$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94244cb0-158e-46d4-8af4-e50dc14db808.roa File: 94244cb0-158e-46d4-8af4-e50dc14db808.roa (raw, json) Hash identifier: lPUAccZt8McAYTCn86+T2DNjqeKwTexVeDWgEKPgzdg= Subject key identifier: CD:93:9D:F9:8B:50:A8:7A:5F:D1:3E:2D:71:A5:F7:77:8C:6E:B9:6B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FD734AC90627EA160292998D3479E5FCE4AE89E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94244cb0-158e-46d4-8af4-e50dc14db808.roa Signing time: Sat 01 Nov 2025 00:00:36 +0000 ROA not before: Sat 01 Nov 2025 00:00:36 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:dab9:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:d7:34:ac:90:62:7e:a1:60:29:29:98:d3:47:9e:5f:ce:4a:e8:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:36 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=ace8c5a3e70da4a7c62a2cdff26abc29bb604751fd01659e4f9c7f0d74c0258c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:7e:0e:7b:0b:6e:fd:11:6d:15:f5:93:3c:e1: ac:6e:8f:6f:0b:47:08:79:3f:c6:e4:51:0d:46:a7: c7:82:58:c9:59:4e:c5:37:ca:14:b7:60:cc:e1:aa: 3e:da:07:00:2e:a4:26:89:49:b9:7d:03:48:d0:31: bf:dd:ef:b4:81:b6:66:99:fd:4a:64:21:61:61:fc: 5b:c5:fb:a7:36:32:4e:f1:d6:b7:cf:75:9e:37:2a: 30:09:96:af:a4:93:98:6e:85:40:6b:01:a3:ff:72: 54:e4:5d:73:a1:85:8b:53:b0:07:ca:10:ce:fc:ec: 24:fd:a0:b6:f3:8f:cc:92:05:c5:07:30:cb:76:35: 95:c7:8f:c5:67:f8:cd:8b:bb:b3:80:06:04:b5:ed: b4:d0:4b:94:7f:08:ba:11:f3:9f:6c:55:b5:32:79: 67:e3:b2:8e:f4:e8:05:6e:35:4c:1f:c3:8f:25:b7: 0a:13:cd:3f:d7:5e:fe:72:63:ad:c9:55:85:2e:5a: 12:c5:19:38:d6:4c:ab:18:07:17:43:d5:ff:18:67: 16:f9:4d:49:2c:13:ac:aa:25:66:5e:bc:ed:13:b4: 3e:c0:c5:f7:1e:81:3d:4f:fb:fb:5f:67:a8:b1:ee: c4:37:e9:2f:f8:9f:65:63:0a:57:51:b1:aa:54:83: 2f:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:93:9D:F9:8B:50:A8:7A:5F:D1:3E:2D:71:A5:F7:77:8C:6E:B9:6B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94244cb0-158e-46d4-8af4-e50dc14db808.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:2800::/40 Signature Algorithm: sha256WithRSAEncryption 61:f8:75:82:88:28:8e:1f:bb:32:ca:39:f1:56:b9:ee:80:0d: 5d:24:93:aa:57:7c:b7:47:06:32:b4:d1:36:18:55:01:15:0b: ea:1d:c6:ab:0c:c3:29:2b:91:81:f5:00:43:46:7d:c1:08:71: 75:52:90:95:2c:62:98:71:cf:0b:0f:09:c4:aa:f6:25:2b:58: 4e:8c:c2:4b:f0:74:33:1d:0d:7d:d6:82:a3:17:b9:d1:7d:30: e7:24:a2:91:3a:d6:f3:01:70:62:e8:66:e3:3d:b4:a0:2b:08: 95:cb:b7:91:2f:1b:d2:8b:57:55:75:ba:e1:ad:85:83:7e:16: 9e:83:93:d3:c9:88:0f:52:7e:5b:4e:4a:ca:12:d8:05:79:e7: cc:a7:15:81:66:75:9e:e5:2a:28:97:06:bf:77:4d:94:62:69: 30:02:ce:df:8e:08:b6:66:f7:f9:a2:f8:aa:52:7b:7a:4b:e4: 76:a1:a8:6a:eb:46:35:9c:57:03:b5:2c:7b:bf:64:b4:71:a5: 8f:5c:c3:d7:d3:70:84:0d:aa:6b:50:94:46:d5:5f:5d:d8:80: b7:9d:54:f4:27:39:08:bb:c8:f0:b7:4d:e8:75:0e:95:38:2b: 9c:dd:33:a4:97:96:5e:22:45:91:73:82:1e:3a:3f:05:30:ae: d9:b2:ba:73 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUH9c0rJBifqFgKSmY00eeX85K6J4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDAzNloX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAYWNlOGM1YTNlNzBkYTRhN2M2MmEy Y2RmZjI2YWJjMjliYjYwNDc1MWZkMDE2NTllNGY5YzdmMGQ3NGMwMjU4YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi34Oewtu/RFtFfWTPOGsbo9vC0cI eT/G5FENRqfHgljJWU7FN8oUt2DM4ao+2gcALqQmiUm5fQNI0DG/3e+0gbZmmf1K ZCFhYfxbxfunNjJO8da3z3WeNyowCZavpJOYboVAawGj/3JU5F1zoYWLU7AHyhDO /Owk/aC284/MkgXFBzDLdjWVx4/FZ/jNi7uzgAYEte200EuUfwi6EfOfbFW1Mnln 47KO9OgFbjVMH8OPJbcKE80/117+cmOtyVWFLloSxRk41kyrGAcXQ9X/GGcW+U1J LBOsqiVmXrztE7Q+wMX3HoE9T/v7X2eose7EN+kv+J9lYwpXUbGqVIMvQQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM2TnfmLUKh6X9E+LXGl93eMbrlrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0MjQ0Y2IwLTE1OGUtNDZkNC04YWY0LWU1MGRjMTRkYjgwOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauSgwDQYJKoZIhvcNAQELBQADggEBAGH4dYKIKI4fuzLKOfFW ue6ADV0kk6pXfLdHBjK00TYYVQEVC+odxqsMwykrkYH1AENGfcEIcXVSkJUsYphx zwsPCcSq9iUrWE6MwkvwdDMdDX3WgqMXudF9MOckopE61vMBcGLoZuM9tKArCJXL t5EvG9KLV1V1uuGthYN+Fp6Dk9PJiA9SfltOSsoS2AV558ynFYFmdZ7lKiiXBr93 TZRiaTACzt+OCLZm9/mi+KpSe3pL5HahqGrrRjWcVwO1LHu/ZLRxpY9cw9fTcIQN qmtQlEbVX13YgLedVPQnOQi7yPC3Teh1DpU4K5zdM6SXll4iRZFzgh46PwUwrtmy unM= -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:02 2025 by rpki-client