$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa File: 9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa (raw, json) Hash identifier: m2zBdG2Lfc4TaX0XnJcWd3QzUeLvmoPgRxUz0X3qH+s= Subject key identifier: F8:7C:6C:C7:55:72:FC:ED:94:44:65:07:0E:98:DC:3A:30:16:49:8E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4046994B3C743DBE631A66EB7C5C3EF62435AFE4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa Signing time: Tue 14 Oct 2025 00:10:46 +0000 ROA not before: Tue 14 Oct 2025 00:10:46 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:46:99:4b:3c:74:3d:be:63:1a:66:eb:7c:5c:3e:f6:24:35:af:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:10:46 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=af94badf078160b24e3c39cd75a9c98bb4231a7d1435e9fed57b68fb10967a5e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:28:f1:c1:78:1f:ad:51:f1:c5:b0:66:d6:46: 88:94:b7:4f:47:65:5e:df:82:d0:ac:aa:52:0a:67: 04:69:31:e0:81:cf:15:f3:8e:5a:78:7d:79:6b:c4: 8f:7c:a8:e7:57:80:e3:ef:68:89:53:7b:11:c0:40: e9:42:ab:f2:85:c6:30:7e:e5:7f:95:43:c5:42:21: 2b:43:17:ef:76:50:59:a7:a8:52:59:5a:4e:47:2c: 3b:9a:70:31:4d:cf:53:35:0a:d5:c9:4c:99:a5:3e: bb:46:70:f3:b9:95:a8:be:47:f2:71:67:10:b8:79: 3a:de:90:06:0c:ea:f1:49:84:69:d6:24:ec:11:a6: 44:82:d6:59:b3:fc:4d:b1:25:9d:97:3f:96:04:a1: 7b:b2:e0:f1:8e:46:14:7d:bb:cd:2b:27:1b:89:27: 67:e7:42:7f:f3:ad:a8:87:bd:15:c3:3b:7a:db:36: ee:ad:42:97:ac:a5:cb:e7:a7:73:2f:6b:12:63:cb: cd:d1:7b:96:ca:0d:57:f1:a8:a5:5a:78:48:b3:66: 17:c1:b2:08:7b:64:e1:4e:47:9e:ef:4a:67:7a:69: b6:7f:b9:0d:89:c3:e9:d0:b5:96:8d:07:93:47:85: 78:1e:65:c4:2f:ae:29:c6:25:b6:86:ce:62:77:be: 45:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:7C:6C:C7:55:72:FC:ED:94:44:65:07:0E:98:DC:3A:30:16:49:8E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:a000::/40 Signature Algorithm: sha256WithRSAEncryption 9f:e6:90:49:4e:f2:00:aa:b1:90:1e:7a:05:98:85:76:b8:a8: fe:51:65:7f:49:52:f9:40:32:df:87:58:05:98:02:e6:7d:8e: c9:4c:20:bc:53:18:da:9f:44:78:11:5b:e6:11:e4:d5:96:5f: 22:71:47:dd:a2:5a:1e:1a:db:75:4d:e2:b6:a5:3a:1b:8d:2e: 16:82:4a:70:c1:bb:6f:aa:b1:d8:49:b3:3c:ee:47:c8:63:ed: c0:3e:81:89:51:d5:08:f9:b8:e0:f5:c9:a1:74:f3:ee:37:ab: 68:2b:03:3c:74:b1:f5:4a:7f:da:95:e9:a8:8d:18:fc:22:8f: 27:8e:72:f3:ad:99:d1:66:ae:b6:f5:bf:18:f0:8e:39:f3:51: 43:f8:e7:4c:20:a6:64:2f:4d:56:56:6f:b7:93:d7:a0:1b:66: 8e:97:89:30:d9:41:d8:31:e5:4d:82:11:f2:e9:cb:47:78:bc: 9f:a5:17:90:7e:91:a3:f6:d9:b1:20:c9:eb:90:da:3b:1c:a2: a4:d0:b4:a2:2a:ea:48:b6:71:7e:7c:63:b0:56:c4:60:b1:46: 0f:0b:75:d8:42:b1:8a:21:57:4c:8a:19:d0:2a:40:e0:f0:88: 23:0c:4c:c9:1f:d7:f9:4c:4f:22:70:6f:49:51:16:65:8e:44: ac:47:a5:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQEaZSzx0Pb5jGmbrfFw+9iQ1r+QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMTA0NloX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAYWY5NGJhZGYwNzgxNjBiMjRlM2Mz OWNkNzVhOWM5OGJiNDIzMWE3ZDE0MzVlOWZlZDU3YjY4ZmIxMDk2N2E1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSjxwXgfrVHxxbBm1kaIlLdPR2Ve 34LQrKpSCmcEaTHggc8V845aeH15a8SPfKjnV4Dj72iJU3sRwEDpQqvyhcYwfuV/ lUPFQiErQxfvdlBZp6hSWVpORyw7mnAxTc9TNQrVyUyZpT67RnDzuZWovkfycWcQ uHk63pAGDOrxSYRp1iTsEaZEgtZZs/xNsSWdlz+WBKF7suDxjkYUfbvNKycbiSdn 50J/862oh70Vwzt62zburUKXrKXL56dzL2sSY8vN0XuWyg1X8ailWnhIs2YXwbII e2ThTkee70pnemm2f7kNicPp0LWWjQeTR4V4HmXEL64pxiW2hs5id75FkwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPh8bMdVcvztlERlBw6Y3DowFkmOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlkMThiYWQ3LWMyMDgtNGQ1ZS1iYjc0LTRiYWJjMmVmYTYwYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+6AwDQYJKoZIhvcNAQELBQADggEBAJ/mkElO8gCqsZAeegWY hXa4qP5RZX9JUvlAMt+HWAWYAuZ9jslMILxTGNqfRHgRW+YR5NWWXyJxR92iWh4a 23VN4ralOhuNLhaCSnDBu2+qsdhJszzuR8hj7cA+gYlR1Qj5uOD1yaF08+43q2gr Azx0sfVKf9qV6aiNGPwijyeOcvOtmdFmrrb1vxjwjjnzUUP450wgpmQvTVZWb7eT 16AbZo6XiTDZQdgx5U2CEfLpy0d4vJ+lF5B+kaP22bEgyeuQ2jscoqTQtKIq6ki2 cX58Y7BWxGCxRg8LddhCsYohV0yKGdAqQODwiCMMTMkf1/lMTyJwb0lRFmWORKxH pcI= -----END CERTIFICATE-----Generated at Mon Oct 20 07:23:18 2025 by rpki-client