$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6622abc-f896-4288-ad4e-5c52c1eaf806.roa File: d6622abc-f896-4288-ad4e-5c52c1eaf806.roa (raw, json) Hash identifier: KMFyaPoJEP5H2EUCzna0Cvvv0G/UMJPvNSZl7odGIRg= Subject key identifier: 76:84:65:2F:26:A9:9E:D3:69:25:E8:58:EF:0B:EF:1E:51:B4:D9:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B7C58815FD99A9004BB3DCB466F76AE793E8CF4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6622abc-f896-4288-ad4e-5c52c1eaf806.roa Signing time: Sun 02 Nov 2025 00:00:34 +0000 ROA not before: Sun 02 Nov 2025 00:00:34 +0000 ROA not after: Sun 07 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:7c:58:81:5f:d9:9a:90:04:bb:3d:cb:46:6f:76:ae:79:3e:8c:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 2 00:00:34 2025 GMT Not After : Dec 7 23:59:59 2025 GMT Subject: serialNumber=5a6465a766351b30a98314dae826333419aa1e27eb44aca8a9a8cfa46a8d93f9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:bd:20:9f:01:e2:12:03:2d:5b:d1:c1:d0:4f: 40:7d:7b:05:48:6b:bd:c4:fd:a3:05:cb:fe:d1:5d: 70:21:fa:f9:68:33:74:99:04:d5:df:e7:9d:03:c8: 7a:ed:35:3b:9b:14:e8:c7:a6:21:ab:e3:32:fc:cb: f5:20:21:8b:d8:4d:1e:37:bd:b2:dd:25:95:02:05: bd:a8:14:63:70:d1:ee:bb:e9:44:01:d4:05:8e:55: 15:bb:e3:32:d0:75:9a:58:e4:2d:4d:7a:4f:60:41: 19:e8:06:6f:64:26:e0:20:26:06:1c:92:f6:23:83: 62:b5:ab:6b:e9:1d:a5:0f:ef:16:2d:00:76:35:b7: 29:9a:16:e6:a6:c9:cc:c4:2a:b1:60:34:63:37:33: 2e:4f:8f:e7:d7:97:d2:43:e7:f4:56:15:6d:e5:ef: ec:75:54:31:29:b4:5d:32:66:ac:03:e6:da:1e:97: 90:36:fc:16:94:96:ba:d6:fc:d2:a9:b5:10:b5:49: 3a:66:78:41:b2:b2:23:b1:86:f7:c8:7c:f1:e7:21: df:7d:7c:fb:5b:c2:64:13:34:a2:e9:e0:c3:dc:e4: 1b:6b:21:55:05:68:eb:16:28:4a:88:c6:42:2a:2d: c0:4d:94:87:43:81:7f:6c:78:95:10:b9:d0:4b:d1: a1:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:84:65:2F:26:A9:9E:D3:69:25:E8:58:EF:0B:EF:1E:51:B4:D9:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6622abc-f896-4288-ad4e-5c52c1eaf806.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:4800::/40 Signature Algorithm: sha256WithRSAEncryption 1a:7e:6a:58:f9:f3:13:2b:21:c5:20:f0:37:b2:ac:22:28:94: 30:14:2b:1b:3a:3a:d4:ee:28:2d:3a:63:ff:54:84:52:7f:89: 44:80:49:66:e7:8a:17:1f:5f:e3:b2:a0:11:b5:03:f9:f2:15: d8:50:a1:1f:05:62:f9:75:18:b8:2c:64:0a:af:0c:03:7b:78: 21:4b:60:8e:9e:f7:f8:b4:53:69:29:88:3f:b5:ef:b1:30:c2: 30:19:03:72:60:b3:39:75:a3:1f:82:f3:c1:c7:78:22:80:8c: 6d:4f:5b:3d:9f:b7:5a:a1:aa:33:9d:99:b4:58:28:77:0a:3d: ff:66:e7:6c:bd:54:bc:76:a7:a6:5c:93:97:78:28:b3:2b:f4: bf:e8:67:93:10:83:5f:0f:2c:02:b6:39:2a:af:1a:3f:72:2b: ed:d7:80:65:75:50:3f:61:66:7f:2f:08:ae:0f:a8:09:b9:e1: c4:57:53:16:79:da:cd:da:98:c9:fe:e3:7d:a1:17:34:af:ab: ef:b0:0a:bc:0a:f7:11:24:1d:b7:a8:40:0c:7c:7e:ce:dc:ae: d6:ee:34:31:d8:35:37:67:4b:ac:56:d9:41:9f:9d:97:5e:87: b9:fa:13:4a:b4:d1:19:02:90:84:b9:c8:b9:72:f1:62:ba:7d: 22:60:85:62 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUe3xYgV/ZmpAEuz3LRm92rnk+jPQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMjAwMDAzNFoX DTI1MTIwNzIzNTk1OVowejFJMEcGA1UEBRNANWE2NDY1YTc2NjM1MWIzMGE5ODMx NGRhZTgyNjMzMzQxOWFhMWUyN2ViNDRhY2E4YTlhOGNmYTQ2YThkOTNmOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL0gnwHiEgMtW9HB0E9AfXsFSGu9 xP2jBcv+0V1wIfr5aDN0mQTV3+edA8h67TU7mxTox6Yhq+My/Mv1ICGL2E0eN72y 3SWVAgW9qBRjcNHuu+lEAdQFjlUVu+My0HWaWOQtTXpPYEEZ6AZvZCbgICYGHJL2 I4Nitatr6R2lD+8WLQB2NbcpmhbmpsnMxCqxYDRjNzMuT4/n15fSQ+f0VhVt5e/s dVQxKbRdMmasA+baHpeQNvwWlJa61vzSqbUQtUk6ZnhBsrIjsYb3yHzx5yHffXz7 W8JkEzSi6eDD3OQbayFVBWjrFihKiMZCKi3ATZSHQ4F/bHiVELnQS9GhdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHaEZS8mqZ7TaSXoWO8L7x5RtNkQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q2NjIyYWJjLWY4OTYtNDI4OC1hZDRlLTVjNTJjMWVhZjgwNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYEgwDQYJKoZIhvcNAQELBQADggEBABp+alj58xMrIcUg8Dey rCIolDAUKxs6OtTuKC06Y/9UhFJ/iUSASWbnihcfX+OyoBG1A/nyFdhQoR8FYvl1 GLgsZAqvDAN7eCFLYI6e9/i0U2kpiD+177EwwjAZA3Jgszl1ox+C88HHeCKAjG1P Wz2ft1qhqjOdmbRYKHcKPf9m52y9VLx2p6Zck5d4KLMr9L/oZ5MQg18PLAK2OSqv Gj9yK+3XgGV1UD9hZn8vCK4PqAm54cRXUxZ52s3amMn+432hFzSvq++wCrwK9xEk HbeoQAx8fs7crtbuNDHYNTdnS6xW2UGfnZdeh7n6E0q00RkCkIS5yLly8WK6fSJg hWI= -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:33 2025 by rpki-client