$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa File: f5395226-d3ec-4c71-b20c-8c04577c7df0.roa (raw, json) Hash identifier: uPp1zghYQuNMtYmy0qhB3LEuuEmIlY+ufqS43DQjXes= Subject key identifier: 14:AF:3E:57:3F:BB:2A:9C:5B:DA:1B:6B:5D:69:D6:12:97:4D:06:FD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 72DF7D6D603F43550E32773B674129A63DB491F8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa Signing time: Wed 15 Oct 2025 00:10:32 +0000 ROA not before: Wed 15 Oct 2025 00:10:32 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:df:7d:6d:60:3f:43:55:0e:32:77:3b:67:41:29:a6:3d:b4:91:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:10:32 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=5e783025af58bd30807395515ea219b81796cac10e52c1eccffed4a4460a5904, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:bf:46:e1:35:90:05:2e:c8:cf:ab:2d:fe:1b: 1d:2c:22:62:e2:aa:99:ee:90:c8:c4:08:06:84:36: a5:76:04:1c:57:7a:46:9c:6e:16:6c:fe:73:16:20: 05:86:85:9f:61:e8:9b:cc:b0:c0:14:a4:65:67:1f: 9f:05:40:fe:d2:3e:0b:05:61:c7:86:a2:be:89:07: 00:10:8b:d4:16:14:36:cf:96:77:57:cb:49:55:ba: f9:41:13:7c:25:7b:23:ba:dc:dc:b2:7c:1a:ff:22: 56:33:be:51:a2:a9:a7:f7:5a:7f:9f:4c:83:91:2a: e5:25:c1:ac:c9:a5:67:49:1d:f4:0d:33:57:11:e9: d3:78:64:e7:d8:bf:c6:f0:cb:7f:50:a6:79:b9:77: 34:e9:bc:88:7d:70:c4:16:d4:6d:fa:eb:27:40:51: 7f:bb:2b:6c:e1:c0:67:a9:35:4c:bb:9c:cb:b1:0b: d2:9e:94:8d:e6:01:1e:85:f7:16:c9:c3:02:20:b3: 4c:98:16:e0:2f:15:64:fa:b7:67:df:3e:28:2d:b3: da:05:e6:1e:ca:11:19:5d:25:7a:49:d6:1d:8d:c2: 02:ba:d7:20:de:6b:b6:14:73:ec:6f:3a:13:37:7e: ce:eb:df:ff:90:5d:aa:58:a9:98:74:29:ce:b1:d3: 33:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:AF:3E:57:3F:BB:2A:9C:5B:DA:1B:6B:5D:69:D6:12:97:4D:06:FD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:9000::/40 Signature Algorithm: sha256WithRSAEncryption 44:b0:0e:f5:99:42:47:52:e6:16:b8:99:59:52:2e:26:85:c9: 09:99:1d:09:1f:f6:5a:14:76:03:74:4c:8d:a8:bb:27:0b:49: cb:56:5e:c3:2c:a8:f0:5b:f1:67:65:79:82:7c:45:0f:07:4e: 44:8f:33:f3:0f:85:4c:62:e8:3b:59:f2:1a:41:37:09:86:7b: 63:c9:f6:70:0a:89:3b:a5:fb:1b:1a:9d:51:1f:5a:e4:4a:cb: d6:0e:fd:34:8b:a6:d7:0a:86:18:1e:c6:53:4a:93:43:cc:c3: 7d:b9:03:db:99:fe:3f:16:d5:46:c0:35:87:cb:54:b7:a2:0c: 28:3f:82:0f:dc:26:c7:01:79:9d:12:55:14:04:17:f5:1b:68: d7:2a:fb:8f:01:7c:d1:92:b3:c0:83:d9:78:a4:47:f0:c1:26: 3b:bc:d7:96:d4:44:60:3a:f6:7f:18:de:44:92:fa:fe:52:b0: a9:f1:db:c0:b5:36:a3:a1:eb:35:1b:44:61:56:be:dc:a6:d2: 82:36:d5:0c:50:60:3d:bf:63:c3:dc:30:66:0c:23:6b:03:8d: 88:c9:d7:70:4f:f6:42:00:17:6d:9f:43:d7:34:1d:06:6e:3d: 59:a9:fd:72:94:7b:62:47:4e:98:7e:9f:3b:49:30:8c:64:fc: 3f:2e:65:56 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUct99bWA/Q1UOMnc7Z0Eppj20kfgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMTAzMloX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNANWU3ODMwMjVhZjU4YmQzMDgwNzM5 NTUxNWVhMjE5YjgxNzk2Y2FjMTBlNTJjMWVjY2ZmZWQ0YTQ0NjBhNTkwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r9G4TWQBS7Iz6st/hsdLCJi4qqZ 7pDIxAgGhDaldgQcV3pGnG4WbP5zFiAFhoWfYeibzLDAFKRlZx+fBUD+0j4LBWHH hqK+iQcAEIvUFhQ2z5Z3V8tJVbr5QRN8JXsjutzcsnwa/yJWM75Roqmn91p/n0yD kSrlJcGsyaVnSR30DTNXEenTeGTn2L/G8Mt/UKZ5uXc06byIfXDEFtRt+usnQFF/ uyts4cBnqTVMu5zLsQvSnpSN5gEehfcWycMCILNMmBbgLxVk+rdn3z4oLbPaBeYe yhEZXSV6SdYdjcICutcg3mu2FHPsbzoTN37O69//kF2qWKmYdCnOsdMzAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBSvPlc/uyqcW9oba11p1hKXTQb9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y1Mzk1MjI2LWQzZWMtNGM3MS1iMjBjLThjMDQ1NzdjN2RmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoJAwDQYJKoZIhvcNAQELBQADggEBAESwDvWZQkdS5ha4mVlS LiaFyQmZHQkf9loUdgN0TI2ouycLSctWXsMsqPBb8WdleYJ8RQ8HTkSPM/MPhUxi 6DtZ8hpBNwmGe2PJ9nAKiTul+xsanVEfWuRKy9YO/TSLptcKhhgexlNKk0PMw325 A9uZ/j8W1UbANYfLVLeiDCg/gg/cJscBeZ0SVRQEF/UbaNcq+48BfNGSs8CD2Xik R/DBJju815bURGA69n8Y3kSS+v5SsKnx28C1NqOh6zUbRGFWvtym0oI21QxQYD2/ Y8PcMGYMI2sDjYjJ13BP9kIAF22fQ9c0HQZuPVmp/XKUe2JHTph+nztJMIxk/D8u ZVY= -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:14 2025 by rpki-client