$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd1cb1ff-b15b-4b4e-bd7b-a532e884b784.roa File: fd1cb1ff-b15b-4b4e-bd7b-a532e884b784.roa (raw, json) Hash identifier: 6FWe4R/3QLX9o18934Cn2H2rLewJiryW6gzqAP0R1UM= Subject key identifier: 1B:81:F8:7C:04:B6:02:F6:50:D8:D6:1C:D2:DE:54:AE:ED:8F:60:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4AC2D7B1A4A8C4660EE578399C480092FED8E7AB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd1cb1ff-b15b-4b4e-bd7b-a532e884b784.roa Signing time: Wed 29 Oct 2025 00:10:27 +0000 ROA not before: Wed 29 Oct 2025 00:10:27 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:60c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:c2:d7:b1:a4:a8:c4:66:0e:e5:78:39:9c:48:00:92:fe:d8:e7:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:10:27 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=c7f358fa60da1bc69c4056ce0b7a1d2dcd712efb7c8cfc3414502301f225a0ca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:0a:71:23:35:0c:41:1c:b1:f0:a6:27:b3:11: 05:b9:aa:ca:50:d3:09:84:37:1c:53:68:37:45:32: 08:07:4d:fe:56:f7:90:e3:f4:b3:80:09:21:b6:ba: f0:50:79:4a:f2:d6:39:71:f0:fe:72:3c:67:3f:b0: 43:d5:77:ff:18:1c:fe:dd:86:d2:3d:0b:4c:90:9a: ce:07:99:ff:69:fd:9c:7f:06:12:90:6c:cb:4c:e2: 2d:a1:1b:e7:0d:3f:63:0a:11:a9:52:b8:14:68:b6: 04:ff:74:1e:18:73:fe:2a:ef:a6:f4:7c:40:39:9d: f1:c4:92:66:25:85:76:99:9d:7c:02:90:a0:15:47: 9d:68:3a:fd:3a:2b:56:33:6e:24:ad:ca:90:04:92: f0:95:c2:8b:3a:1b:1a:00:35:31:17:7b:f4:07:87: de:2c:f2:59:dd:80:98:d0:10:cb:57:ba:97:d5:2a: ff:98:ea:b2:4f:24:e2:a7:23:2f:b7:9e:ee:69:02: 4a:1a:cd:24:2d:54:68:fc:cb:08:97:68:e2:05:06: 36:52:5a:52:d2:1f:66:86:74:fa:b2:32:92:6a:da: a2:d9:22:60:18:aa:08:3d:8d:50:90:05:f8:ce:2a: 3e:df:93:90:a8:06:8b:88:cb:6d:de:10:65:ad:f8: af:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:81:F8:7C:04:B6:02:F6:50:D8:D6:1C:D2:DE:54:AE:ED:8F:60:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd1cb1ff-b15b-4b4e-bd7b-a532e884b784.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:60c0::/46 Signature Algorithm: sha256WithRSAEncryption 4c:2b:d0:aa:27:6c:7f:fa:d3:3c:44:e4:d4:98:ae:98:47:89: d5:6f:4f:f0:c8:21:6d:56:a9:e0:bc:2c:14:d3:ad:66:8d:0f: ad:9f:ad:5f:48:5c:97:3d:57:5e:40:1d:a0:c5:fe:76:f1:de: df:0c:89:79:65:16:0d:1c:ee:13:e2:ae:8f:07:f3:18:a0:cf: 6e:ff:59:1f:d8:a0:49:17:d2:d0:66:22:e3:5e:a2:2d:8d:27: aa:4b:67:75:1d:1b:26:5f:9b:97:e9:7e:a3:93:25:e0:a3:0c: 8f:e1:6e:dd:ec:41:5d:b3:99:29:e3:06:e8:5b:bd:17:5b:9f: 13:f3:94:c0:5f:00:36:cc:9e:c4:ec:86:0b:d6:43:cb:ee:63: 52:5f:6e:f2:5f:fb:89:f5:fb:6c:4f:3d:09:fd:3a:05:1c:62: ff:12:a7:b8:11:60:a0:53:23:f4:4a:e9:1a:cc:6c:ab:80:ff: 9f:4e:fa:91:cb:d2:23:f0:1e:a7:f8:13:49:94:6a:2c:e6:f1: 6d:d1:7c:76:4a:a8:cc:6b:7b:b2:20:21:39:1e:b6:92:6d:d7: 9c:f6:a6:16:59:f3:3d:f5:c2:ba:53:e5:48:51:99:e5:e6:72: 18:54:b0:f9:9a:4e:b2:71:d9:8c:bd:bf:b9:43:2a:93:f6:b7: 35:60:81:81 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSsLXsaSoxGYO5Xg5nEgAkv7Y56swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMTAyN1oX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAYzdmMzU4ZmE2MGRhMWJjNjljNDA1 NmNlMGI3YTFkMmRjZDcxMmVmYjdjOGNmYzM0MTQ1MDIzMDFmMjI1YTBjYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwpxIzUMQRyx8KYnsxEFuarKUNMJ hDccU2g3RTIIB03+VveQ4/SzgAkhtrrwUHlK8tY5cfD+cjxnP7BD1Xf/GBz+3YbS PQtMkJrOB5n/af2cfwYSkGzLTOItoRvnDT9jChGpUrgUaLYE/3QeGHP+Ku+m9HxA OZ3xxJJmJYV2mZ18ApCgFUedaDr9OitWM24krcqQBJLwlcKLOhsaADUxF3v0B4fe LPJZ3YCY0BDLV7qX1Sr/mOqyTyTipyMvt57uaQJKGs0kLVRo/MsIl2jiBQY2UlpS 0h9mhnT6sjKSatqi2SJgGKoIPY1QkAX4zio+35OQqAaLiMtt3hBlrfivtQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBuB+HwEtgL2UNjWHNLeVK7tj2D6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZkMWNiMWZmLWIxNWItNGI0ZS1iZDdiLWE1MzJlODg0Yjc4NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba82DAMA0GCSqGSIb3DQEBCwUAA4IBAQBMK9CqJ2x/+tM8ROTU mK6YR4nVb0/wyCFtVqngvCwU061mjQ+tn61fSFyXPVdeQB2gxf528d7fDIl5ZRYN HO4T4q6PB/MYoM9u/1kf2KBJF9LQZiLjXqItjSeqS2d1HRsmX5uX6X6jkyXgowyP 4W7d7EFds5kp4wboW70XW58T85TAXwA2zJ7E7IYL1kPL7mNSX27yX/uJ9ftsTz0J /ToFHGL/Eqe4EWCgUyP0SukazGyrgP+fTvqRy9Ij8B6n+BNJlGos5vFt0Xx2SqjM a3uyICE5HraSbdec9qYWWfM99cK6U+VIUZnl5nIYVLD5mk6ycdmMvb+5QyqT9rc1 YIGB -----END CERTIFICATE-----Generated at Wed Nov 5 21:10:02 2025 by rpki-client