$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5f2c348-d70e-4cce-8551-1227fa964263.roa File: c5f2c348-d70e-4cce-8551-1227fa964263.roa (raw, json) Hash identifier: lHpFHmqunvFbEYb7mzmrGVJ4qe5v5es+abWFW5frPRM= Subject key identifier: D7:E4:1C:7A:E6:88:94:DE:76:19:72:43:9E:32:21:B4:A3:21:90:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 48170A2B2B5D522593012EB3C7065C1EAB307D69 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5f2c348-d70e-4cce-8551-1227fa964263.roa Signing time: Wed 29 Oct 2025 07:40:17 +0000 ROA not before: Wed 29 Oct 2025 07:40:17 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:17:0a:2b:2b:5d:52:25:93:01:2e:b3:c7:06:5c:1e:ab:30:7d:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 07:40:17 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=55a0fc88e50f8c4c4fbca6978ead9dfdaf218fdbc5edadbd8eb9a821b50b1a4e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:24:62:1b:ea:a7:0b:da:b4:3e:35:84:53:ee: 91:bb:9d:a1:99:cf:a1:b8:ca:b8:57:8d:92:d6:0f: 9a:5c:ae:01:05:52:e6:d9:2e:11:29:5b:d8:da:03: 86:89:55:24:03:ab:0a:8a:03:d3:e1:5b:c4:df:25: d1:94:c1:4e:97:93:38:3c:f9:4d:70:7b:ff:c8:ff: 6b:2f:00:23:23:3c:37:ea:8c:61:0b:07:8d:d9:54: 9f:d9:8b:e1:6c:23:43:29:bb:82:bc:d6:e0:2b:a6: b4:b0:ed:ff:56:a7:25:b9:39:38:3f:d7:d3:43:47: 51:a4:50:bf:ce:d9:c3:8b:dc:b9:ec:40:e2:ab:70: 8e:c9:40:9f:37:22:2a:1b:10:0f:a6:69:9d:d4:77: c1:5e:e7:9f:8e:4f:7a:43:f0:5d:d1:c6:e2:f3:2c: 5d:99:e5:5c:e2:cb:ca:bd:40:ed:df:6f:64:7a:be: 4b:15:85:27:af:e8:32:21:7b:59:2b:80:b3:58:2e: 63:ea:00:e8:58:aa:09:f7:78:a1:f6:75:fc:2d:9b: 68:01:78:6a:13:63:00:54:24:71:d7:42:a4:b2:30: 57:a9:65:10:32:46:29:b7:17:da:fb:6a:80:58:88: 27:c1:58:b9:78:65:20:89:7c:e2:ad:e5:7f:61:50: b7:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:E4:1C:7A:E6:88:94:DE:76:19:72:43:9E:32:21:B4:A3:21:90:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5f2c348-d70e-4cce-8551-1227fa964263.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:f000::/40 Signature Algorithm: sha256WithRSAEncryption 0d:f8:70:83:8f:3a:74:53:c3:25:70:ba:74:8b:b7:38:4f:8a: a2:30:a5:41:1c:fb:08:5d:d9:19:cb:ea:78:92:a3:14:92:20: 05:02:51:b7:83:b3:f5:75:15:61:2f:46:b0:a0:4c:05:4f:05: f0:63:d3:71:1d:f3:d6:58:2e:bb:15:c1:49:37:9b:f2:fa:e0: bc:83:91:e9:af:2f:56:41:23:cf:56:ff:48:ca:fd:92:68:28: f1:b6:4a:ef:43:94:a7:a2:38:67:08:0b:a9:b9:ef:60:ea:40: 7a:10:de:48:f1:5b:6e:8b:28:0b:b8:27:b4:55:bd:97:9d:1e: 8a:85:75:01:89:df:58:ed:69:7a:47:94:a9:5c:e4:9a:8a:d5: 51:bd:6a:20:62:10:a6:85:3d:35:17:25:36:52:57:7e:20:9a: 25:a0:58:d4:53:88:4a:e7:a4:ab:bd:e9:f3:59:dc:d6:7d:d8: 6b:46:44:0b:06:74:3a:8a:da:26:a4:56:a7:0d:36:1c:10:8e: 81:d0:a2:7f:a4:38:61:78:b8:cf:03:f8:51:bb:d6:2e:3c:e5: cf:28:33:39:a5:d1:1b:75:52:7d:c6:ea:35:88:3e:74:45:67: c4:41:e3:41:1d:0e:14:66:d6:72:b5:ae:a4:1b:f0:88:91:62: bb:1c:0e:59 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSBcKKytdUiWTAS6zxwZcHqswfWkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTA3NDAxN1oX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNANTVhMGZjODhlNTBmOGM0YzRmYmNh Njk3OGVhZDlkZmRhZjIxOGZkYmM1ZWRhZGJkOGViOWE4MjFiNTBiMWE0ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSRiG+qnC9q0PjWEU+6Ru52hmc+h uMq4V42S1g+aXK4BBVLm2S4RKVvY2gOGiVUkA6sKigPT4VvE3yXRlMFOl5M4PPlN cHv/yP9rLwAjIzw36oxhCweN2VSf2YvhbCNDKbuCvNbgK6a0sO3/VqcluTk4P9fT Q0dRpFC/ztnDi9y57EDiq3COyUCfNyIqGxAPpmmd1HfBXuefjk96Q/Bd0cbi8yxd meVc4svKvUDt329ker5LFYUnr+gyIXtZK4CzWC5j6gDoWKoJ93ih9nX8LZtoAXhq E2MAVCRx10KksjBXqWUQMkYptxfa+2qAWIgnwVi5eGUgiXzireV/YVC31QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNfkHHrmiJTedhlyQ54yIbSjIZASMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M1ZjJjMzQ4LWQ3MGUtNGNjZS04NTUxLTEyMjdmYTk2NDI2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6vAwDQYJKoZIhvcNAQELBQADggEBAA34cIOPOnRTwyVwunSL tzhPiqIwpUEc+whd2RnL6niSoxSSIAUCUbeDs/V1FWEvRrCgTAVPBfBj03Ed89ZY LrsVwUk3m/L64LyDkemvL1ZBI89W/0jK/ZJoKPG2Su9DlKeiOGcIC6m572DqQHoQ 3kjxW26LKAu4J7RVvZedHoqFdQGJ31jtaXpHlKlc5JqK1VG9aiBiEKaFPTUXJTZS V34gmiWgWNRTiErnpKu96fNZ3NZ92GtGRAsGdDqK2iakVqcNNhwQjoHQon+kOGF4 uM8D+FG71i485c8oMzml0Rt1Un3G6jWIPnRFZ8RB40EdDhRm1nK1rqQb8IiRYrsc Dlk= -----END CERTIFICATE-----Generated at Wed Nov 5 05:36:44 2025 by rpki-client