$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa File: 745411de-d434-4fb7-bef2-d54990248d48.roa (raw, json) Hash identifier: 1U4wKNR4NgtPA8Qk+n5nSu5D91QJA0fUtkVPncgUsm4= Subject key identifier: 74:5D:1E:B1:85:C7:3B:86:89:EA:9C:41:89:99:CC:DC:32:26:5E:EA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 72766D6C9474F331BA9EBF77CB2F90ECF0F6612B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa Signing time: Wed 15 Oct 2025 00:50:32 +0000 ROA not before: Wed 15 Oct 2025 00:50:32 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da16:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:76:6d:6c:94:74:f3:31:ba:9e:bf:77:cb:2f:90:ec:f0:f6:61:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:50:32 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=b36f81b3c9a65b48e917ad673260617282d707150edc76a6631068293c1612ce, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:db:62:e7:a0:8a:cb:b5:da:8b:01:dd:96:d4: 79:e7:d9:5f:6e:d8:8f:36:46:71:99:8a:7f:2a:38: 1c:65:2e:4f:ea:22:5e:44:c4:ac:ae:dc:ca:ad:a5: 81:13:24:dd:c2:37:98:e1:90:1e:bf:b4:85:fc:75: 82:65:a2:ea:b7:23:38:43:c0:5a:e5:45:47:99:0c: dd:2f:c2:74:ff:2b:d6:ec:fb:6e:72:39:7d:a5:14: e7:b5:30:a5:e3:56:b1:7e:ca:a6:ea:b4:a3:61:2f: 25:89:03:4a:cb:4c:e8:5d:f8:d9:41:a7:23:15:b1: 2d:b6:7a:6f:2b:aa:e5:61:c5:33:5a:b3:5b:f9:cc: 00:86:95:3f:a2:62:72:d6:ef:69:c2:f5:e3:6f:54: 7c:01:ce:78:77:fb:a3:41:69:6c:66:c5:2b:46:4f: 9f:75:27:91:9b:c5:15:fa:51:05:7d:64:a7:e2:9b: 0f:86:30:e4:ea:5d:12:a9:8b:dc:7e:74:01:04:f1: 64:6a:e9:0c:08:8e:50:24:f2:9b:6f:dd:7b:e1:e6: 79:bf:9f:1a:65:f4:48:b5:8c:35:7e:04:db:74:fc: d1:b0:56:67:d5:3a:16:b2:8d:17:95:11:d9:f7:c3: 6d:f6:e3:71:70:95:01:d0:50:82:8b:6b:bd:ca:cc: 11:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:5D:1E:B1:85:C7:3B:86:89:EA:9C:41:89:99:CC:DC:32:26:5E:EA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/745411de-d434-4fb7-bef2-d54990248d48.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da16:800::/38 Signature Algorithm: sha256WithRSAEncryption aa:b1:a9:42:56:aa:38:9d:83:ad:35:44:16:5b:ba:a2:9d:18: 32:26:dd:01:42:ad:b3:8c:e2:8e:f5:3c:fc:1d:ce:71:0d:ca: 99:cd:d7:f5:d8:bc:fc:b8:53:39:17:2b:79:35:2e:70:e4:20: 05:1d:f4:79:9b:5b:03:41:a2:ee:8d:ae:16:3f:6a:50:5a:34: d0:8e:75:e6:15:5e:32:d3:8f:37:b3:9c:09:29:16:cd:05:03: 50:04:8c:06:9f:17:a9:6e:84:a2:78:db:e7:ef:8d:24:fc:4f: 78:26:e3:49:9a:f2:91:06:7b:3e:2d:bb:6f:db:cf:cc:13:12: 95:03:36:ea:82:36:e3:30:9d:e9:6c:8a:1a:bb:eb:de:15:53: 77:75:a7:76:ca:b9:71:7e:7f:5c:46:54:bf:a6:d6:3d:93:52: 47:03:0c:c6:ad:39:0f:5f:71:00:46:ff:31:9b:5e:56:ff:cd: bf:bb:ea:17:7b:76:e5:c5:4a:70:31:ee:d9:e8:71:1f:5a:6e: 7a:91:c6:b8:90:9a:7a:3e:b2:63:14:4c:df:99:d6:80:f7:6e: 0f:ee:bd:f0:c7:3a:a3:99:be:8d:61:4a:91:90:e8:9a:d1:35: bc:83:cc:2c:d8:15:c2:85:06:62:54:e6:99:44:42:de:82:78: 3d:5c:dc:d7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcnZtbJR08zG6nr93yy+Q7PD2YSswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNTAzMloX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAYjM2ZjgxYjNjOWE2NWI0OGU5MTdh ZDY3MzI2MDYxNzI4MmQ3MDcxNTBlZGM3NmE2NjMxMDY4MjkzYzE2MTJjZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8dti56CKy7XaiwHdltR559lfbtiP NkZxmYp/KjgcZS5P6iJeRMSsrtzKraWBEyTdwjeY4ZAev7SF/HWCZaLqtyM4Q8Ba 5UVHmQzdL8J0/yvW7Ptucjl9pRTntTCl41axfsqm6rSjYS8liQNKy0zoXfjZQacj FbEttnpvK6rlYcUzWrNb+cwAhpU/omJy1u9pwvXjb1R8Ac54d/ujQWlsZsUrRk+f dSeRm8UV+lEFfWSn4psPhjDk6l0SqYvcfnQBBPFkaukMCI5QJPKbb9174eZ5v58a ZfRItYw1fgTbdPzRsFZn1ToWso0XlRHZ98Nt9uNxcJUB0FCCi2u9yswRFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHRdHrGFxzuGieqcQYmZzNwyJl7qMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0NTQxMWRlLWQ0MzQtNGZiNy1iZWYyLWQ1NDk5MDI0OGQ0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFggwDQYJKoZIhvcNAQELBQADggEBAKqxqUJWqjidg601RBZb uqKdGDIm3QFCrbOM4o71PPwdznENypnN1/XYvPy4UzkXK3k1LnDkIAUd9HmbWwNB ou6NrhY/alBaNNCOdeYVXjLTjzeznAkpFs0FA1AEjAafF6luhKJ42+fvjST8T3gm 40ma8pEGez4tu2/bz8wTEpUDNuqCNuMwnelsihq7694VU3d1p3bKuXF+f1xGVL+m 1j2TUkcDDMatOQ9fcQBG/zGbXlb/zb+76hd7duXFSnAx7tnocR9abnqRxriQmno+ smMUTN+Z1oD3bg/uvfDHOqOZvo1hSpGQ6JrRNbyDzCzYFcKFBmJU5plEQt6CeD1c 3Nc= -----END CERTIFICATE-----Generated at Wed Nov 5 09:52:32 2025 by rpki-client