$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e753598e-1ecf-44ae-b979-871b11fed24b.roa File: e753598e-1ecf-44ae-b979-871b11fed24b.roa (raw, json) Hash identifier: abi2GjUh5JS2bA+4i5vz5YYpUA85VRNbkMW9oEGi1Sg= Subject key identifier: BA:34:D0:DC:F2:CE:A8:CC:C3:91:36:54:B3:1A:B1:7E:FC:F1:CE:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2A9DC235A6442A398A181516EDCAA8CC1191B247 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e753598e-1ecf-44ae-b979-871b11fed24b.roa Signing time: Wed 05 Nov 2025 00:01:03 +0000 ROA not before: Wed 05 Nov 2025 00:01:03 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:a0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:9d:c2:35:a6:44:2a:39:8a:18:15:16:ed:ca:a8:cc:11:91:b2:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:01:03 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=efe25a0e31082097f2d840e1799312835487edd603a62711b7a2652169db764a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:1a:e8:18:06:71:18:8f:73:20:d8:ad:16:9d: cd:69:f0:f8:e5:87:e1:19:58:00:4d:b2:bc:ff:54: 5b:dc:c0:a3:b0:00:13:1f:89:ed:6d:51:2e:5c:7e: 24:a9:6a:6b:d3:17:98:8b:03:2e:e1:38:a7:11:fc: 8a:21:fe:9d:6f:37:cc:cf:ea:2a:b5:e2:0b:cd:80: 70:ac:10:c6:83:8a:0f:98:59:67:d4:4f:b3:bf:7f: aa:74:75:66:a9:32:d4:de:fd:e0:69:da:dc:12:80: 85:14:6b:5e:df:15:6d:d7:90:9a:40:94:03:83:43: ea:02:42:52:61:bf:a7:94:0f:88:a2:5a:b0:31:f0: a9:25:c0:18:6e:20:2e:9f:2c:f6:38:19:b8:5f:6c: 7e:2b:30:ef:35:b5:52:5d:d7:3b:22:e2:16:08:63: 7a:18:21:03:44:1f:65:b1:eb:28:6e:41:f5:6b:ef: 1c:66:56:f2:3d:5a:bb:dd:17:e9:73:f0:3e:8e:b2: 30:44:95:93:53:a4:e0:d0:1f:2b:f4:5f:66:30:25: b8:c3:1f:4e:ef:69:ae:7b:5d:46:40:73:12:a9:8b: 51:72:b1:db:ac:7e:04:c9:fd:b2:f0:35:e9:07:7f: 78:c9:a4:65:8c:6e:a3:a7:ec:a1:e6:9f:84:f2:9a: cc:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:34:D0:DC:F2:CE:A8:CC:C3:91:36:54:B3:1A:B1:7E:FC:F1:CE:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e753598e-1ecf-44ae-b979-871b11fed24b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:a0c0::/48 Signature Algorithm: sha256WithRSAEncryption 29:61:1b:7f:87:73:58:f4:52:b1:f7:96:53:c4:97:9a:77:e3: 24:da:4a:56:f9:5b:31:68:1b:41:64:85:24:5b:26:0a:89:a9: 0f:19:92:8c:e9:ab:e4:b2:54:ed:7e:8c:da:8c:70:ca:3c:07: 6c:8d:88:c8:3b:23:90:4a:4f:c1:2d:48:ec:35:fc:cb:69:b3: 8b:bd:67:a5:2a:d7:e7:74:57:1e:0c:88:ea:18:0f:7d:09:a6: 8a:e1:07:5d:25:47:92:da:a9:16:ba:bf:23:86:7d:1c:e3:ab: 8d:f9:60:5a:c1:f7:82:31:bb:7a:fb:f8:af:8d:15:d2:48:b4: f1:49:6f:78:c4:d7:74:eb:f1:fd:3d:09:56:08:36:e2:a0:85: 20:d1:fd:87:36:ef:0f:9b:88:b3:e4:03:9b:ca:93:7a:e3:65: 04:fa:25:9c:12:42:7a:65:2c:6e:71:f1:9b:6a:c6:83:6a:2f: 48:9d:dd:4d:b1:81:fb:cc:bf:87:ea:48:1e:73:6a:6d:27:91: 3e:1a:45:cc:8b:f1:2b:38:ba:be:26:a3:7b:a9:98:df:d2:18: 96:54:e1:9d:60:42:fd:95:39:13:07:b6:a5:f1:1e:69:58:88: 63:ed:fe:8a:5d:2c:f5:e9:47:fb:f9:15:98:45:d4:c7:d7:55: 39:46:9f:15 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKp3CNaZEKjmKGBUW7cqozBGRskcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDEwM1oX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZWZlMjVhMGUzMTA4MjA5N2YyZDg0 MGUxNzk5MzEyODM1NDg3ZWRkNjAzYTYyNzExYjdhMjY1MjE2OWRiNzY0YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRroGAZxGI9zINitFp3NafD45Yfh GVgATbK8/1Rb3MCjsAATH4ntbVEuXH4kqWpr0xeYiwMu4TinEfyKIf6dbzfMz+oq teILzYBwrBDGg4oPmFln1E+zv3+qdHVmqTLU3v3gadrcEoCFFGte3xVt15CaQJQD g0PqAkJSYb+nlA+IolqwMfCpJcAYbiAunyz2OBm4X2x+KzDvNbVSXdc7IuIWCGN6 GCEDRB9lsesobkH1a+8cZlbyPVq73Rfpc/A+jrIwRJWTU6Tg0B8r9F9mMCW4wx9O 72mue11GQHMSqYtRcrHbrH4Eyf2y8DXpB394yaRljG6jp+yh5p+E8prMQQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLo00NzyzqjMw5E2VLMasX788c4lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U3NTM1OThlLTFlY2YtNDRhZS1iOTc5LTg3MWIxMWZlZDI0Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYaDAMA0GCSqGSIb3DQEBCwUAA4IBAQApYRt/h3NY9FKx95ZT xJead+Mk2kpW+VsxaBtBZIUkWyYKiakPGZKM6avkslTtfozajHDKPAdsjYjIOyOQ Sk/BLUjsNfzLabOLvWelKtfndFceDIjqGA99CaaK4QddJUeS2qkWur8jhn0c46uN +WBawfeCMbt6+/ivjRXSSLTxSW94xNd06/H9PQlWCDbioIUg0f2HNu8Pm4iz5AOb ypN642UE+iWcEkJ6ZSxucfGbasaDai9Ind1NsYH7zL+H6kgec2ptJ5E+GkXMi/Er OLq+JqN7qZjf0hiWVOGdYEL9lTkTB7al8R5pWIhj7f6KXSz16Uf7+RWYRdTH11U5 Rp8V -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:15 2025 by rpki-client