$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae22f49b-b351-4009-9703-e0a0bcf10d18.roa File: ae22f49b-b351-4009-9703-e0a0bcf10d18.roa (raw, json) Hash identifier: ++qQ2YNe/NpypWoAZ6NuXVPzzoY1YKKLRkMuc3w66/w= Subject key identifier: AD:D7:89:54:BA:C8:D0:AD:72:14:18:0D:AE:24:D9:8F:80:19:24:13 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4F422718757AED029A30ACDBAF89920E450CE665 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae22f49b-b351-4009-9703-e0a0bcf10d18.roa Signing time: Mon 06 Oct 2025 15:00:10 +0000 ROA not before: Mon 06 Oct 2025 15:00:10 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafd:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:42:27:18:75:7a:ed:02:9a:30:ac:db:af:89:92:0e:45:0c:e6:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:00:10 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=b35f915624b0b6e5ddf6d81565f0e960a92a1b0fbfd3da2e5d1349557fce3ac4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b9:31:4c:a8:81:d2:a4:6f:17:92:35:35:80: f0:b8:0d:a8:97:c4:b8:6f:23:9a:16:ff:31:6b:ac: c8:a8:84:41:6d:c9:f4:0a:cc:df:2e:fc:89:5e:f6: 58:d2:ab:0d:6d:3a:9f:d2:7c:f7:11:49:0f:a9:16: 57:f4:ab:92:05:f1:80:1f:4b:ec:04:b5:08:62:27: 9d:b8:ae:72:01:b4:93:b2:d9:d3:a9:93:4a:63:38: 5f:35:c2:de:c4:90:f6:f7:e7:39:04:3f:16:ac:89: b2:23:de:d8:02:8b:a4:ec:72:23:8e:eb:2f:10:c6: bc:bf:82:94:bf:d0:7f:21:b4:41:9f:57:50:7c:ca: 16:d1:8d:71:85:03:12:a7:d5:4e:e3:c4:71:0b:f0: ee:fa:08:ad:29:87:3b:34:10:02:88:49:06:3b:86: 0e:fc:c5:d2:ba:12:e5:37:ee:c0:2a:b3:5a:1a:21: 7a:36:61:7c:dc:02:5c:c5:4e:12:dc:9f:79:bd:47: 76:ab:3f:8e:6d:58:b0:a7:64:33:9a:1a:05:c7:9e: bd:0e:84:55:a1:c6:fc:d3:64:41:28:e5:03:5a:6c: 26:2d:10:56:4b:1d:2a:c5:01:79:27:5f:cb:a8:96: 8f:ea:54:2e:c9:f7:00:d4:49:9a:4c:d0:af:0c:41: 97:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:D7:89:54:BA:C8:D0:AD:72:14:18:0D:AE:24:D9:8F:80:19:24:13 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae22f49b-b351-4009-9703-e0a0bcf10d18.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafd:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 20:99:88:1b:5c:0d:be:82:2a:8f:fd:25:f4:9b:1f:1a:c7:af: 26:6d:23:c4:43:fe:3d:bf:88:da:63:6a:bc:4d:36:dd:e8:26: 90:1a:93:f7:ee:e5:c6:42:c3:a0:7d:ca:36:cb:68:82:40:da: 1f:72:39:c1:23:64:fe:07:80:31:f8:4c:d4:88:1c:6f:9b:e7: 65:6f:ff:3d:76:72:a5:fa:09:16:2c:3a:a3:e4:ba:b8:89:65: 65:b2:af:17:19:b7:69:65:0e:ac:5e:d3:3d:71:63:bf:b8:a7: 7b:ba:81:bd:4a:59:f1:92:fa:85:06:07:05:dc:62:e0:7a:0b: 6f:79:d9:79:0d:d1:3a:76:18:6e:b1:08:c8:7f:99:64:fa:46: 39:33:34:b8:ac:36:26:cf:7b:f0:ea:ea:16:5d:d1:73:6a:86: d4:9c:46:f4:fc:82:7e:34:28:d2:7b:af:b4:9c:dc:86:0a:a2: fe:52:92:0a:5f:bb:15:a1:d7:39:58:4f:ff:13:80:6e:07:90: c9:d1:7c:fd:c8:af:73:53:7e:9d:a2:2b:7d:78:b6:ac:d0:fb: 90:ec:e8:ad:4b:b5:98:11:80:f2:21:ba:ff:39:d6:68:81:e2: 11:64:23:db:6d:86:78:35:32:a2:13:26:61:ef:28:b0:8b:41: f6:df:fe:13 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUT0InGHV67QKaMKzbr4mSDkUM5mUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MDAxMFoX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNAYjM1ZjkxNTYyNGIwYjZlNWRkZjZk ODE1NjVmMGU5NjBhOTJhMWIwZmJmZDNkYTJlNWQxMzQ5NTU3ZmNlM2FjNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27kxTKiB0qRvF5I1NYDwuA2ol8S4 byOaFv8xa6zIqIRBbcn0CszfLvyJXvZY0qsNbTqf0nz3EUkPqRZX9KuSBfGAH0vs BLUIYieduK5yAbSTstnTqZNKYzhfNcLexJD29+c5BD8WrImyI97YAouk7HIjjusv EMa8v4KUv9B/IbRBn1dQfMoW0Y1xhQMSp9VO48RxC/Du+gitKYc7NBACiEkGO4YO /MXSuhLlN+7AKrNaGiF6NmF83AJcxU4S3J95vUd2qz+ObViwp2QzmhoFx569DoRV ocb802RBKOUDWmwmLRBWSx0qxQF5J1/LqJaP6lQuyfcA1EmaTNCvDEGXBwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFK3XiVS6yNCtchQYDa4k2Y+AGSQTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FlMjJmNDliLWIzNTEtNDAwOS05NzAzLWUwYTBiY2YxMGQxOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/UDAMA0GCSqGSIb3DQEBCwUAA4IBAQAgmYgbXA2+giqP/SX0 mx8ax68mbSPEQ/49v4jaY2q8TTbd6CaQGpP37uXGQsOgfco2y2iCQNofcjnBI2T+ B4Ax+EzUiBxvm+dlb/89dnKl+gkWLDqj5Lq4iWVlsq8XGbdpZQ6sXtM9cWO/uKd7 uoG9SlnxkvqFBgcF3GLgegtvedl5DdE6dhhusQjIf5lk+kY5MzS4rDYmz3vw6uoW XdFzaobUnEb0/IJ+NCjSe6+0nNyGCqL+UpIKX7sVodc5WE//E4BuB5DJ0Xz9yK9z U36doit9eLas0PuQ7OitS7WYEYDyIbr/OdZogeIRZCPbbYZ4NTKiEyZh7yiwi0H2 3/4T -----END CERTIFICATE-----Generated at Mon Oct 20 10:00:34 2025 by rpki-client