$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa File: a0d0474f-3a63-4312-ba91-4caeffc8b819.roa (raw, json) Hash identifier: SvQBdb3RRqkZ0tHtBc62KBB2BBFnvoT60ChNzqeCDmU= Subject key identifier: 02:9D:52:11:DF:B7:1A:2A:F4:FD:88:5C:72:B1:9B:FB:D1:E0:45:04 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3BEB52BACCF79FC4FC4D5AEA81AF24403399C988 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa Signing time: Wed 15 Oct 2025 00:10:50 +0000 ROA not before: Wed 15 Oct 2025 00:10:50 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:eb:52:ba:cc:f7:9f:c4:fc:4d:5a:ea:81:af:24:40:33:99:c9:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:10:50 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=8304bd88b07614015c5ae1074cf6e673f205f9046b221be6655396cf6932866f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:a2:62:f0:41:90:b4:40:01:9e:f5:0a:bb:6d: 55:46:92:74:e8:08:69:d2:52:79:a4:bd:ac:18:69: ed:c4:9a:5f:d6:52:d0:e4:f0:a6:58:47:8f:74:40: e4:35:b1:16:54:d9:59:d5:23:c9:ea:1d:39:83:17: 52:a7:8e:18:86:b1:4d:78:b5:fb:aa:16:b6:4c:4f: e5:83:c1:dc:02:5b:7c:36:36:a0:db:8e:27:b2:8f: 19:b6:d6:8c:24:af:ed:af:1d:c9:4b:c4:f6:3a:82: bb:51:a9:6c:6e:ce:db:7f:1c:7c:82:21:d7:07:51: 4d:03:76:17:90:e7:0d:97:2c:6a:82:cb:5f:36:ec: 74:a0:5e:ec:36:39:a3:6b:a5:16:23:76:d5:9a:70: c8:55:1c:92:6e:f6:82:8d:f6:ae:cc:69:ba:58:7c: 46:da:9d:30:10:1c:10:14:24:41:5a:3d:de:28:97: e5:87:a5:88:7f:93:b3:97:38:c0:fb:ed:52:e0:36: a0:21:d7:f9:d7:8c:a8:1c:31:d9:b7:31:f6:12:76: a5:64:51:46:37:d1:49:5e:dd:95:b5:6b:93:8f:7a: 32:0b:91:6c:e4:ce:4a:65:8e:20:46:16:a8:ce:cf: 20:59:f9:5e:b6:d2:b3:3d:1b:ee:80:5b:40:2b:57: ad:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:9D:52:11:DF:B7:1A:2A:F4:FD:88:5C:72:B1:9B:FB:D1:E0:45:04 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4800::/40 Signature Algorithm: sha256WithRSAEncryption 0d:22:b0:ac:a2:e1:d8:75:f3:2d:5a:8d:51:ad:8c:93:60:2a: 57:69:4f:87:79:2f:25:7c:51:89:09:a6:d2:3f:69:85:9a:3a: 53:df:e2:a7:be:3d:84:0a:27:d7:7c:1a:f5:bf:a2:e6:53:47: 3c:ec:34:11:40:b8:07:37:d1:14:41:e0:ee:87:0a:dc:9b:e7: a0:95:ad:c1:89:55:04:36:1f:c5:4e:5a:2e:49:fc:2f:bf:25: 47:4e:58:a8:7d:db:55:62:ad:7c:08:da:d5:16:26:b8:d8:b5: 12:be:0a:09:42:02:56:63:e0:b0:01:08:10:c8:a4:53:8f:d9: 1e:4f:a8:93:dc:14:1a:af:a5:34:71:f0:83:3d:93:6e:e4:d5: 6e:0c:fe:01:ef:95:8c:4f:80:c9:09:b2:d0:e5:a4:52:7f:99: ca:7b:f0:74:08:3c:2b:2b:ba:63:a6:f1:79:89:8b:7a:18:bc: 90:10:4e:c9:3a:53:b6:80:bb:52:46:37:dd:0a:04:90:50:2c: 56:f9:09:df:55:8c:bc:41:e8:7e:18:bf:c4:96:20:e4:c0:41: ca:69:52:4f:62:68:7d:f9:c7:d7:b3:29:04:bb:d3:df:bb:4d: ac:87:28:8e:63:f2:fe:d3:84:1c:f1:27:ea:ab:ee:d7:23:32: 43:da:54:b4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUO+tSusz3n8T8TVrqga8kQDOZyYgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMTA1MFoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAODMwNGJkODhiMDc2MTQwMTVjNWFl MTA3NGNmNmU2NzNmMjA1ZjkwNDZiMjIxYmU2NjU1Mzk2Y2Y2OTMyODY2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKJi8EGQtEABnvUKu21VRpJ06Ahp 0lJ5pL2sGGntxJpf1lLQ5PCmWEePdEDkNbEWVNlZ1SPJ6h05gxdSp44YhrFNeLX7 qha2TE/lg8HcAlt8Njag244nso8ZttaMJK/trx3JS8T2OoK7Ualsbs7bfxx8giHX B1FNA3YXkOcNlyxqgstfNux0oF7sNjmja6UWI3bVmnDIVRySbvaCjfauzGm6WHxG 2p0wEBwQFCRBWj3eKJflh6WIf5OzlzjA++1S4DagIdf514yoHDHZtzH2EnalZFFG N9FJXt2VtWuTj3oyC5Fs5M5KZY4gRhaozs8gWflettKzPRvugFtAK1et9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAKdUhHftxoq9P2IXHKxm/vR4EUEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EwZDA0NzRmLTNhNjMtNDMxMi1iYTkxLTRjYWVmZmM4YjgxOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEgwDQYJKoZIhvcNAQELBQADggEBAA0isKyi4dh18y1ajVGt jJNgKldpT4d5LyV8UYkJptI/aYWaOlPf4qe+PYQKJ9d8GvW/ouZTRzzsNBFAuAc3 0RRB4O6HCtyb56CVrcGJVQQ2H8VOWi5J/C+/JUdOWKh921VirXwI2tUWJrjYtRK+ CglCAlZj4LABCBDIpFOP2R5PqJPcFBqvpTRx8IM9k27k1W4M/gHvlYxPgMkJstDl pFJ/mcp78HQIPCsrumOm8XmJi3oYvJAQTsk6U7aAu1JGN90KBJBQLFb5Cd9VjLxB 6H4Yv8SWIOTAQcppUk9iaH35x9ezKQS709+7TayHKI5j8v7ThBzxJ+qr7tcjMkPa VLQ= -----END CERTIFICATE-----Generated at Mon Oct 20 18:20:11 2025 by rpki-client