$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa File: 72a92468-955c-4942-86f7-be976f5fe4ad.roa (raw, json) Hash identifier: rLdw2AmhWOOG5d7kVU8yhEssCW3EeroOXGUecBH58n0= Subject key identifier: E6:6A:44:9D:94:20:50:58:0E:5E:02:D4:13:1E:64:C6:D0:51:B1:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24EA7117FF39902962FE9B6001BA6D537E229606 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa Signing time: Wed 29 Oct 2025 00:10:26 +0000 ROA not before: Wed 29 Oct 2025 00:10:26 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:20c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:ea:71:17:ff:39:90:29:62:fe:9b:60:01:ba:6d:53:7e:22:96:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:10:26 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=231644522e9aa97e41428c2423171ff2f8738d29a876f4625dfd0af60e667280, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:8a:84:26:72:d3:51:94:ff:63:d8:87:f2:d8: 43:db:7a:a6:8c:f8:f8:44:d3:4c:b9:9b:40:9d:d4: 3b:d9:2f:0b:ec:c3:4c:20:0d:51:ef:f2:6d:92:0b: 1f:bf:0f:39:11:99:b9:5f:cb:75:c5:0f:49:e7:23: a8:cb:62:30:9f:d0:6c:f4:b3:53:2c:3c:b8:6e:e8: 29:16:9b:76:8d:20:3e:b6:d7:2f:a5:cd:7f:91:d8: 69:5e:9e:b7:7f:08:a9:5e:ce:7c:02:7b:14:d7:c6: 61:ac:85:c4:5d:97:e1:3f:dc:19:6c:9d:38:23:06: d8:cf:55:7d:bd:0b:df:a5:bc:44:d8:c2:8c:b8:4b: bd:7d:b2:08:cc:e4:85:b0:59:24:f7:e8:bf:93:63: 5c:ff:3b:2a:96:ef:43:9b:00:c2:ab:32:e7:99:58: e9:8a:22:04:49:26:d5:c5:ee:c3:24:36:7a:be:18: 78:0f:66:3f:65:7f:f9:37:81:49:4d:be:74:d8:14: ea:9c:97:d0:92:9e:3a:47:ed:7e:a7:b7:ed:68:40: 5e:e3:64:53:13:b5:ef:6d:eb:a6:4b:07:75:b4:10: 15:68:17:e7:7f:3d:c2:73:88:8a:8a:62:2c:ba:e5: 03:5c:f7:6c:d4:69:1d:67:38:9f:6d:7e:cb:9d:b8: 02:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:6A:44:9D:94:20:50:58:0E:5E:02:D4:13:1E:64:C6:D0:51:B1:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:20c0::/46 Signature Algorithm: sha256WithRSAEncryption c6:1f:cd:a9:cb:4b:8e:49:db:11:e4:da:14:2d:c4:69:a8:55: 16:07:bd:65:e9:f4:f8:ad:e8:b7:28:5e:a7:a5:70:b9:49:fd: 2b:bf:40:db:8b:16:7f:1e:e8:a8:b8:c7:a9:0e:41:38:33:9e: bf:4f:ce:90:94:0f:9c:7e:80:9e:37:5a:88:2a:1f:2c:e0:96: 4a:40:36:ef:3d:05:c0:45:fc:e1:e7:67:a3:24:83:58:c3:4f: c3:22:cc:5b:de:02:f6:09:8b:2a:2b:81:b4:9d:9a:93:67:29: ec:a3:44:96:6f:17:af:b2:a1:75:51:f4:37:49:c3:95:65:0a: 03:b7:e1:fd:de:a7:29:ee:9a:74:0b:d2:ea:34:59:03:32:ae: b5:18:3c:9f:b8:2e:e9:93:2f:9b:4f:d7:84:59:23:96:84:25: e1:80:28:de:09:b0:ef:6b:63:2e:28:59:94:af:f9:3e:6c:17: b3:de:94:43:46:e6:e6:58:08:9f:2d:df:cf:cf:eb:85:30:e0: 42:10:05:bf:87:3c:28:ee:24:ea:e1:0f:1a:48:26:96:98:3e: 9a:97:c9:f3:b9:c4:96:20:8a:44:33:8b:86:53:3c:b9:ca:69: 5a:f2:56:30:75:a3:44:db:bf:33:54:f2:0f:0c:4c:d8:a8:cb: 70:cb:e4:b9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJOpxF/85kCli/ptgAbptU34ilgYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMTAyNloX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAMjMxNjQ0NTIyZTlhYTk3ZTQxNDI4 YzI0MjMxNzFmZjJmODczOGQyOWE4NzZmNDYyNWRmZDBhZjYwZTY2NzI4MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IqEJnLTUZT/Y9iH8thD23qmjPj4 RNNMuZtAndQ72S8L7MNMIA1R7/Jtkgsfvw85EZm5X8t1xQ9J5yOoy2Iwn9Bs9LNT LDy4bugpFpt2jSA+ttcvpc1/kdhpXp63fwipXs58AnsU18ZhrIXEXZfhP9wZbJ04 IwbYz1V9vQvfpbxE2MKMuEu9fbIIzOSFsFkk9+i/k2Nc/zsqlu9DmwDCqzLnmVjp iiIESSbVxe7DJDZ6vhh4D2Y/ZX/5N4FJTb502BTqnJfQkp46R+1+p7ftaEBe42RT E7XvbeumSwd1tBAVaBfnfz3Cc4iKimIsuuUDXPds1GkdZzifbX7LnbgC1wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOZqRJ2UIFBYDl4C1BMeZMbQUbGaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcyYTkyNDY4LTk1NWMtNDk0Mi04NmY3LWJlOTc2ZjVmZTRhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8yDAMA0GCSqGSIb3DQEBCwUAA4IBAQDGH82py0uOSdsR5NoU LcRpqFUWB71l6fT4rei3KF6npXC5Sf0rv0DbixZ/HuiouMepDkE4M56/T86QlA+c foCeN1qIKh8s4JZKQDbvPQXARfzh52ejJINYw0/DIsxb3gL2CYsqK4G0nZqTZyns o0SWbxevsqF1UfQ3ScOVZQoDt+H93qcp7pp0C9LqNFkDMq61GDyfuC7pky+bT9eE WSOWhCXhgCjeCbDva2MuKFmUr/k+bBez3pRDRubmWAifLd/Pz+uFMOBCEAW/hzwo 7iTq4Q8aSCaWmD6al8nzucSWIIpEM4uGUzy5ymla8lYwdaNE278zVPIPDEzYqMtw y+S5 -----END CERTIFICATE-----Generated at Wed Nov 5 11:31:49 2025 by rpki-client