$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa File: f00ce68a-58da-4964-ae28-394559757448.roa (raw, json) Hash identifier: ejF5y7JEeG8wlSg12SxpZiG+WcehwFO46Ly3GgEfhXk= Subject key identifier: 19:BC:1D:60:EE:FE:67:D3:72:EC:6B:A1:91:C1:F1:6B:F2:57:BD:20 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 12D766C686C38F8FE6169E07F3BFB509494F6849 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa Signing time: Mon 13 Oct 2025 15:00:48 +0000 ROA not before: Mon 13 Oct 2025 15:00:48 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:28c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:d7:66:c6:86:c3:8f:8f:e6:16:9e:07:f3:bf:b5:09:49:4f:68:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:00:48 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=5dec0885a3adfefd96275cd63ff65141c7cec57a5a0f9ef368448b940b7a025f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:ec:02:2a:49:37:fc:21:5f:08:b1:76:34:55: 44:6b:96:00:a7:44:a9:71:ed:14:7b:cf:7a:b3:f4: 3b:80:e4:dc:23:ac:bc:e3:90:e6:96:de:79:cd:16: fb:db:8b:ad:5e:ff:2e:04:ed:8d:0e:29:4e:69:a4: 5d:3e:9d:1f:a6:d4:5d:8e:22:a1:7a:c5:9c:d2:89: 40:1f:7e:79:00:c3:42:45:5f:38:de:e8:4c:38:16: 62:d6:53:3c:b7:b9:84:7f:38:c3:b0:ce:60:30:6f: 84:83:a2:85:82:32:09:33:6a:41:ba:13:a5:fe:b3: cb:27:4a:58:81:81:57:bc:e5:bb:14:0d:fb:bd:9e: e2:b0:45:a3:6a:8d:6f:17:4b:4c:6a:ea:66:0f:3c: 05:08:15:f2:7a:1d:17:af:de:51:5a:e1:aa:e4:e2: bb:a5:8a:51:9e:28:0e:b0:92:3c:f1:f6:21:d7:ec: 5d:b1:9e:ff:2c:61:f7:06:30:12:ef:9b:e0:1a:27: b2:96:dd:80:65:e6:59:5f:ee:b5:6c:07:0e:a0:18: eb:f6:e8:8b:ef:78:ec:76:e7:38:8e:68:09:d4:e5: 25:6e:44:69:0b:67:c8:98:51:2a:c3:16:ef:23:62: 88:25:ba:3c:f8:21:3d:fb:8c:6f:76:4e:f5:50:37: 3e:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:BC:1D:60:EE:FE:67:D3:72:EC:6B:A1:91:C1:F1:6B:F2:57:BD:20 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:28c0::/48 Signature Algorithm: sha256WithRSAEncryption 5e:77:97:52:99:83:ce:02:bf:d7:a0:53:8a:1b:28:67:e5:c4: 28:49:4f:d5:7b:43:e3:f1:c7:80:e5:88:63:b7:24:7c:84:38: fb:6d:e3:ad:4c:c6:e2:51:b9:f5:1e:1d:96:93:e2:ae:fa:f3: c4:21:0b:eb:ef:a5:b9:20:d6:03:3e:39:44:27:19:e5:78:98: 7f:0e:85:36:f7:f8:9f:bb:d1:6f:bc:11:42:bb:a3:0c:ca:c2: 6c:a8:7c:24:53:04:aa:ea:28:fa:d4:de:7e:e3:ab:3b:59:ba: 25:22:02:93:9f:3b:b3:6f:1d:1e:e7:01:4b:02:14:9b:a6:53: 72:5d:6c:64:b3:85:45:83:23:9e:8f:df:2b:c1:48:17:b8:a4: 37:60:75:f1:f0:80:5d:33:43:ff:bd:52:19:74:c4:7d:06:81: fd:2f:82:6f:84:71:4b:68:1a:c0:76:18:bf:6c:09:29:68:fe: 00:63:0d:31:04:79:eb:32:3f:7c:9a:30:a4:ee:9b:c5:77:4f: 62:56:75:73:29:dd:68:26:e3:d9:06:11:fe:3f:8c:6d:99:7d: 21:72:a3:a1:a1:98:f3:be:64:9b:a1:16:01:b3:e9:9f:a9:ea: cc:7f:0b:b4:5f:49:33:17:04:8f:87:2d:67:d1:a9:45:84:62: 27:b0:82:48 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEtdmxobDj4/mFp4H87+1CUlPaEkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MDA0OFoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNANWRlYzA4ODVhM2FkZmVmZDk2Mjc1 Y2Q2M2ZmNjUxNDFjN2NlYzU3YTVhMGY5ZWYzNjg0NDhiOTQwYjdhMDI1ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOwCKkk3/CFfCLF2NFVEa5YAp0Sp ce0Ue896s/Q7gOTcI6y845Dmlt55zRb724utXv8uBO2NDilOaaRdPp0fptRdjiKh esWc0olAH355AMNCRV843uhMOBZi1lM8t7mEfzjDsM5gMG+Eg6KFgjIJM2pBuhOl /rPLJ0pYgYFXvOW7FA37vZ7isEWjao1vF0tMaupmDzwFCBXyeh0Xr95RWuGq5OK7 pYpRnigOsJI88fYh1+xdsZ7/LGH3BjAS75vgGieylt2AZeZZX+61bAcOoBjr9uiL 73jsduc4jmgJ1OUlbkRpC2fImFEqwxbvI2KIJbo8+CE9+4xvdk71UDc+5wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBm8HWDu/mfTcuxroZHB8WvyV70gMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YwMGNlNjhhLTU4ZGEtNDk2NC1hZTI4LTM5NDU1OTc1NzQ0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSjAMA0GCSqGSIb3DQEBCwUAA4IBAQBed5dSmYPOAr/XoFOK Gyhn5cQoSU/Ve0Pj8ceA5YhjtyR8hDj7beOtTMbiUbn1Hh2Wk+Ku+vPEIQvr76W5 INYDPjlEJxnleJh/DoU29/ifu9FvvBFCu6MMysJsqHwkUwSq6ij61N5+46s7Wbol IgKTnzuzbx0e5wFLAhSbplNyXWxks4VFgyOej98rwUgXuKQ3YHXx8IBdM0P/vVIZ dMR9BoH9L4JvhHFLaBrAdhi/bAkpaP4AYw0xBHnrMj98mjCk7pvFd09iVnVzKd1o JuPZBhH+P4xtmX0hcqOhoZjzvmSboRYBs+mfqerMfwu0X0kzFwSPhy1n0alFhGIn sIJI -----END CERTIFICATE-----Generated at Mon Oct 20 07:46:54 2025 by rpki-client