$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa File: b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa (raw, json) Hash identifier: jhrP521lhN1MAPC/0JEh7YWmLqi+I/ObJhX7GzKd+IU= Subject key identifier: 85:9E:C9:35:14:4A:7D:E2:15:09:F8:29:28:5C:F2:A5:9A:4D:6B:9F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6052E5BDA1D8B397ACFC36C31CD6289912FCF4F6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa Signing time: Wed 05 Nov 2025 00:00:06 +0000 ROA not before: Wed 05 Nov 2025 00:00:06 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:52:e5:bd:a1:d8:b3:97:ac:fc:36:c3:1c:d6:28:99:12:fc:f4:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:06 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=023e2f3814cc3c779abe9a4846ecb96271dbf576250eda607430d439df72e023, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:d5:e9:da:08:48:7b:3b:54:f0:e1:11:9c:3f: b9:1e:53:af:db:f2:6b:91:68:0e:b9:bc:53:92:c9: 51:34:7a:55:58:39:9d:58:3e:26:36:47:18:83:ff: 79:f6:1d:fb:f0:84:d2:51:5d:68:96:d8:20:e7:fe: 09:73:5e:73:d6:99:1d:a5:1b:a4:9f:f7:d8:eb:7d: d8:7b:6a:bf:a7:6d:2d:db:af:0a:68:48:e1:4c:b2: ac:b2:61:7a:1c:0f:dc:0a:27:cc:43:e2:ce:97:c0: 96:39:44:2d:62:37:8e:70:b2:6a:5a:5b:dc:54:e8: 9e:d0:66:21:b4:fc:92:0e:a3:bf:91:86:4a:14:2f: ba:af:5f:fc:35:db:5c:5b:7b:20:82:6f:8f:25:ff: d5:f3:16:86:3b:d3:84:ec:36:52:b0:98:11:77:4c: 28:b6:f8:5b:63:df:42:a3:66:87:f2:ea:e2:64:07: a7:13:8f:44:38:93:07:5e:d3:d7:bd:eb:49:ec:d1: 2d:83:37:33:ab:70:95:f4:c9:00:2a:a5:50:eb:b8: 84:38:b2:64:97:a9:8f:e9:a2:c8:bd:1c:53:85:4f: 65:9b:3e:28:6f:5c:25:c2:fb:23:f8:79:92:29:b7: 06:89:e3:67:25:03:a5:b1:5b:b5:ea:1c:08:4c:a8: 89:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:9E:C9:35:14:4A:7D:E2:15:09:F8:29:28:5C:F2:A5:9A:4D:6B:9F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:8080::/48 Signature Algorithm: sha256WithRSAEncryption 93:35:f2:1e:c1:73:3c:f7:6e:f5:a7:f1:7b:ba:a0:48:62:a1: bd:7a:f2:c2:67:ee:fc:05:62:45:df:c9:fd:03:f9:b9:7c:1c: 5b:6e:e8:a7:83:e3:9a:9b:3b:b6:f2:90:cd:e7:df:66:ca:d9: 69:c8:48:bd:65:c1:c2:73:3b:7a:11:a5:a3:30:ae:30:ec:4a: b8:80:d8:e0:b0:fd:eb:a2:4e:35:5c:4b:0b:85:40:46:ea:52: 02:60:6b:a8:7c:3c:de:f2:d5:88:ed:6b:7d:11:0d:32:24:c3: bc:d4:67:f4:25:a5:b5:d0:53:fb:29:7d:10:92:15:75:19:b2: cb:db:f6:9f:7f:41:39:c5:43:e2:66:90:af:51:70:3c:fe:36: db:62:27:7e:0c:d6:3d:c1:c6:f9:3e:a8:59:9a:82:fb:53:61: 35:b9:d0:e6:3f:fd:8e:60:5e:78:ee:bb:0c:22:46:d0:44:93: 28:8e:eb:91:71:91:e1:31:03:42:41:e4:7e:6a:d9:85:08:08: 0e:75:1a:83:46:ab:b8:77:60:68:82:15:7b:04:63:e3:42:61: b7:93:7d:f1:53:e4:78:d5:2c:8d:c7:18:5b:c0:4d:16:f5:a6: 17:8b:0d:1f:80:f4:51:2b:de:01:72:38:89:81:24:23:a8:14: c0:39:c8:75 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYFLlvaHYs5es/DbDHNYomRL89PYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDAwNloX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAMDIzZTJmMzgxNGNjM2M3NzlhYmU5 YTQ4NDZlY2I5NjI3MWRiZjU3NjI1MGVkYTYwNzQzMGQ0MzlkZjcyZTAyMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9Xp2ghIeztU8OERnD+5HlOv2/Jr kWgOubxTkslRNHpVWDmdWD4mNkcYg/959h378ITSUV1oltgg5/4Jc15z1pkdpRuk n/fY633Ye2q/p20t268KaEjhTLKssmF6HA/cCifMQ+LOl8CWOUQtYjeOcLJqWlvc VOie0GYhtPySDqO/kYZKFC+6r1/8NdtcW3sggm+PJf/V8xaGO9OE7DZSsJgRd0wo tvhbY99Co2aH8uriZAenE49EOJMHXtPXvetJ7NEtgzczq3CV9MkAKqVQ67iEOLJk l6mP6aLIvRxThU9lmz4ob1wlwvsj+HmSKbcGieNnJQOlsVu16hwITKiJdwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIWeyTUUSn3iFQn4KShc8qWaTWufMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxYTI0YTI1LTliM2EtNDJlNC04N2JkLWIyMTJmN2ZkNzljOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8oCAMA0GCSqGSIb3DQEBCwUAA4IBAQCTNfIewXM89271p/F7 uqBIYqG9evLCZ+78BWJF38n9A/m5fBxbbuing+Oamzu28pDN599mytlpyEi9ZcHC czt6EaWjMK4w7Eq4gNjgsP3rok41XEsLhUBG6lICYGuofDze8tWI7Wt9EQ0yJMO8 1Gf0JaW10FP7KX0QkhV1GbLL2/aff0E5xUPiZpCvUXA8/jbbYid+DNY9wcb5PqhZ moL7U2E1udDmP/2OYF547rsMIkbQRJMojuuRcZHhMQNCQeR+atmFCAgOdRqDRqu4 d2BoghV7BGPjQmG3k33xU+R41SyNxxhbwE0W9aYXiw0fgPRRK94BcjiJgSQjqBTA Och1 -----END CERTIFICATE-----Generated at Wed Nov 5 12:37:16 2025 by rpki-client