$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa File: d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa (raw, json) Hash identifier: EtlnUUBM6Ox5yabZ/QqVvlC4Pl2voBNZiSgSqHYHxvQ= Subject key identifier: FF:02:B8:D3:BB:77:20:16:67:B8:27:A7:FC:CD:D0:B0:CB:24:84:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 32C8BBAB2A8567A2432E2534EE8844167A44DD0E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa Signing time: Tue 21 Oct 2025 00:00:05 +0000 ROA not before: Tue 21 Oct 2025 00:00:05 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:c8:bb:ab:2a:85:67:a2:43:2e:25:34:ee:88:44:16:7a:44:dd:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:05 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=3ddd841785bb67a60f19d2ea935d7b1f1d46367e4427ccf670ad71f845fda3aa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8b:08:ca:8d:ef:86:fb:bb:e4:2f:60:07:6c: b8:24:5a:14:71:92:b5:60:bf:f2:60:6d:28:a1:9c: e0:86:02:2a:87:c6:35:27:fe:73:aa:4b:1b:b3:4e: cc:eb:37:02:9a:b0:10:8a:1c:1a:fa:ff:71:ce:a9: 8d:9c:a5:64:25:6f:c0:97:b0:e5:b7:65:61:d7:6f: 9d:f4:19:0e:d5:b7:30:5d:da:a8:87:ff:40:f9:93: 47:7c:77:56:ae:0f:cc:a4:e9:cb:40:93:d3:31:96: 73:51:45:cd:a8:63:46:f4:c0:aa:e1:10:0c:28:54: 71:d0:40:cb:ad:ec:ae:f7:d8:8f:5d:63:00:4e:e7: 78:a3:5a:35:d1:4b:18:ba:9e:8f:ec:f1:6f:e9:53: 1e:ac:66:73:87:47:d2:82:45:53:0f:df:26:09:f1: b0:9c:90:ed:5a:23:5f:89:7a:9b:88:26:92:c6:82: a3:4f:bd:8d:2e:1d:78:60:96:1e:61:23:9a:d8:59: 06:eb:9d:f4:77:70:98:bc:f5:85:be:06:e5:fc:38: ad:5f:24:78:a1:58:87:c0:7f:47:0f:e5:51:4d:b8: c0:93:b1:4e:b1:e5:da:98:b1:c7:91:26:7b:a2:8e: f9:8c:6d:d8:2a:91:24:63:c3:3b:60:f3:64:4b:15: f3:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:02:B8:D3:BB:77:20:16:67:B8:27:A7:FC:CD:D0:B0:CB:24:84:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:2800::/40 Signature Algorithm: sha256WithRSAEncryption 0e:8b:e3:6d:e8:06:ef:05:80:28:8c:a8:f0:08:c1:59:3e:4c: c5:d9:82:91:5c:d5:61:dd:f3:96:e8:a6:ef:ab:f7:29:ca:d8: 2b:55:34:4a:21:7b:80:9a:0f:66:6d:b1:9a:57:9e:1f:17:bf: 31:e2:bd:af:56:6f:97:d3:7d:3c:5b:22:b4:0f:ed:50:fc:43: ea:cb:db:69:fc:58:0f:1e:a1:96:75:d8:2a:41:01:42:f6:a4: f6:b3:d9:ba:29:e0:93:e4:7c:e0:fc:e5:80:a7:94:89:8b:7b: 62:cd:a3:df:0f:0b:77:1a:51:ab:b5:82:a2:6f:58:1a:88:2b: 87:df:6c:c3:2e:4e:b2:52:5c:dd:7a:06:96:fc:86:fd:a5:5f: 84:54:35:e0:33:74:86:c7:c7:92:9a:b1:35:ed:eb:71:b3:15: a4:cc:29:d6:09:28:cf:52:36:92:b8:6d:ee:ba:67:7f:5a:68: d7:0c:38:cd:0f:5a:8b:5f:00:7b:a6:5d:e2:a3:00:15:a1:dc: 0f:94:85:0a:de:c6:bc:46:16:87:6c:14:b1:f0:49:bb:03:92: 91:f7:e6:6a:dd:e5:76:9e:5a:8a:dc:1f:6a:10:ea:97:1a:41: 24:54:28:09:07:9c:f5:c4:fd:af:ba:ab:24:87:25:4d:14:95: a3:68:61:e0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMsi7qyqFZ6JDLiU07ohEFnpE3Q4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDAwNVoX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNAM2RkZDg0MTc4NWJiNjdhNjBmMTlk MmVhOTM1ZDdiMWYxZDQ2MzY3ZTQ0MjdjY2Y2NzBhZDcxZjg0NWZkYTNhYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4sIyo3vhvu75C9gB2y4JFoUcZK1 YL/yYG0ooZzghgIqh8Y1J/5zqksbs07M6zcCmrAQihwa+v9xzqmNnKVkJW/Al7Dl t2Vh12+d9BkO1bcwXdqoh/9A+ZNHfHdWrg/MpOnLQJPTMZZzUUXNqGNG9MCq4RAM KFRx0EDLreyu99iPXWMATud4o1o10UsYup6P7PFv6VMerGZzh0fSgkVTD98mCfGw nJDtWiNfiXqbiCaSxoKjT72NLh14YJYeYSOa2FkG6530d3CYvPWFvgbl/DitXyR4 oViHwH9HD+VRTbjAk7FOseXamLHHkSZ7oo75jG3YKpEkY8M7YPNkSxXzdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP8CuNO7dyAWZ7gnp/zN0LDLJIRAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q0M2EyZTU2LTJkNTgtNGM3ZC04ZWUyLTBjYTZhYzhhNjI3NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7ygwDQYJKoZIhvcNAQELBQADggEBAA6L423oBu8FgCiMqPAI wVk+TMXZgpFc1WHd85bopu+r9ynK2CtVNEohe4CaD2ZtsZpXnh8XvzHiva9Wb5fT fTxbIrQP7VD8Q+rL22n8WA8eoZZ12CpBAUL2pPaz2bop4JPkfOD85YCnlImLe2LN o98PC3caUau1gqJvWBqIK4ffbMMuTrJSXN16Bpb8hv2lX4RUNeAzdIbHx5KasTXt 63GzFaTMKdYJKM9SNpK4be66Z39aaNcMOM0PWotfAHumXeKjABWh3A+UhQrexrxG FodsFLHwSbsDkpH35mrd5XaeWorcH2oQ6pcaQSRUKAkHnPXE/a+6qySHJU0UlaNo YeA= -----END CERTIFICATE-----Generated at Wed Nov 5 11:31:50 2025 by rpki-client