$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa File: a894812d-493e-43f7-8c3a-76a64ad96de7.roa (raw, json) Hash identifier: sj1R/OELUUQQAz0aj/NmCDsnd4Mj6Aa+VN/ILZXdZBg= Subject key identifier: 81:F2:12:D2:48:A8:3A:47:4B:99:5F:9C:99:EB:5C:37:71:37:19:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 71558ADBB622C5CEEFFAAC60604513B4E88183F4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa Signing time: Wed 05 Nov 2025 00:00:45 +0000 ROA not before: Wed 05 Nov 2025 00:00:45 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:55:8a:db:b6:22:c5:ce:ef:fa:ac:60:60:45:13:b4:e8:81:83:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:45 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=01642f435d8d17255185967fa35af19525ba6fd7b7bd5293adffa59ff1ac0254, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:f9:c4:cb:b3:43:ac:c3:4a:a9:3b:07:c8:34: ef:af:3b:e5:9a:bf:f0:0f:9c:c3:8a:48:65:fd:c5: e7:7d:b3:7c:13:db:e6:f5:cd:cd:f3:ef:02:16:1f: c4:d2:67:a5:4d:b5:d1:f0:53:42:e3:42:4c:54:3b: 30:14:4f:37:1a:00:32:ff:85:f7:ef:92:61:b1:b0: 89:6c:a2:46:29:ff:1c:a9:c1:33:f2:8f:70:3e:39: 1a:c4:d1:e7:73:f5:8c:8d:12:6a:98:29:1d:a7:d6: d9:6c:20:55:56:34:75:97:a7:69:54:26:da:db:69: 02:70:46:6b:57:65:88:5d:1b:09:a2:83:fd:da:0c: 3e:15:7e:7d:c9:cb:01:05:89:7c:45:38:6b:53:14: 37:2d:6a:96:d5:8e:ab:c0:44:1c:c9:bf:db:84:d9: f7:1d:f6:87:ec:8e:b8:b5:82:4a:73:fe:9a:58:fd: 53:89:47:8f:55:90:ca:78:ff:b3:9f:13:a2:b0:bb: dd:03:70:72:d0:50:0e:d6:e8:ee:80:b3:b1:0f:97: c1:3e:5b:4a:40:6e:f5:a8:0a:0c:85:1d:7b:6d:24: b9:7d:05:a9:71:69:90:d5:ee:66:9f:b5:05:ea:4b: 05:0c:4a:9f:6e:d7:c1:cf:2c:b8:3c:73:a2:50:c8: 77:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:F2:12:D2:48:A8:3A:47:4B:99:5F:9C:99:EB:5C:37:71:37:19:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:4040::/48 Signature Algorithm: sha256WithRSAEncryption ac:88:f6:6d:f9:de:f7:e5:4c:ba:2b:7d:d5:9c:a9:e3:27:5b: 7a:d3:00:7d:ac:50:46:52:b8:22:c7:e9:63:14:d2:90:8c:59: dd:da:51:0d:09:99:2d:2b:ea:53:78:10:a8:1c:25:e0:87:fa: b8:ad:7d:a9:c6:9a:22:cd:24:7d:ac:e5:3f:95:6e:31:75:77: 21:8b:7f:a7:5e:80:2f:15:b0:a6:fd:06:de:86:e3:36:96:6e: b0:de:58:24:20:13:52:9b:e3:1e:d3:2c:4f:be:88:6e:5c:13: 37:3d:75:58:aa:0b:d2:bc:a5:21:6f:dd:77:dd:d0:2d:70:52: 29:0c:7c:67:df:e2:91:8e:1c:c8:b6:d2:90:01:1e:30:c7:6b: e7:27:82:19:48:8e:13:f0:27:67:d4:58:d7:64:d2:d4:0a:d8: 23:c8:6d:33:f3:7a:7c:41:e0:c1:e5:10:10:04:a8:14:c7:e1: c9:e6:b0:2a:f9:4a:9b:21:75:c4:49:ff:0b:6b:e9:30:57:73: fb:f3:5e:95:3f:75:58:f6:92:cf:02:cf:81:b9:b0:b1:e8:db: 08:c5:df:80:ea:10:1f:12:50:65:08:6e:b3:e2:87:98:38:4a: 45:1f:42:d9:38:91:29:4e:47:ff:f0:1b:b0:e5:dc:81:ee:6c: 6b:cf:72:8e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcVWK27Yixc7v+qxgYEUTtOiBg/QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDA0NVoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAMDE2NDJmNDM1ZDhkMTcyNTUxODU5 NjdmYTM1YWYxOTUyNWJhNmZkN2I3YmQ1MjkzYWRmZmE1OWZmMWFjMDI1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvnEy7NDrMNKqTsHyDTvrzvlmr/w D5zDikhl/cXnfbN8E9vm9c3N8+8CFh/E0melTbXR8FNC40JMVDswFE83GgAy/4X3 75JhsbCJbKJGKf8cqcEz8o9wPjkaxNHnc/WMjRJqmCkdp9bZbCBVVjR1l6dpVCba 22kCcEZrV2WIXRsJooP92gw+FX59ycsBBYl8RThrUxQ3LWqW1Y6rwEQcyb/bhNn3 HfaH7I64tYJKc/6aWP1TiUePVZDKeP+znxOisLvdA3By0FAO1ujugLOxD5fBPltK QG71qAoMhR17bSS5fQWpcWmQ1e5mn7UF6ksFDEqfbtfBzyy4PHOiUMh3xQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIHyEtJIqDpHS5lfnJnrXDdxNxkjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4OTQ4MTJkLTQ5M2UtNDNmNy04YzNhLTc2YTY0YWQ5NmRlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYUBAMA0GCSqGSIb3DQEBCwUAA4IBAQCsiPZt+d735Uy6K33V nKnjJ1t60wB9rFBGUrgix+ljFNKQjFnd2lENCZktK+pTeBCoHCXgh/q4rX2pxpoi zSR9rOU/lW4xdXchi3+nXoAvFbCm/QbehuM2lm6w3lgkIBNSm+Me0yxPvohuXBM3 PXVYqgvSvKUhb9133dAtcFIpDHxn3+KRjhzIttKQAR4wx2vnJ4IZSI4T8Cdn1FjX ZNLUCtgjyG0z83p8QeDB5RAQBKgUx+HJ5rAq+UqbIXXESf8La+kwV3P7816VP3VY 9pLPAs+BubCx6NsIxd+A6hAfElBlCG6z4oeYOEpFH0LZOJEpTkf/8Buw5dyB7mxr z3KO -----END CERTIFICATE-----Generated at Wed Nov 5 07:43:21 2025 by rpki-client