$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db5682b0-dca6-45be-b164-56698b11cc97.roa File: db5682b0-dca6-45be-b164-56698b11cc97.roa (raw, json) Hash identifier: bodl7tJGrWcD9ip7toO4fjgZK686/Z7eE5b8iDwx+bs= Subject key identifier: 3C:3D:6D:06:19:B9:A2:DC:1C:E5:20:2B:C2:55:79:8F:FF:58:83:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5357CA7612CB2E27C1C724EAFA9FEB6272BA34B9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db5682b0-dca6-45be-b164-56698b11cc97.roa Signing time: Mon 13 Oct 2025 15:38:09 +0000 ROA not before: Mon 13 Oct 2025 15:38:09 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:57:ca:76:12:cb:2e:27:c1:c7:24:ea:fa:9f:eb:62:72:ba:34:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:38:09 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=b0eaf72459aea88e8d4eb99d6ab809cc301eef8dadc58f98c4762fe7bd74ef37, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ee:c4:11:1d:42:5d:cc:fc:59:93:a0:25:75: 23:7b:19:f3:d6:af:68:9c:25:7c:61:08:c3:93:c6: 12:e6:7f:a4:5b:00:16:5e:5f:55:0f:ff:88:45:d5: 55:c9:d9:e0:fe:c6:e5:9b:a4:ff:b2:69:6c:42:f5: 61:0f:64:53:c9:c5:2a:20:68:91:4d:5c:aa:2e:fa: 2d:cd:ec:65:fe:0c:3f:f5:12:07:7d:29:2e:0c:a2: 19:2b:30:fb:8d:65:c4:9c:80:ea:5d:91:36:c4:68: 3f:5a:65:0e:28:be:3f:2e:b8:d1:02:ba:8a:c4:6a: b7:a2:f7:ff:38:b2:10:ec:75:b9:70:bd:a4:d4:35: 5d:f8:d2:ee:99:15:12:06:0e:5f:9c:08:d3:54:5b: 37:b4:be:82:5c:ba:15:85:7b:04:b8:4b:c8:95:3d: 9c:07:13:63:ec:38:20:87:3b:50:45:41:41:d9:73: 65:6e:e5:aa:87:b3:c8:be:6e:c5:8b:90:a3:b0:5a: ed:b3:c6:ea:ea:58:d9:78:bc:cc:5d:d7:62:37:0f: ba:48:1e:1d:a5:5f:4c:96:75:dc:a5:52:91:09:4d: fe:aa:bd:6f:fd:49:dc:e6:2b:43:a8:75:09:ae:ff: c2:5e:dd:c1:e8:a3:40:69:37:b8:ed:dc:c6:54:30: eb:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:3D:6D:06:19:B9:A2:DC:1C:E5:20:2B:C2:55:79:8F:FF:58:83:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db5682b0-dca6-45be-b164-56698b11cc97.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:10c0::/48 Signature Algorithm: sha256WithRSAEncryption 8b:08:f0:67:84:1d:a4:c2:f2:3e:11:24:f3:93:73:b9:1e:37: a3:76:99:12:95:a4:84:94:b7:39:54:8d:f9:ef:98:49:38:43: 64:65:3e:31:5d:b9:da:25:5f:e2:1a:3b:0e:cd:d0:90:95:2c: 12:77:69:ec:5d:fe:42:ba:0b:9c:5a:8f:1d:1f:a9:32:d0:40: df:06:66:63:be:f1:9f:b1:fd:d5:22:f4:f1:4d:eb:a4:44:87: 25:b9:37:93:d4:a8:f1:45:cb:3c:23:8a:b5:ac:ec:e0:42:55: b1:fe:2a:cd:ab:53:46:c8:a9:e7:3a:b1:80:a5:42:8d:df:36: 8e:e6:81:3e:b4:3f:6d:00:c0:6a:c1:33:3b:84:34:16:63:58: e5:1c:d8:58:27:ff:dc:6a:13:3f:24:a4:97:d5:ab:6f:82:6e: e7:e0:e7:96:e6:d3:bc:35:29:38:6f:e5:ac:9d:b7:88:32:57: ca:e5:80:3e:a3:02:c7:45:d7:88:65:36:9b:e2:5f:5e:df:b9: 0f:95:27:be:f8:18:3e:67:9d:0e:f0:92:ec:af:72:b0:e3:b7: c7:2f:8a:65:52:0f:dc:a4:7a:78:dc:c9:b8:5c:02:51:be:c6: d5:72:53:37:71:c5:2a:cf:dd:a0:97:31:64:e2:86:1a:d8:ff: ac:a7:1f:eb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUU1fKdhLLLifBxyTq+p/rYnK6NLkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MzgwOVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAYjBlYWY3MjQ1OWFlYTg4ZThkNGVi OTlkNmFiODA5Y2MzMDFlZWY4ZGFkYzU4Zjk4YzQ3NjJmZTdiZDc0ZWYzNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe7EER1CXcz8WZOgJXUjexnz1q9o nCV8YQjDk8YS5n+kWwAWXl9VD/+IRdVVydng/sblm6T/smlsQvVhD2RTycUqIGiR TVyqLvotzexl/gw/9RIHfSkuDKIZKzD7jWXEnIDqXZE2xGg/WmUOKL4/LrjRArqK xGq3ovf/OLIQ7HW5cL2k1DVd+NLumRUSBg5fnAjTVFs3tL6CXLoVhXsEuEvIlT2c BxNj7DgghztQRUFB2XNlbuWqh7PIvm7Fi5CjsFrts8bq6ljZeLzMXddiNw+6SB4d pV9MlnXcpVKRCU3+qr1v/Unc5itDqHUJrv/CXt3B6KNAaTe47dzGVDDrJQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDw9bQYZuaLcHOUgK8JVeY//WIOdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiNTY4MmIwLWRjYTYtNDViZS1iMTY0LTU2Njk4YjExY2M5Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8hDAMA0GCSqGSIb3DQEBCwUAA4IBAQCLCPBnhB2kwvI+ESTz k3O5HjejdpkSlaSElLc5VI3575hJOENkZT4xXbnaJV/iGjsOzdCQlSwSd2nsXf5C ugucWo8dH6ky0EDfBmZjvvGfsf3VIvTxTeukRIcluTeT1KjxRcs8I4q1rOzgQlWx /irNq1NGyKnnOrGApUKN3zaO5oE+tD9tAMBqwTM7hDQWY1jlHNhYJ//cahM/JKSX 1atvgm7n4OeW5tO8NSk4b+WsnbeIMlfK5YA+owLHRdeIZTab4l9e37kPlSe++Bg+ Z50O8JLsr3Kw47fHL4plUg/cpHp43Mm4XAJRvsbVclM3ccUqz92glzFk4oYa2P+s px/r -----END CERTIFICATE-----Generated at Wed Nov 5 05:44:14 2025 by rpki-client