$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa File: 857d996d-a66c-48d8-8669-f36141564a43.roa (raw, json) Hash identifier: O6pk7ClM5ENsOhmYm68+EIi9IPPBMi6n1kRw6IZFuyI= Subject key identifier: 98:79:6A:3D:48:0A:76:A3:89:A3:9A:6B:34:2F:8C:EB:17:7E:82:51 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40F8343B475EF35EA976725475462E185ECAE157 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa Signing time: Mon 13 Oct 2025 15:39:09 +0000 ROA not before: Mon 13 Oct 2025 15:39:09 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:f8:34:3b:47:5e:f3:5e:a9:76:72:54:75:46:2e:18:5e:ca:e1:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:39:09 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=351141d40091648cdf2d098d007c7fed9355da2778e3f4ff7ecb940eb13a0d21, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:0a:20:e8:ee:1b:a4:bb:2a:f1:2b:c0:c7:08: c6:61:17:27:bf:47:b4:07:b5:c0:19:fc:69:c7:f3: c2:f8:94:36:05:8f:17:88:1c:e2:7a:cb:9b:a7:8a: 96:7e:38:af:a2:61:ac:62:90:68:60:47:2a:b6:0f: 00:32:f1:87:12:c0:60:e7:3a:81:78:44:73:06:a7: 17:e7:62:90:c8:fb:37:1e:8c:30:54:75:72:5a:f9: d3:21:eb:ee:10:fc:3f:bf:93:6f:6a:cf:d5:ba:5c: 37:54:3c:18:38:8a:8a:a9:c1:d3:75:5b:24:2e:ac: bf:35:20:43:d0:8d:41:0b:31:99:1c:13:15:71:d6: ca:f8:e9:1a:41:5a:a0:7a:2e:02:28:61:8f:9d:63: 16:ad:eb:bf:a7:ad:c0:8d:fe:b9:e0:6c:ea:8c:6a: bb:7c:b3:83:c8:a7:eb:b5:2e:62:9d:39:91:45:62: 93:8b:bc:1d:3c:16:f9:4c:e7:1b:11:9b:34:41:8e: a4:2d:71:3d:3c:e1:78:ba:8e:51:18:33:06:58:51: 23:15:36:f5:01:28:1a:67:8d:c1:15:99:16:d3:ab: 21:41:49:68:8b:fa:6e:09:89:c8:2d:62:db:46:42: 2c:35:ff:f5:63:70:a5:9f:95:d7:b5:0e:c8:24:10: c7:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:79:6A:3D:48:0A:76:A3:89:A3:9A:6B:34:2F:8C:EB:17:7E:82:51 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4800::/40 Signature Algorithm: sha256WithRSAEncryption 9f:b3:31:4c:7f:30:30:f8:c2:57:e6:47:44:bc:04:99:36:df: 75:98:8d:42:ca:e7:0b:89:65:6b:4a:7c:84:0a:06:12:91:43: f7:50:36:b8:be:2e:64:19:55:d6:b0:db:96:57:cf:bf:67:f9: 69:10:66:d9:ce:f2:a5:ca:38:cd:35:06:da:4d:23:48:2a:26: 3c:d6:70:69:ff:cc:60:c7:21:6c:69:50:6f:29:13:1a:06:3a: ea:50:64:0f:62:26:21:75:fd:1e:48:57:40:08:ae:36:fb:c4: a2:cb:9d:b8:d1:30:d8:54:14:77:4e:83:e2:4b:4b:7e:29:37: 25:e5:d0:99:cb:5f:2d:c3:b1:f3:51:25:d0:75:72:0d:7d:b4: c2:85:7d:c5:a6:7b:67:d8:21:b2:d5:5a:15:3f:39:f2:52:ef: de:19:5d:67:23:71:b8:39:cd:7c:da:0f:c7:2f:dc:bd:88:fe: bd:6b:51:35:4f:03:30:95:26:94:08:26:8a:0b:ac:9e:21:97: bb:c2:c1:7f:a7:45:89:da:61:d1:92:4e:99:89:93:15:a6:4e: 18:dd:99:41:d8:ff:49:19:d6:1f:ba:13:27:60:f6:db:d0:c7: 6a:0a:b2:b4:30:f8:e6:bb:6c:85:a1:8e:b8:c2:ec:71:66:61: 89:96:6f:7b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQPg0O0de816pdnJUdUYuGF7K4VcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MzkwOVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAMzUxMTQxZDQwMDkxNjQ4Y2RmMmQw OThkMDA3YzdmZWQ5MzU1ZGEyNzc4ZTNmNGZmN2VjYjk0MGViMTNhMGQyMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wog6O4bpLsq8SvAxwjGYRcnv0e0 B7XAGfxpx/PC+JQ2BY8XiBziesubp4qWfjivomGsYpBoYEcqtg8AMvGHEsBg5zqB eERzBqcX52KQyPs3HowwVHVyWvnTIevuEPw/v5Nvas/Vulw3VDwYOIqKqcHTdVsk Lqy/NSBD0I1BCzGZHBMVcdbK+OkaQVqgei4CKGGPnWMWreu/p63Ajf654GzqjGq7 fLODyKfrtS5inTmRRWKTi7wdPBb5TOcbEZs0QY6kLXE9POF4uo5RGDMGWFEjFTb1 ASgaZ43BFZkW06shQUloi/puCYnILWLbRkIsNf/1Y3Cln5XXtQ7IJBDHLQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJh5aj1ICnajiaOaazQvjOsXfoJRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg1N2Q5OTZkLWE2NmMtNDhkOC04NjY5LWYzNjE0MTU2NGE0My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/0gwDQYJKoZIhvcNAQELBQADggEBAJ+zMUx/MDD4wlfmR0S8 BJk233WYjULK5wuJZWtKfIQKBhKRQ/dQNri+LmQZVdaw25ZXz79n+WkQZtnO8qXK OM01BtpNI0gqJjzWcGn/zGDHIWxpUG8pExoGOupQZA9iJiF1/R5IV0AIrjb7xKLL nbjRMNhUFHdOg+JLS34pNyXl0JnLXy3DsfNRJdB1cg19tMKFfcWme2fYIbLVWhU/ OfJS794ZXWcjcbg5zXzaD8cv3L2I/r1rUTVPAzCVJpQIJooLrJ4hl7vCwX+nRYna YdGSTpmJkxWmThjdmUHY/0kZ1h+6Eydg9tvQx2oKsrQw+Oa7bIWhjrjC7HFmYYmW b3s= -----END CERTIFICATE-----Generated at Mon Oct 20 07:23:39 2025 by rpki-client