$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa File: 783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa (raw, json) Hash identifier: d7E1vazwbufjKoCmDqkNaU88f3CBcrv6c6HHHOTGQb8= Subject key identifier: 62:1C:66:DA:CA:D1:7C:4D:CC:FB:2C:5A:B5:6E:8F:40:27:E1:74:A0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4C4D8672BDCB30BFC7E69053E287A6EDBE81D0E1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa Signing time: Sat 01 Nov 2025 00:00:03 +0000 ROA not before: Sat 01 Nov 2025 00:00:03 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:4d:86:72:bd:cb:30:bf:c7:e6:90:53:e2:87:a6:ed:be:81:d0:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:03 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=af59b47ea797534bbc4d9eeb2f5599eb788fe31db4a9f544f7a34c4a65705149, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:54:5d:c3:26:15:97:cb:41:09:c8:70:df:a4: d0:31:47:c0:00:99:58:54:c0:2b:e7:94:c4:fe:0f: 94:2c:8e:86:b1:f4:09:b9:00:ef:6f:3b:68:b8:4f: 6b:99:b4:13:fb:de:2e:a3:b8:de:01:5c:c6:e3:17: f1:9a:46:ef:ee:03:20:b0:73:dd:d5:3a:28:39:08: 51:13:b5:1e:63:63:24:78:03:e2:b5:bf:fa:d0:f9: b1:3b:dc:a9:11:a1:66:87:7e:66:2e:5c:b4:f8:a5: a3:3e:68:20:5a:a7:31:8b:cf:fe:fd:1e:50:79:95: f6:20:46:60:ed:54:63:15:07:9c:1e:dc:f1:e1:7a: ad:7c:6d:8c:00:83:4b:d0:92:33:79:0c:96:3c:24: 4f:5e:de:82:96:0d:12:25:37:8f:a9:17:18:90:d7: 10:1f:57:9e:5a:12:2f:59:ff:53:23:61:2d:11:ed: bf:b6:fa:eb:16:f5:8e:a0:27:3b:14:75:2d:93:31: b3:5f:d2:70:29:12:6d:49:aa:5e:10:83:87:e4:40: b6:f3:01:8d:c2:ac:16:c5:1d:91:a9:02:82:2b:ec: 63:d4:a5:f6:e4:fe:92:c0:4d:25:94:8f:1f:a1:ac: 03:2c:89:42:41:e0:60:92:0c:f5:36:5b:3b:3f:51: 18:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:1C:66:DA:CA:D1:7C:4D:CC:FB:2C:5A:B5:6E:8F:40:27:E1:74:A0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:9000::/40 Signature Algorithm: sha256WithRSAEncryption 28:d7:0e:4a:3a:35:59:40:69:0e:6f:10:3b:34:c5:de:46:e7: ff:d1:0c:02:30:7b:20:6d:e5:0b:1c:75:92:4f:b2:ff:ce:b8: 60:4d:1f:fd:94:f5:59:a9:4e:4e:75:7f:45:4a:2f:dd:47:d9: e0:3a:e0:34:8b:54:16:98:7e:b2:5e:9c:c4:b2:dd:2c:8c:f4: 47:b6:ba:3c:05:17:fa:b4:17:f0:32:fe:28:bd:ee:6d:0a:a4: 34:74:cb:4d:2c:93:a8:80:96:0b:a3:a8:e5:d0:e8:02:de:3f: 4d:6c:41:5a:33:52:21:17:5d:84:5f:f5:41:87:6e:4d:18:e8: ef:c7:0b:ea:7e:93:4a:c9:33:7f:c4:d4:b6:fa:a8:a6:26:a8: 73:e7:d1:5d:8b:10:3d:7f:38:ee:e8:ea:eb:01:12:61:41:6c: b1:6e:82:de:53:74:2d:cf:7b:47:f7:ba:42:00:c5:75:27:bc: 4a:84:3a:45:da:f0:42:02:02:77:ba:fb:87:fb:c1:d3:b0:69: 5d:12:8e:22:49:f8:c6:de:f7:ac:1b:bc:72:5a:d9:be:30:a0: ff:bf:f0:5d:ed:30:2f:9f:99:cf:cb:d7:c8:8f:fe:75:5f:0e: fe:e1:eb:fe:ac:a5:9e:5e:e8:09:f7:9d:71:5d:80:9a:e7:2c: 86:0d:b8:87 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTE2Gcr3LML/H5pBT4oem7b6B0OEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDAwM1oX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAYWY1OWI0N2VhNzk3NTM0YmJjNGQ5 ZWViMmY1NTk5ZWI3ODhmZTMxZGI0YTlmNTQ0ZjdhMzRjNGE2NTcwNTE0OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFRdwyYVl8tBCchw36TQMUfAAJlY VMAr55TE/g+ULI6GsfQJuQDvbztouE9rmbQT+94uo7jeAVzG4xfxmkbv7gMgsHPd 1TooOQhRE7UeY2MkeAPitb/60PmxO9ypEaFmh35mLly0+KWjPmggWqcxi8/+/R5Q eZX2IEZg7VRjFQecHtzx4XqtfG2MAINL0JIzeQyWPCRPXt6Clg0SJTePqRcYkNcQ H1eeWhIvWf9TI2EtEe2/tvrrFvWOoCc7FHUtkzGzX9JwKRJtSapeEIOH5EC28wGN wqwWxR2RqQKCK+xj1KX25P6SwE0llI8foawDLIlCQeBgkgz1Nls7P1EYlwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGIcZtrK0XxNzPssWrVuj0An4XSgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc4M2I5NmY0LTgxYWQtNGQxZC1hMGU2LTY0N2EwZmYzOTQ0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauZAwDQYJKoZIhvcNAQELBQADggEBACjXDko6NVlAaQ5vEDs0 xd5G5//RDAIweyBt5QscdZJPsv/OuGBNH/2U9VmpTk51f0VKL91H2eA64DSLVBaY frJenMSy3SyM9Ee2ujwFF/q0F/Ay/ii97m0KpDR0y00sk6iAlgujqOXQ6ALeP01s QVozUiEXXYRf9UGHbk0Y6O/HC+p+k0rJM3/E1Lb6qKYmqHPn0V2LED1/OO7o6usB EmFBbLFugt5TdC3Pe0f3ukIAxXUnvEqEOkXa8EICAne6+4f7wdOwaV0SjiJJ+Mbe 96wbvHJa2b4woP+/8F3tMC+fmc/L18iP/nVfDv7h6/6spZ5e6An3nXFdgJrnLIYN uIc= -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:09 2025 by rpki-client