX+qodI8pIhiZw2HgumAm3/CQtg9WW2VPO4CUDRnxxTWIvcyEAgLgfzF0Yb4776o xGIS+SojloiJn9ifOuf+StjWHGd+zwqDaF4LVYH8rRuaIgs8IwbZhXcJwLwBo9cp ZMyzxofIyEEYjMEZnjQzHnaEGQh/P9Py0WFl/Vy+HkDg7UDjMwrTiCJBG8ay27Gp +T6OEOPNYgranApgY3qqTGOOYkY/7Hyw0Jx836H/KJ862vGIFW659wTy08ILG5IT zp0= -----END CERTIFICATE-----Generated at Wed Nov 5 07:45:41 2025 by rpki-client