$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa File: 9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa (raw, json) Hash identifier: dG2KSKf2IioAkvoQ4ll2Gz1NUJyVkQSzKy2TLevhCEs= Subject key identifier: 3F:B4:48:79:D7:B6:5E:E4:DC:3E:21:DC:19:B2:2E:C6:BE:F8:98:FE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 16B18CF7126051CD0940004222F980DBB9D66A4E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa Signing time: Tue 21 Oct 2025 00:00:10 +0000 ROA not before: Tue 21 Oct 2025 00:00:10 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:b1:8c:f7:12:60:51:cd:09:40:00:42:22:f9:80:db:b9:d6:6a:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:10 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=4be6f055165d3b2cae9d168401132a1658cc665aa6abba342b217c5c6b2d131a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:40:7d:e9:ed:b8:11:63:93:31:b3:93:e6:89: 1e:63:85:72:53:f0:40:a9:b5:ea:3c:bd:43:21:26: 18:a3:4e:5e:d1:fc:12:a3:70:ac:71:76:14:b8:fd: 79:58:28:9b:61:80:ff:72:ea:eb:3a:7b:97:a2:69: 80:ff:76:48:9a:1d:86:67:08:2c:ee:93:4a:46:b7: ee:e2:54:ce:cc:b9:4d:95:14:ce:2e:ab:27:77:c0: 98:4c:74:f2:9b:23:29:56:21:c6:f3:4e:52:ca:54: 28:3e:af:17:70:c0:24:31:5e:2b:93:1a:27:6b:af: d6:6e:93:48:1a:01:98:9c:29:74:19:d9:7b:0e:46: 50:87:e9:63:87:ba:ab:06:44:0d:48:f5:9b:83:70: 82:99:d6:97:43:a7:90:e5:a2:44:60:f8:a3:3f:da: 7f:c5:a8:93:21:ff:26:14:ea:37:2a:04:96:7a:62: cb:51:40:b0:7c:26:bd:16:a4:57:3c:17:98:31:a6: 48:d3:af:bf:0b:4b:de:c4:5c:f8:c4:5b:bf:0e:52: 20:cd:bf:e8:2b:ec:26:77:c6:db:09:da:36:54:d8: 00:92:ca:27:57:9a:cc:6b:33:b6:b6:c5:48:56:55: 4a:b0:6f:3d:9a:be:d7:60:82:72:a5:61:47:bf:53: e4:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:B4:48:79:D7:B6:5E:E4:DC:3E:21:DC:19:B2:2E:C6:BE:F8:98:FE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:c000::/40 Signature Algorithm: sha256WithRSAEncryption 3a:3b:a2:ee:43:f7:5e:71:6b:8e:f7:4b:da:86:c7:11:11:36: 23:53:d1:76:6f:4e:d6:a4:ad:ce:4e:ab:ed:07:ec:a3:73:e9: 46:f9:90:02:e0:e3:d0:f2:6c:91:14:95:17:84:e7:39:d3:93: ac:79:28:40:41:12:50:e8:08:a6:7a:0a:89:cb:b0:e0:69:69: 7b:7c:b6:8e:9d:d5:68:06:3e:8d:af:96:31:54:44:f1:1b:d1: f4:ab:82:cc:09:25:fd:19:43:b2:6f:3a:eb:e8:32:93:36:0c: 53:72:f1:22:3b:1d:db:98:87:09:8c:c8:9e:e7:e6:c0:f3:c8: 5f:61:83:e6:46:6b:36:48:f8:d3:ee:00:ca:ce:d2:6a:64:48: 4a:86:6e:31:75:16:3d:c5:2e:d6:f6:b0:35:7d:34:01:08:35: 7a:e6:11:47:ca:55:b4:4f:d1:b7:27:b2:36:b6:79:a1:5e:1b: 3d:5c:d1:19:f2:75:cb:da:3e:d2:90:d7:1d:2f:ba:f4:f3:7b: 87:62:c8:33:04:f7:c3:08:8c:1e:63:21:d1:b9:0b:2f:f3:1f: a3:dc:d4:f4:dc:c7:ec:f1:31:b7:2e:e6:1e:ec:98:e5:8f:33: fa:71:31:a7:0d:b1:fc:7d:6c:3f:87:c8:de:99:7d:18:ed:c0: 4a:c7:4f:91 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFrGM9xJgUc0JQABCIvmA27nWak4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDAxMFoX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNANGJlNmYwNTUxNjVkM2IyY2FlOWQx Njg0MDExMzJhMTY1OGNjNjY1YWE2YWJiYTM0MmIyMTdjNWM2YjJkMTMxYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEB96e24EWOTMbOT5okeY4VyU/BA qbXqPL1DISYYo05e0fwSo3CscXYUuP15WCibYYD/currOnuXommA/3ZImh2GZwgs 7pNKRrfu4lTOzLlNlRTOLqsnd8CYTHTymyMpViHG805SylQoPq8XcMAkMV4rkxon a6/WbpNIGgGYnCl0Gdl7DkZQh+ljh7qrBkQNSPWbg3CCmdaXQ6eQ5aJEYPijP9p/ xaiTIf8mFOo3KgSWemLLUUCwfCa9FqRXPBeYMaZI06+/C0vexFz4xFu/DlIgzb/o K+wmd8bbCdo2VNgAksonV5rMazO2tsVIVlVKsG89mr7XYIJypWFHv1PkqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD+0SHnXtl7k3D4h3BmyLsa++Jj+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliYzkwMjYwLWQ0ZGMtNGI1NC05NTFjLWFhOTE2N2Y4Zjk5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba78AwDQYJKoZIhvcNAQELBQADggEBADo7ou5D915xa473S9qG xxERNiNT0XZvTtakrc5Oq+0H7KNz6Ub5kALg49DybJEUlReE5znTk6x5KEBBElDo CKZ6ConLsOBpaXt8to6d1WgGPo2vljFURPEb0fSrgswJJf0ZQ7JvOuvoMpM2DFNy 8SI7HduYhwmMyJ7n5sDzyF9hg+ZGazZI+NPuAMrO0mpkSEqGbjF1Fj3FLtb2sDV9 NAEINXrmEUfKVbRP0bcnsja2eaFeGz1c0RnydcvaPtKQ1x0vuvTze4diyDME98MI jB5jIdG5Cy/zH6Pc1PTcx+zxMbcu5h7smOWPM/pxMacNsfx9bD+HyN6ZfRjtwErH T5E= -----END CERTIFICATE-----Generated at Wed Nov 5 14:06:34 2025 by rpki-client