$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa File: 2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa (raw, json) Hash identifier: e/WYqgo38ruLjcpgur5eMgkZEaYYOndkM2PTrlZ2EhY= Subject key identifier: 00:64:66:16:56:1C:3F:1D:32:9A:0D:22:9E:D3:F0:0D:95:FB:B7:2E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 52B10A255B73CAF3BAC3CE262F9A578DDA5F5231 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa Signing time: Sun 02 Nov 2025 00:00:31 +0000 ROA not before: Sun 02 Nov 2025 00:00:31 +0000 ROA not after: Sun 07 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:b1:0a:25:5b:73:ca:f3:ba:c3:ce:26:2f:9a:57:8d:da:5f:52:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 2 00:00:31 2025 GMT Not After : Dec 7 23:59:59 2025 GMT Subject: serialNumber=142356a290a03510e2a526b4ee9f90d165b4011ccfcb181bf56116ef51440912, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:36:45:a6:cd:66:e7:2c:9c:43:44:8f:e2:33: c5:27:d2:91:b6:cc:92:ac:08:77:84:df:8f:e7:2c: 35:1a:db:20:d1:96:18:c9:44:47:32:a7:cb:d5:99: a2:15:d9:ba:66:86:51:09:20:14:cf:05:f8:f8:ab: ce:80:06:c2:b8:1c:03:b4:c9:48:72:03:5a:2d:42: 03:89:fa:7c:a7:dd:8c:fc:b7:84:85:01:f4:2e:b2: cb:aa:ab:5d:cb:d4:6f:b5:5b:f4:c8:06:69:3f:ce: 38:3b:2d:45:61:cc:e4:4d:df:0b:3d:4f:97:ac:f3: cb:d3:82:f4:d8:bd:a0:96:ea:47:3a:8c:02:0e:0f: 63:a2:bc:5f:45:d5:cd:8e:9d:4f:9b:88:13:31:e4: f0:2e:14:ed:0b:5d:d1:e0:2f:a9:26:b4:ef:2a:58: 89:c5:d5:c6:b6:b1:1f:47:9f:fa:3a:ce:be:77:4c: 66:0f:73:1c:15:86:7b:3c:20:41:42:a2:54:1e:e8: 9d:1b:1e:5b:76:76:3c:ef:b2:ec:27:82:e5:bf:3e: 4e:ea:80:2a:0d:b9:e6:71:25:d7:33:9a:48:4b:b9: a5:23:6e:17:93:ec:fd:a2:25:01:94:ea:f7:ec:bf: 7f:8a:21:0d:29:7c:11:d9:c7:81:1f:e8:02:f7:7f: 74:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:64:66:16:56:1C:3F:1D:32:9A:0D:22:9E:D3:F0:0D:95:FB:B7:2E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:2000::/40 Signature Algorithm: sha256WithRSAEncryption b3:01:48:d2:3d:b4:0f:3d:9a:4d:4c:81:4e:e6:9a:53:1f:db: 25:52:18:c2:c2:04:42:70:42:36:1b:2f:cc:07:9f:e2:77:e6: c2:ca:44:30:cf:29:88:9b:97:8a:9e:3c:15:ec:23:59:96:69: b7:9a:d3:9f:92:14:d2:44:3c:e7:fc:da:f3:33:60:36:a7:61: 97:5c:bf:90:73:b2:0b:cd:4f:d8:30:a9:14:f6:04:95:31:66: 94:9b:45:57:e1:2c:b4:df:e0:0c:03:02:2b:5d:7d:80:c2:90: 32:d7:2b:88:c0:87:82:9b:88:ad:67:2c:36:e9:94:24:fb:73: 30:7b:39:12:f4:2a:16:26:ba:94:0c:3a:27:59:a4:a2:00:13: 76:b9:dd:c0:0a:af:5c:87:e5:62:a1:7b:01:f5:24:61:b6:06: 4c:7c:db:2b:a9:04:bd:8b:45:85:53:21:a6:6c:e7:65:7e:d5: f2:2d:8b:dc:70:71:bb:c7:fc:71:79:6e:53:75:44:65:7d:0d: 01:4c:77:6c:89:31:83:a2:48:db:8f:2a:02:59:fb:5e:a0:dd: 99:af:45:fb:4d:5c:6f:30:d9:e5:06:93:bb:9d:e2:d5:8f:c3: 91:c4:ee:9c:6f:9e:b9:d1:0c:bd:13:41:89:e2:e6:89:51:51: 72:ab:38:62 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUrEKJVtzyvO6w84mL5pXjdpfUjEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMjAwMDAzMVoX DTI1MTIwNzIzNTk1OVowejFJMEcGA1UEBRNAMTQyMzU2YTI5MGEwMzUxMGUyYTUy NmI0ZWU5ZjkwZDE2NWI0MDExY2NmY2IxODFiZjU2MTE2ZWY1MTQ0MDkxMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzZFps1m5yycQ0SP4jPFJ9KRtsyS rAh3hN+P5yw1Gtsg0ZYYyURHMqfL1ZmiFdm6ZoZRCSAUzwX4+KvOgAbCuBwDtMlI cgNaLUIDifp8p92M/LeEhQH0LrLLqqtdy9RvtVv0yAZpP844Oy1FYczkTd8LPU+X rPPL04L02L2glupHOowCDg9jorxfRdXNjp1Pm4gTMeTwLhTtC13R4C+pJrTvKliJ xdXGtrEfR5/6Os6+d0xmD3McFYZ7PCBBQqJUHuidGx5bdnY877LsJ4Llvz5O6oAq DbnmcSXXM5pIS7mlI24Xk+z9oiUBlOr37L9/iiENKXwR2ceBH+gC9390HwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFABkZhZWHD8dMpoNIp7T8A2V+7cuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkYmY4ZDYwLWY3ZTYtNDA0OS04ZTQ1LTljMDUxN2U1MDQ1ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYCAwDQYJKoZIhvcNAQELBQADggEBALMBSNI9tA89mk1MgU7m mlMf2yVSGMLCBEJwQjYbL8wHn+J35sLKRDDPKYibl4qePBXsI1mWabea05+SFNJE POf82vMzYDanYZdcv5BzsgvNT9gwqRT2BJUxZpSbRVfhLLTf4AwDAitdfYDCkDLX K4jAh4KbiK1nLDbplCT7czB7ORL0KhYmupQMOidZpKIAE3a53cAKr1yH5WKhewH1 JGG2Bkx82yupBL2LRYVTIaZs52V+1fIti9xwcbvH/HF5blN1RGV9DQFMd2yJMYOi SNuPKgJZ+16g3ZmvRftNXG8w2eUGk7ud4tWPw5HE7pxvnrnRDL0TQYni5olRUXKr OGI= -----END CERTIFICATE-----Generated at Wed Nov 5 05:42:35 2025 by rpki-client