$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f49edff2-b901-48af-872b-a91e228adb05.roa File: f49edff2-b901-48af-872b-a91e228adb05.roa (raw, json) Hash identifier: EtDYOYTmAyBS7n3LdlFEoZh63DTMjKxznMSzVe1dwgA= Subject key identifier: 60:22:6C:92:EB:C9:12:F0:88:45:00:10:67:91:71:92:72:A9:5A:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5804E8D965A8D3C008276D927CD6DCBB8CCE06E6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f49edff2-b901-48af-872b-a91e228adb05.roa Signing time: Wed 29 Oct 2025 00:00:09 +0000 ROA not before: Wed 29 Oct 2025 00:00:09 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:9040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:04:e8:d9:65:a8:d3:c0:08:27:6d:92:7c:d6:dc:bb:8c:ce:06:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:00:09 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=b95e833a2a720eb5bcfae41788f6030abfc88e75f529357be52c4078f43089d4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:d3:bd:bf:7c:41:bb:a9:87:68:3f:38:5e:92: 2f:1b:86:28:03:9b:f3:ff:35:b5:95:2e:6a:ba:e3: 78:46:af:50:21:a9:fa:d1:fc:a8:fa:ec:98:50:6f: de:c1:a4:39:b4:f4:a7:93:d6:5a:b0:eb:c5:7c:34: f9:3a:a8:68:0b:38:e9:f9:0f:4c:e1:85:94:e7:76: ad:7f:f7:2a:56:5f:36:e8:56:42:c8:97:ec:42:41: 1e:ed:b3:f3:06:9f:8b:91:42:6a:4b:e9:de:69:36: f1:b6:01:0f:a1:83:cd:e9:af:da:f2:ab:a2:48:6e: 8d:97:79:18:23:8f:0f:68:ab:b5:3b:af:f4:e6:b1: de:a4:36:e7:b4:2d:d4:83:3a:94:73:99:8f:45:97: cf:96:5d:ab:d4:60:39:97:c3:ba:6c:22:8b:11:2a: 19:30:05:e3:b7:44:86:5b:69:17:11:7e:80:3a:2f: 1f:90:df:3e:04:af:69:75:1a:00:6d:30:5c:94:ab: 94:e6:36:b1:e3:d9:8a:aa:f1:60:dc:5e:f9:76:6a: 8f:c0:a3:18:be:92:b0:12:3a:39:05:50:5b:08:c1: f7:f5:b6:3b:c4:e8:9f:59:b1:0b:e2:af:b5:9e:e3: 10:cd:af:df:fc:59:82:1c:c4:5d:a3:7a:12:fd:b2: 22:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:22:6C:92:EB:C9:12:F0:88:45:00:10:67:91:71:92:72:A9:5A:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f49edff2-b901-48af-872b-a91e228adb05.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:9040::/46 Signature Algorithm: sha256WithRSAEncryption 40:b5:c2:bd:a2:f9:bd:5b:a4:82:21:5a:87:f2:82:b6:e8:6f: 54:fc:a3:1b:a7:03:1d:df:44:8a:47:66:42:44:a9:27:a8:2c: 57:7d:01:0a:66:75:58:0a:97:71:cd:bd:92:8d:d8:5c:da:d1: 9e:b8:a0:35:b0:7d:18:c8:3c:7e:83:2b:bd:17:06:b4:a8:9c: 60:a7:7d:ed:ce:a2:31:7f:2b:0b:6a:3a:37:59:57:66:da:3a: a9:d5:29:49:57:f9:da:58:ce:ae:2c:bc:8a:ae:a9:b6:89:cc: 91:0c:03:e3:e4:b1:48:58:d4:9c:20:6f:e8:32:ba:99:90:e6: 84:ab:61:c3:20:b3:60:26:5b:90:06:90:f2:3f:90:e1:80:9d: 3c:4f:fb:6e:82:ee:83:bd:65:40:ab:ca:c2:e7:a7:e0:4f:32: cc:99:a1:72:ab:23:31:10:8e:c9:7e:46:56:6b:5f:ce:97:07: 7a:4b:0c:46:a0:da:11:62:c8:09:c3:79:2a:04:76:05:27:4d: 3d:d9:39:35:1a:09:7d:b6:27:18:ef:28:49:58:14:23:96:fb: 95:bf:fd:f4:0c:fe:22:d6:89:2b:18:83:0b:5a:ef:30:8d:86: 1b:e5:b8:06:ed:5c:2c:fe:14:71:20:67:c5:77:20:c4:58:eb: 87:d5:0a:3a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWATo2WWo08AIJ22SfNbcu4zOBuYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMDAwOVoX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAYjk1ZTgzM2EyYTcyMGViNWJjZmFl NDE3ODhmNjAzMGFiZmM4OGU3NWY1MjkzNTdiZTUyYzQwNzhmNDMwODlkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotO9v3xBu6mHaD84XpIvG4YoA5vz /zW1lS5quuN4Rq9QIan60fyo+uyYUG/ewaQ5tPSnk9ZasOvFfDT5OqhoCzjp+Q9M 4YWU53atf/cqVl826FZCyJfsQkEe7bPzBp+LkUJqS+neaTbxtgEPoYPN6a/a8qui SG6Nl3kYI48PaKu1O6/05rHepDbntC3UgzqUc5mPRZfPll2r1GA5l8O6bCKLESoZ MAXjt0SGW2kXEX6AOi8fkN8+BK9pdRoAbTBclKuU5jax49mKqvFg3F75dmqPwKMY vpKwEjo5BVBbCMH39bY7xOifWbEL4q+1nuMQza/f/FmCHMRdo3oS/bIitQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGAibJLryRLwiEUAEGeRcZJyqVrCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y0OWVkZmYyLWI5MDEtNDhhZi04NzJiLWE5MWUyMjhhZGIwNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba85BAMA0GCSqGSIb3DQEBCwUAA4IBAQBAtcK9ovm9W6SCIVqH 8oK26G9U/KMbpwMd30SKR2ZCRKknqCxXfQEKZnVYCpdxzb2Sjdhc2tGeuKA1sH0Y yDx+gyu9Fwa0qJxgp33tzqIxfysLajo3WVdm2jqp1SlJV/naWM6uLLyKrqm2icyR DAPj5LFIWNScIG/oMrqZkOaEq2HDILNgJluQBpDyP5DhgJ08T/tugu6DvWVAq8rC 56fgTzLMmaFyqyMxEI7JfkZWa1/Olwd6SwxGoNoRYsgJw3kqBHYFJ0092Tk1Ggl9 ticY7yhJWBQjlvuVv/30DP4i1okrGIMLWu8wjYYb5bgG7Vws/hRxIGfFdyDEWOuH 1Qo6 -----END CERTIFICATE-----Generated at Wed Nov 5 07:44:12 2025 by rpki-client