$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa File: b105a261-7baa-401b-b853-65b2635b3f6d.roa (raw, json) Hash identifier: G1GN2wyeMd7AnB3cgdmEjJ5fR+S5yR76gFXgCv4AVWA= Subject key identifier: F9:2E:92:64:77:72:1C:01:E4:B8:D9:AF:DA:57:FA:76:9B:43:7C:E9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 28087FAA8E61B75AD5D02936632DA16FAEC38C71 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa Signing time: Sat 25 Oct 2025 00:00:01 +0000 ROA not before: Sat 25 Oct 2025 00:00:01 +0000 ROA not after: Sat 29 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da24:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:08:7f:aa:8e:61:b7:5a:d5:d0:29:36:63:2d:a1:6f:ae:c3:8c:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:01 2025 GMT Not After : Nov 29 23:59:59 2025 GMT Subject: serialNumber=2939957bdf6195fb172166bb398c878ef74e5519ad35c8b76b5d29931164c4b5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:c4:3d:2b:07:3e:87:53:61:85:56:fa:f9:1a: d9:8e:03:c3:ff:42:05:b8:73:70:67:df:3e:87:36: 38:db:e5:82:61:3a:31:de:c9:a9:7b:bd:11:43:9b: b5:92:df:5a:86:68:70:b0:9f:c3:f6:cf:05:15:ca: 8a:8a:34:32:31:a2:ec:08:f0:db:bf:82:c4:7c:57: 49:37:34:bf:3c:8c:b6:51:16:fe:a5:c6:44:85:9f: 09:1e:73:f5:c0:5b:c8:02:55:64:c9:74:99:dd:0a: ee:77:1c:33:f0:c1:f0:07:60:f6:ef:80:f9:c7:36: 0a:d1:dc:6b:64:27:04:76:9c:da:53:d4:c4:25:4b: b7:a8:d6:d2:d6:9d:a0:7e:52:86:34:b4:8c:5d:09: 18:a3:d7:7d:b8:ff:78:72:76:0f:3c:4c:6a:61:c0: d1:37:2c:bd:a2:4b:16:1f:3e:61:20:55:9c:fc:58: 13:08:88:4d:28:f1:20:53:99:81:d3:97:79:63:6d: 4e:b8:1c:ab:4e:68:70:a1:2d:62:8c:a9:a0:f5:36: 03:dd:5f:6a:9e:8d:dc:49:ea:ff:7c:39:af:bb:2b: 0c:6c:73:0e:70:f6:be:e5:57:c6:b7:6f:f7:0e:80: 7f:89:0e:38:55:6b:77:45:95:c4:1a:f2:2a:f9:02: f8:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:2E:92:64:77:72:1C:01:E4:B8:D9:AF:DA:57:FA:76:9B:43:7C:E9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24:8000::/36 Signature Algorithm: sha256WithRSAEncryption 29:46:6c:2c:5f:5d:c8:ae:35:64:5b:c0:87:44:7e:a7:7d:b6: 9b:ea:00:92:18:cb:fd:50:c0:b5:70:af:3b:91:e0:bb:03:1b: ec:6c:1a:d8:f2:4a:63:be:b4:1d:fa:ea:8f:1e:14:a0:43:59: 98:9d:0c:67:d7:a5:a2:43:93:c0:d4:a3:61:d7:7e:5b:62:a6: 49:c7:1c:78:24:13:ee:85:ce:30:73:b3:3d:d0:07:bc:8d:4f: c5:56:bc:48:d1:82:54:35:1d:71:a6:e9:dd:c8:c0:b3:f6:71: 9e:db:4e:3c:29:47:48:70:ca:8a:2e:c1:5a:4d:1b:12:a6:44: 32:1b:d1:3a:8c:b4:b6:e6:2e:c2:97:a9:0d:8e:0c:d8:96:91: 39:a6:55:6c:3c:ae:db:ba:96:f1:38:f7:db:73:97:15:98:62: 96:97:7a:d7:43:2d:87:6d:99:e7:4e:b3:44:0c:aa:f9:a0:9d: 40:cf:c0:54:bd:e5:10:d9:2e:e3:8a:a6:1f:19:45:30:e9:9b: 21:9a:d4:f3:9e:df:5a:f2:a8:56:39:bd:80:8b:d7:a3:d8:30: 00:51:c8:b5:a2:e0:94:fc:3e:77:4a:2b:ea:2d:af:34:af:3a: 51:34:9a:3a:77:2c:dd:1a:92:0b:ed:2f:25:04:af:cf:de:c7: 33:d7:3b:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKAh/qo5ht1rV0Ck2Yy2hb67DjHEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyNTAwMDAwMVoX DTI1MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAMjkzOTk1N2JkZjYxOTVmYjE3MjE2 NmJiMzk4Yzg3OGVmNzRlNTUxOWFkMzVjOGI3NmI1ZDI5OTMxMTY0YzRiNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMQ9Kwc+h1NhhVb6+RrZjgPD/0IF uHNwZ98+hzY42+WCYTox3smpe70RQ5u1kt9ahmhwsJ/D9s8FFcqKijQyMaLsCPDb v4LEfFdJNzS/PIy2URb+pcZEhZ8JHnP1wFvIAlVkyXSZ3Qrudxwz8MHwB2D274D5 xzYK0dxrZCcEdpzaU9TEJUu3qNbS1p2gflKGNLSMXQkYo9d9uP94cnYPPExqYcDR Nyy9oksWHz5hIFWc/FgTCIhNKPEgU5mB05d5Y21OuByrTmhwoS1ijKmg9TYD3V9q no3cSer/fDmvuysMbHMOcPa+5VfGt2/3DoB/iQ44VWt3RZXEGvIq+QL4KwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPkukmR3chwB5LjZr9pX+nabQ3zpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxMDVhMjYxLTdiYWEtNDAxYi1iODUzLTY1YjI2MzViM2Y2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJIAwDQYJKoZIhvcNAQELBQADggEBAClGbCxfXciuNWRbwIdE fqd9tpvqAJIYy/1QwLVwrzuR4LsDG+xsGtjySmO+tB366o8eFKBDWZidDGfXpaJD k8DUo2HXfltipknHHHgkE+6FzjBzsz3QB7yNT8VWvEjRglQ1HXGm6d3IwLP2cZ7b TjwpR0hwyoouwVpNGxKmRDIb0TqMtLbmLsKXqQ2ODNiWkTmmVWw8rtu6lvE499tz lxWYYpaXetdDLYdtmedOs0QMqvmgnUDPwFS95RDZLuOKph8ZRTDpmyGa1POe31ry qFY5vYCL16PYMABRyLWi4JT8PndKK+otrzSvOlE0mjp3LN0akgvtLyUEr8/exzPX O+M= -----END CERTIFICATE-----Generated at Wed Nov 5 05:46:39 2025 by rpki-client