$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa File: a91b902a-3780-4e0a-8062-46df71087b57.roa (raw, json) Hash identifier: 3SR1Lj+IJMUOAaKIAIP8gSXI87tKxQ5NbcfBIZ+5soA= Subject key identifier: 6E:BE:A3:2A:CA:E7:C9:43:BF:45:2A:3A:F4:F9:D4:35:E4:1D:05:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7F0E40A59A6750E52218B65343DD78927AB3AE15 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa Signing time: Tue 14 Oct 2025 00:00:45 +0000 ROA not before: Tue 14 Oct 2025 00:00:45 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:0e:40:a5:9a:67:50:e5:22:18:b6:53:43:dd:78:92:7a:b3:ae:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:00:45 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=18cb349c32a17416609e55fb2cfc71378dd5b542ccedc87be5d3f64a6b6a1d16, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:f6:27:2c:c6:e3:01:8a:75:01:58:40:4f:66: a8:f8:27:d8:d0:eb:5e:c9:c6:49:7b:73:01:5d:ad: 10:69:97:d8:97:d4:f7:00:13:a1:81:33:68:54:90: 35:a6:f4:50:f8:ee:7b:3f:50:cd:92:38:39:03:21: 1d:0c:a4:d0:af:3d:7e:75:6c:33:3d:34:9c:f1:4d: 8a:f6:9b:2f:8f:c4:1b:39:85:e9:68:a4:a1:f6:5a: a7:d0:50:cb:c1:9a:3b:94:fe:31:0a:c1:52:95:a6: d1:74:6a:9d:1c:3a:fa:68:d9:31:90:da:d4:45:24: 6e:d4:9a:3d:e7:35:79:18:47:e0:16:2b:9f:e8:e4: 40:16:52:13:f1:af:78:d7:31:1d:b6:05:65:0b:3d: ba:5e:db:09:97:50:9b:56:54:18:04:a6:b5:c9:8a: d6:aa:82:1b:42:f8:6d:a1:43:c1:7d:7f:08:e4:0c: d5:3b:89:c7:24:9b:bd:df:f9:9e:33:5f:8f:45:5f: 97:13:3c:a4:44:a3:79:b6:6d:c9:e4:9e:3f:54:56: 97:0e:22:72:cd:73:c6:24:26:4f:c6:6d:ad:4f:93: 7c:55:5b:85:52:95:53:78:86:f6:d3:cf:74:06:29: 2f:74:8f:2e:85:99:ef:46:9d:09:7e:bd:5f:98:fe: ee:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:BE:A3:2A:CA:E7:C9:43:BF:45:2A:3A:F4:F9:D4:35:E4:1D:05:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:b000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:3e:bf:56:98:eb:00:32:dd:63:c3:95:a4:c5:22:c5:c2:80: df:9c:4f:37:ec:8c:4a:58:96:d3:31:3c:8c:f9:36:8b:ea:fc: e7:ab:22:ac:2d:4c:91:10:2c:10:57:84:6d:b9:fb:29:4a:95: 25:17:3e:de:d4:86:0a:9b:f8:a5:a9:52:b5:5d:cf:a0:f4:0f: 0b:9d:cc:ce:4e:06:7f:4e:9c:a5:13:46:96:29:4a:04:ab:7d: 50:c7:69:3e:a4:e6:f4:25:4c:f0:66:d8:9d:7e:95:c9:78:10: 44:25:a6:b1:d5:fd:d9:81:93:d5:d8:15:5a:b5:b6:09:4f:fb: 3d:41:fe:9a:72:06:cf:9c:32:07:7a:04:f8:af:e8:0f:af:ae: c6:6f:58:03:48:f9:04:26:b8:8a:75:cc:74:8e:b3:6b:0e:2c: 3e:c5:7d:cf:cf:c9:39:4f:48:3e:fc:a1:d7:c1:e4:5e:dc:7b: ce:fa:08:22:57:f3:b5:f7:bc:8b:a3:34:39:f9:e9:7b:6c:cb: 9b:0f:5d:24:bd:7c:d4:8b:01:5e:17:51:aa:c4:6a:e3:68:d3: 06:a0:96:b5:5a:9f:ce:45:b7:02:b2:9f:6b:3e:f8:0a:88:11: c0:7d:20:69:87:98:89:8a:94:27:1c:93:35:48:07:c3:d8:4c: 29:34:a7:3a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfw5ApZpnUOUiGLZTQ914knqzrhUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMDA0NVoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAMThjYjM0OWMzMmExNzQxNjYwOWU1 NWZiMmNmYzcxMzc4ZGQ1YjU0MmNjZWRjODdiZTVkM2Y2NGE2YjZhMWQxNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPYnLMbjAYp1AVhAT2ao+CfY0Ote ycZJe3MBXa0QaZfYl9T3ABOhgTNoVJA1pvRQ+O57P1DNkjg5AyEdDKTQrz1+dWwz PTSc8U2K9psvj8QbOYXpaKSh9lqn0FDLwZo7lP4xCsFSlabRdGqdHDr6aNkxkNrU RSRu1Jo95zV5GEfgFiuf6ORAFlIT8a941zEdtgVlCz26XtsJl1CbVlQYBKa1yYrW qoIbQvhtoUPBfX8I5AzVO4nHJJu93/meM1+PRV+XEzykRKN5tm3J5J4/VFaXDiJy zXPGJCZPxm2tT5N8VVuFUpVTeIb20890BikvdI8uhZnvRp0Jfr1fmP7uQQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG6+oyrK58lDv0UqOvT51DXkHQW/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5MWI5MDJhLTM3ODAtNGUwYS04MDYyLTQ2ZGY3MTA4N2I1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/7AwDQYJKoZIhvcNAQELBQADggEBAGw+v1aY6wAy3WPDlaTF IsXCgN+cTzfsjEpYltMxPIz5Novq/OerIqwtTJEQLBBXhG25+ylKlSUXPt7Uhgqb +KWpUrVdz6D0DwudzM5OBn9OnKUTRpYpSgSrfVDHaT6k5vQlTPBm2J1+lcl4EEQl prHV/dmBk9XYFVq1tglP+z1B/ppyBs+cMgd6BPiv6A+vrsZvWANI+QQmuIp1zHSO s2sOLD7Ffc/PyTlPSD78odfB5F7ce876CCJX87X3vIujNDn56Xtsy5sPXSS9fNSL AV4XUarEauNo0waglrVan85FtwKyn2s++AqIEcB9IGmHmImKlCcckzVIB8PYTCk0 pzo= -----END CERTIFICATE-----Generated at Wed Nov 5 05:50:08 2025 by rpki-client