$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa File: aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa (raw, json) Hash identifier: yLMFOZ5z8ggQM7c7QZ2b2En469HbIuXvyjXTeC2dBiQ= Subject key identifier: E0:8D:9A:34:CD:65:34:3A:F0:2E:BD:2B:57:A5:FE:34:EA:50:9B:00 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BB15ADCCD9DFA30FDDD632E6322C73A267D993F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa Signing time: Fri 03 Oct 2025 00:00:09 +0000 ROA not before: Fri 03 Oct 2025 00:00:09 +0000 ROA not after: Fri 07 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:b1:5a:dc:cd:9d:fa:30:fd:dd:63:2e:63:22:c7:3a:26:7d:99:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 3 00:00:09 2025 GMT Not After : Nov 7 23:59:59 2025 GMT Subject: serialNumber=622ec6d924ad5f1f75058c4ec549333035a06811652eeff3842056dd2c99c8da, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:d0:f2:95:b1:52:81:a0:c2:80:91:cf:db:70: fe:47:2b:88:f0:f0:31:6c:9c:b0:c2:8d:1a:11:0e: 22:4e:fa:3f:b8:34:e6:47:9c:98:3e:36:95:08:30: a1:24:04:16:02:6d:da:ee:50:04:5e:24:bd:f5:7c: 1d:42:b6:c5:a7:2f:e9:0f:51:be:80:f3:10:eb:4a: df:d7:5a:85:66:99:a1:17:26:49:37:73:75:25:ba: 22:8a:bf:c4:94:1d:98:03:fb:11:0a:e4:66:09:4d: 63:8a:a1:03:b8:1f:0f:a8:7c:d6:cb:df:d0:f0:9f: df:79:22:12:3d:32:76:d2:ed:5d:eb:eb:89:e8:47: 66:41:13:45:4f:50:cf:86:7b:46:00:38:90:cc:5b: 2e:83:a2:c6:ed:6e:67:c2:08:19:85:e1:c3:d8:51: 88:f5:3e:f5:43:af:11:a1:f9:9a:35:bb:a4:71:c5: 60:5a:36:be:8f:3e:98:9b:89:e2:11:a4:2a:6a:2f: af:7d:4d:9f:8e:14:31:05:e0:13:f8:2c:85:dd:bf: 7a:27:45:53:f0:72:64:6f:c7:86:8c:f9:a8:ea:13: 55:97:c2:75:02:04:9e:18:f7:35:a8:02:f9:27:76: d9:ce:88:56:11:21:15:7e:1c:2e:6c:75:5d:f5:7c: c5:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:8D:9A:34:CD:65:34:3A:F0:2E:BD:2B:57:A5:FE:34:EA:50:9B:00 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:a000::/40 Signature Algorithm: sha256WithRSAEncryption ac:73:8e:c1:01:1c:79:b4:83:f2:d9:bc:98:2f:99:e0:04:af: 7b:dd:b3:5f:d3:c5:2b:4f:c8:6a:c3:dc:ae:de:d8:51:e3:fa: 1d:23:ff:a5:71:80:3c:93:18:b8:1a:d4:bf:d3:f3:0f:d4:9a: bf:e6:89:57:d6:bf:ee:e0:2c:6e:7e:ab:a2:fe:a9:d1:a1:1a: 30:26:09:9b:b2:ab:26:3d:ca:ee:4f:af:5f:82:c6:e6:30:69: f0:7f:46:29:f4:88:af:cb:74:d9:72:39:0a:fa:97:4a:b9:22: 9a:9b:4e:48:a8:53:a3:98:45:a7:63:cb:0b:dd:0b:d6:aa:09: 17:c0:f3:f8:b5:7f:d9:8b:9a:0a:09:1a:ad:da:9c:b8:65:6e: 1a:d6:77:02:9f:24:d8:0a:ed:ed:ad:ba:30:e1:4f:b6:1d:af: b1:79:73:0a:de:49:ff:86:51:c3:9a:5f:c3:86:69:3a:7c:0c: 6f:67:3c:ee:ec:e4:29:70:5a:eb:df:f7:27:2f:6b:49:3d:6c: 41:fc:d5:b3:eb:e5:9c:44:91:f8:5c:d9:50:63:20:b4:0c:2b: 0f:fd:eb:a6:16:a3:8b:e7:b5:08:a6:2f:5a:3d:c4:f7:48:fe: 43:10:12:52:13:d2:31:67:1d:b9:eb:a7:5c:cd:eb:10:dc:8b: 27:50:88:e5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUW7Fa3M2d+jD93WMuYyLHOiZ9mT8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwMzAwMDAwOVoX DTI1MTEwNzIzNTk1OVowejFJMEcGA1UEBRNANjIyZWM2ZDkyNGFkNWYxZjc1MDU4 YzRlYzU0OTMzMzAzNWEwNjgxMTY1MmVlZmYzODQyMDU2ZGQyYzk5YzhkYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktDylbFSgaDCgJHP23D+RyuI8PAx bJywwo0aEQ4iTvo/uDTmR5yYPjaVCDChJAQWAm3a7lAEXiS99XwdQrbFpy/pD1G+ gPMQ60rf11qFZpmhFyZJN3N1Jboiir/ElB2YA/sRCuRmCU1jiqEDuB8PqHzWy9/Q 8J/feSISPTJ20u1d6+uJ6EdmQRNFT1DPhntGADiQzFsug6LG7W5nwggZheHD2FGI 9T71Q68RofmaNbukccVgWja+jz6Ym4niEaQqai+vfU2fjhQxBeAT+CyF3b96J0VT 8HJkb8eGjPmo6hNVl8J1AgSeGPc1qAL5J3bZzohWESEVfhwubHVd9XzF0wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOCNmjTNZTQ68C69K1el/jTqUJsAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiYTIzMThjLWU5NmEtNDA1OC04ZTBjLTVhY2EyYjU2YWFkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMqAwDQYJKoZIhvcNAQELBQADggEBAKxzjsEBHHm0g/LZvJgv meAEr3vds1/TxStPyGrD3K7e2FHj+h0j/6VxgDyTGLga1L/T8w/Umr/miVfWv+7g LG5+q6L+qdGhGjAmCZuyqyY9yu5Pr1+CxuYwafB/Rin0iK/LdNlyOQr6l0q5Ipqb TkioU6OYRadjywvdC9aqCRfA8/i1f9mLmgoJGq3anLhlbhrWdwKfJNgK7e2tujDh T7Ydr7F5cwreSf+GUcOaX8OGaTp8DG9nPO7s5ClwWuvf9ycva0k9bEH81bPr5ZxE kfhc2VBjILQMKw/966YWo4vntQimL1o9xPdI/kMQElIT0jFnHbnrp1zN6xDciydQ iOU= -----END CERTIFICATE-----Generated at Mon Oct 20 20:27:54 2025 by rpki-client