$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa File: 3e8909db-8041-4fde-8d76-0663b8b608ed.roa (raw, json) Hash identifier: w3FEHsjAt9ws2UL3ceZXSiwzHI9XdOWMc/j7ebHD2qA= Subject key identifier: 0B:4C:07:0C:8F:DA:C3:AF:42:7C:2A:29:02:E9:A0:0E:AB:21:B5:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 46E71B37419C1544254C7753A9CEC30CC2E0B2C2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa Signing time: Wed 15 Oct 2025 00:38:41 +0000 ROA not before: Wed 15 Oct 2025 00:38:41 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:e7:1b:37:41:9c:15:44:25:4c:77:53:a9:ce:c3:0c:c2:e0:b2:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:38:41 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=9671d02ff6a5919ef61247d32df982b0fedde29b6a08d4eb735a8f320e69124d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:48:36:50:92:c4:41:d1:8f:f6:79:30:d6:51: 06:e4:62:80:90:16:79:38:5a:5f:e7:7a:51:6f:be: 73:37:95:90:1a:1b:2c:02:9f:fa:c6:7a:43:a3:25: e8:1e:39:a0:56:fd:0a:41:cc:12:8b:94:d2:8b:03: 81:2c:d0:6c:66:03:3e:fd:11:32:a1:91:86:fc:5f: 16:59:83:e9:a6:f0:59:91:88:23:c2:1f:cd:34:57: 16:ff:2b:0d:bd:58:dd:68:bb:2c:6b:bc:db:de:fb: 28:fd:cc:94:5f:24:1d:da:52:7d:05:04:00:19:c5: cc:50:2f:05:2a:de:b0:ff:f0:98:3d:af:0f:32:85: 67:dc:ee:78:bf:76:66:e4:08:25:b5:85:11:08:8f: 32:19:5b:fe:63:0c:fa:0b:d9:41:93:43:35:f7:d4: 3e:f2:e6:f3:31:78:5c:07:15:5b:69:5e:37:2e:43: fd:8b:a6:17:07:40:f9:66:04:d3:68:fd:c1:4a:40: ab:c4:32:06:32:0e:9c:99:b6:dd:d8:9a:e4:e3:20: 54:c2:5f:88:0d:ee:09:5c:d3:67:dc:cd:1a:cb:b1: e1:1d:95:39:14:36:53:da:90:49:cc:c1:1e:6c:b5: 94:0f:db:86:2a:43:85:b8:b0:c6:dd:b3:68:42:e5: c5:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:4C:07:0C:8F:DA:C3:AF:42:7C:2A:29:02:E9:A0:0E:AB:21:B5:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38::/32 Signature Algorithm: sha256WithRSAEncryption 9a:1b:eb:1b:e9:86:f7:73:22:58:a4:8f:51:58:cd:c4:48:64: 9b:7e:11:10:1c:5d:9d:3b:d4:46:c4:07:ff:27:4a:03:93:85: 56:a7:a6:5d:bb:f8:14:a9:36:9d:9b:38:8c:4f:2b:50:4d:97: 18:f7:06:56:67:b3:b1:96:e0:24:8b:bd:5d:91:37:85:1d:03: d6:e4:2b:3c:07:aa:a5:b8:2a:3c:41:58:a6:c7:18:1c:42:48: 19:4c:51:10:27:4e:2f:6f:41:ba:5f:55:fc:eb:a1:58:a1:46: 56:20:24:34:22:3d:77:f2:8d:35:2b:b5:7c:0e:4c:a3:f8:f1: ca:4e:ad:0b:bb:2c:55:14:d4:c0:1e:56:15:b4:7f:a0:60:d1: 30:ec:11:05:52:c9:fb:27:76:3f:ff:5a:7a:89:1b:22:09:7e: 70:78:52:bd:ea:be:00:34:5e:76:c5:22:86:3f:37:60:da:88: 7a:38:5f:07:47:2f:35:d0:b1:3e:a1:56:51:72:f7:7d:c2:6e: 85:09:69:6f:5c:bd:86:48:df:02:82:f2:1a:a3:a6:87:76:66: 65:15:22:a4:6a:8a:6a:d6:e6:42:50:75:26:7a:fb:bd:40:5a: 5b:70:6a:ae:82:9e:75:ca:2f:b3:c0:aa:4c:d3:fb:20:67:96: ec:6a:ee:54 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIURucbN0GcFUQlTHdTqc7DDMLgssIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMzg0MVoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAOTY3MWQwMmZmNmE1OTE5ZWY2MTI0 N2QzMmRmOTgyYjBmZWRkZTI5YjZhMDhkNGViNzM1YThmMzIwZTY5MTI0ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70g2UJLEQdGP9nkw1lEG5GKAkBZ5 OFpf53pRb75zN5WQGhssAp/6xnpDoyXoHjmgVv0KQcwSi5TSiwOBLNBsZgM+/REy oZGG/F8WWYPppvBZkYgjwh/NNFcW/ysNvVjdaLssa7zb3vso/cyUXyQd2lJ9BQQA GcXMUC8FKt6w//CYPa8PMoVn3O54v3Zm5AgltYURCI8yGVv+Ywz6C9lBk0M199Q+ 8ubzMXhcBxVbaV43LkP9i6YXB0D5ZgTTaP3BSkCrxDIGMg6cmbbd2Jrk4yBUwl+I De4JXNNn3M0ay7HhHZU5FDZT2pBJzMEebLWUD9uGKkOFuLDG3bNoQuXFvwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFAtMBwyP2sOvQnwqKQLpoA6rIbW3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlODkwOWRiLTgwNDEtNGZkZS04ZDc2LTA2NjNiOGI2MDhlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaODANBgkqhkiG9w0BAQsFAAOCAQEAmhvrG+mG93MiWKSPUVjN xEhkm34REBxdnTvURsQH/ydKA5OFVqemXbv4FKk2nZs4jE8rUE2XGPcGVmezsZbg JIu9XZE3hR0D1uQrPAeqpbgqPEFYpscYHEJIGUxRECdOL29Bul9V/OuhWKFGViAk NCI9d/KNNSu1fA5Mo/jxyk6tC7ssVRTUwB5WFbR/oGDRMOwRBVLJ+yd2P/9aeokb Igl+cHhSveq+ADRedsUihj83YNqIejhfB0cvNdCxPqFWUXL3fcJuhQlpb1y9hkjf AoLyGqOmh3ZmZRUipGqKatbmQlB1Jnr7vUBaW3BqroKedcovs8CqTNP7IGeW7Gru VA== -----END CERTIFICATE-----Generated at Mon Oct 20 20:27:41 2025 by rpki-client