$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: Re8w+Sti8Sz8i6ZAYYfWup/PcRJPfYG0e5H8KWoVjfQ= Subject key identifier: B7:91:B9:A8:CC:55:EC:FA:20:65:2D:94:C8:65:F8:A3:1B:E6:60:24 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 7BF635C593733053C08587541B73C0BC2877E82C Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Mon 29 Sep 2025 15:00:29 +0000 ROA not before: Mon 29 Sep 2025 15:00:29 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:f6:35:c5:93:73:30:53:c0:85:87:54:1b:73:c0:bc:28:77:e8:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 29 15:00:29 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=88ccf7c0d909e7be2127c86f1a604bd3d6d6913a67c95241dcc4ceda116c4a8f, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:99:f4:da:75:e9:b5:ec:cb:a1:bd:23:8a:ed: 0f:03:12:28:63:72:04:cb:ac:79:0b:ab:74:93:95: ec:10:47:6b:32:01:95:f1:08:27:de:a5:00:19:35: 6a:3b:97:44:7f:db:83:5d:ac:7e:32:dc:c1:ce:46: cf:4e:ed:54:88:b6:f6:3c:70:fe:90:bf:89:63:5f: 2b:7e:72:c6:9c:b1:ca:38:ce:ce:41:3c:91:0c:29: c4:d3:ce:f5:b5:ce:26:88:e8:ac:c3:18:b0:9e:ba: 54:9d:4b:4f:bb:a8:9f:b0:9d:3e:fe:66:d2:02:e0: 9c:e6:a8:92:63:41:c9:29:ab:8f:19:84:99:a3:ee: 94:8e:5c:9b:11:c0:7f:f4:af:a5:1b:88:f7:0a:e5: b0:96:d5:aa:59:ca:79:2c:fa:de:9e:73:e1:cc:cd: 61:98:15:e2:72:bf:84:46:b3:56:25:7d:bc:e0:5d: 68:81:d3:8f:69:9c:71:2d:7c:f0:02:b3:19:c6:4b: 70:59:94:2c:97:23:b7:ab:68:58:c0:bd:50:c3:3c: 6b:62:87:0b:5c:0f:cb:ba:20:2c:1e:6c:8a:a1:78: 3a:ff:73:54:eb:70:b2:d7:48:b0:4b:c7:b2:a4:93: f9:0b:bc:90:75:0c:81:01:64:1d:02:3f:ab:37:c6: 7e:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:91:B9:A8:CC:55:EC:FA:20:65:2D:94:C8:65:F8:A3:1B:E6:60:24 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 22:28:56:fd:e6:17:0e:e2:5b:4f:b2:ed:4f:06:04:ac:ed:f6: 82:4f:f5:03:0d:3c:27:fe:cc:96:39:99:67:3c:1b:ab:b2:df: d7:5f:44:ce:81:69:e0:31:f3:9d:85:68:16:c5:45:eb:4c:99: 3e:a6:4a:66:ff:84:b9:1f:2e:89:17:26:9b:e3:61:7f:2c:b2: 11:0e:77:76:45:e6:28:0e:d7:c6:ac:ae:5c:43:13:f3:f6:77: 3c:03:c3:65:01:35:1e:a7:46:fe:5c:b9:34:0d:23:91:84:13: 16:b8:31:29:34:bb:5e:07:d5:b1:e5:e4:a2:04:51:3e:61:77: 3d:df:b9:6a:fd:76:60:24:1d:2e:e4:7c:22:41:1b:78:fb:f7: 83:9a:a6:e5:fa:a8:7e:b4:1a:26:b5:0e:f2:67:66:9d:d2:39: 3e:6f:3c:64:72:0f:c0:f9:31:a3:0a:ed:e7:a7:ed:40:2e:76: 57:07:95:58:14:60:d7:1a:a8:e9:05:ea:44:15:62:5b:a9:aa: a4:c3:4b:eb:37:e9:f9:7c:fe:4b:87:a9:97:70:bd:4b:66:42: c3:fd:14:95:60:99:32:dc:cb:e3:5d:de:84:6c:31:bf:38:e2: 5f:d2:0e:82:3b:99:f4:6a:50:2e:4c:75:93:c9:e8:57:42:6e: f2:5f:62:6f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUe/Y1xZNzMFPAhYdUG3PAvCh36CwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDkyOTE1MDAyOVoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNAODhjY2Y3YzBkOTA5ZTdiZTIxMjdj ODZmMWE2MDRiZDNkNmQ2OTEzYTY3Yzk1MjQxZGNjNGNlZGExMTZjNGE4ZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJn02nXptezLob0jiu0PAxIoY3IE y6x5C6t0k5XsEEdrMgGV8Qgn3qUAGTVqO5dEf9uDXax+MtzBzkbPTu1UiLb2PHD+ kL+JY18rfnLGnLHKOM7OQTyRDCnE0871tc4miOiswxiwnrpUnUtPu6ifsJ0+/mbS AuCc5qiSY0HJKauPGYSZo+6UjlybEcB/9K+lG4j3CuWwltWqWcp5LPrennPhzM1h mBXicr+ERrNWJX284F1ogdOPaZxxLXzwArMZxktwWZQslyO3q2hYwL1QwzxrYocL XA/LuiAsHmyKoXg6/3NU63Cy10iwS8eypJP5C7yQdQyBAWQdAj+rN8Z+xwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLeRuajMVez6IGUtlMhl+KMb5mAkMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAiKFb95hcO4ltPsu1P BgSs7faCT/UDDTwn/syWOZlnPBurst/XX0TOgWngMfOdhWgWxUXrTJk+pkpm/4S5 Hy6JFyab42F/LLIRDnd2ReYoDtfGrK5cQxPz9nc8A8NlATUep0b+XLk0DSORhBMW uDEpNLteB9Wx5eSiBFE+YXc937lq/XZgJB0u5HwiQRt4+/eDmqbl+qh+tBomtQ7y Z2ad0jk+bzxkcg/A+TGjCu3np+1ALnZXB5VYFGDXGqjpBepEFWJbqaqkw0vrN+n5 fP5Lh6mXcL1LZkLD/RSVYJky3MvjXd6EbDG/OOJf0g6CO5n0alAuTHWTyehXQm7y X2Jv -----END CERTIFICATE-----Generated at Mon Oct 20 07:36:26 2025 by rpki-client