$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d2bce7b-37e2-4787-95fb-0e0d01dbc543.roa File: 7d2bce7b-37e2-4787-95fb-0e0d01dbc543.roa (raw, json) Hash identifier: GqA+ADsuXeZoZxU9whBhAmpftpdOErPPhcvp7wAqYgQ= Subject key identifier: BC:EC:7E:8F:B9:6D:E7:FF:25:56:E2:98:19:49:ED:D1:B9:7B:7F:85 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2B0DD49A5C665789406E2F2E5AB2D3EF3841AAFE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d2bce7b-37e2-4787-95fb-0e0d01dbc543.roa Signing time: Mon 13 Oct 2025 15:40:07 +0000 ROA not before: Mon 13 Oct 2025 15:40:07 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:80a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:0d:d4:9a:5c:66:57:89:40:6e:2f:2e:5a:b2:d3:ef:38:41:aa:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:40:07 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=e11531e120a580d93cb9038691a07958daf9045789b82f7f4575fdefa645e2e0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:57:dc:b3:52:97:51:21:34:ea:85:7b:7d:c7: 05:1b:9e:1c:ef:4f:b8:50:2e:59:23:62:b2:d2:0f: e2:c2:2c:09:d4:62:48:5a:c4:53:4f:80:ef:f1:ab: 45:5f:04:32:6a:ff:bc:4e:a6:0a:e9:c7:77:ca:85: 14:69:fe:ed:e8:85:47:c8:72:94:04:cc:d7:6b:45: 44:2a:36:86:bb:d2:3b:fe:4a:a1:b3:61:b0:92:09: 92:80:b5:6f:3c:7f:34:b9:e4:7f:82:b3:a7:7e:7d: 4c:ae:ac:20:f7:c5:e1:3d:5d:c6:6c:41:77:91:71: 5b:e0:16:ab:16:a4:10:48:87:9c:f4:2a:4c:9f:a0: 84:68:a1:b4:04:58:0a:86:bd:5b:f4:e8:83:de:d7: be:e4:d6:75:07:fb:5c:42:fb:88:70:80:22:dd:0e: a5:49:fa:7d:e8:5b:ec:2f:08:e8:ff:1b:5f:ce:07: 15:3a:99:1d:94:91:a2:ad:3f:46:00:2d:05:ca:83: 12:a6:79:48:ad:b9:66:bb:6a:a5:ce:0d:31:72:a0: bb:f2:ec:30:07:37:fd:e5:bf:f9:54:0d:f6:ec:c5: d9:cf:00:71:d1:39:76:b7:db:00:7a:ba:d1:2c:ee: 91:f0:c0:fe:f5:93:51:18:31:62:cf:2d:79:c5:e2: b2:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:EC:7E:8F:B9:6D:E7:FF:25:56:E2:98:19:49:ED:D1:B9:7B:7F:85 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d2bce7b-37e2-4787-95fb-0e0d01dbc543.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:80a0::/48 Signature Algorithm: sha256WithRSAEncryption 42:ff:39:28:b7:22:b7:b7:86:df:77:f5:cd:10:d4:36:21:f0: b1:b9:56:ca:54:58:75:58:89:79:e1:89:d0:cc:ed:8e:e5:f4: 9c:11:47:1c:ad:b7:25:d1:27:b2:da:38:7e:a6:fc:d1:b5:46: 84:af:85:f3:f3:59:e8:50:4c:04:dc:e4:ad:cd:e5:16:3b:6d: d8:31:89:7c:2d:60:58:ca:cd:18:ea:ee:cd:82:0d:cb:1d:00: 91:27:45:de:ee:9a:ff:32:b4:29:d2:94:e5:bd:6a:35:7b:94: 8c:1b:fc:c6:bb:a0:d5:aa:05:0d:74:76:1d:a6:8b:f3:16:65: f1:74:1d:33:c5:3f:fe:2d:84:b9:cb:c9:14:96:db:e4:e0:b4: 39:ea:e5:1e:e2:12:75:6d:e2:b9:dc:d1:a3:9e:cf:64:19:6f: c8:50:c4:a6:b5:48:16:62:ec:f0:78:e6:15:a6:7f:15:65:84: e8:31:6b:7a:2e:a3:a6:3c:34:fc:ad:6a:65:ba:f1:1c:cd:11: c2:a4:bf:27:c6:c0:86:a4:8d:a9:99:00:96:1c:68:54:50:cd: 6f:2a:9a:81:99:86:1e:c7:24:dd:7a:bf:90:c4:fe:33:61:64: 28:c1:34:be:0b:06:1b:3c:70:1e:ea:c7:94:82:f2:ea:31:33: 86:f2:e7:10 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKw3UmlxmV4lAbi8uWrLT7zhBqv4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1NDAwN1oX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAZTExNTMxZTEyMGE1ODBkOTNjYjkw Mzg2OTFhMDc5NThkYWY5MDQ1Nzg5YjgyZjdmNDU3NWZkZWZhNjQ1ZTJlMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lfcs1KXUSE06oV7fccFG54c70+4 UC5ZI2Ky0g/iwiwJ1GJIWsRTT4Dv8atFXwQyav+8TqYK6cd3yoUUaf7t6IVHyHKU BMzXa0VEKjaGu9I7/kqhs2GwkgmSgLVvPH80ueR/grOnfn1Mrqwg98XhPV3GbEF3 kXFb4BarFqQQSIec9CpMn6CEaKG0BFgKhr1b9OiD3te+5NZ1B/tcQvuIcIAi3Q6l Sfp96FvsLwjo/xtfzgcVOpkdlJGirT9GAC0FyoMSpnlIrblmu2qlzg0xcqC78uww Bzf95b/5VA327MXZzwBx0Tl2t9sAerrRLO6R8MD+9ZNRGDFizy15xeKysQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLzsfo+5bef/JVbimBlJ7dG5e3+FMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdkMmJjZTdiLTM3ZTItNDc4Ny05NWZiLTBlMGQwMWRiYzU0My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/4CgMA0GCSqGSIb3DQEBCwUAA4IBAQBC/zkotyK3t4bfd/XN ENQ2IfCxuVbKVFh1WIl54YnQzO2O5fScEUccrbcl0Sey2jh+pvzRtUaEr4Xz81no UEwE3OStzeUWO23YMYl8LWBYys0Y6u7Ngg3LHQCRJ0Xe7pr/MrQp0pTlvWo1e5SM G/zGu6DVqgUNdHYdpovzFmXxdB0zxT/+LYS5y8kUltvk4LQ56uUe4hJ1beK53NGj ns9kGW/IUMSmtUgWYuzweOYVpn8VZYToMWt6LqOmPDT8rWpluvEczRHCpL8nxsCG pI2pmQCWHGhUUM1vKpqBmYYexyTder+QxP4zYWQowTS+CwYbPHAe6seUgvLqMTOG 8ucQ -----END CERTIFICATE-----Generated at Mon Oct 20 09:56:10 2025 by rpki-client