$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa File: fb17f286-f77e-445f-a084-0fef8b29ef6e.roa (raw, json) Hash identifier: BfK1mQkO0M7eQJ6a15YXogdGCHyxJmav+ER3AKdflDM= Subject key identifier: C2:63:27:54:95:18:73:BF:34:33:23:E9:EC:DA:D9:F8:12:F6:FB:F3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 495436C4FA92CAAF07FB64E8207960D1D79E2FD1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa Signing time: Fri 17 Oct 2025 00:01:48 +0000 ROA not before: Fri 17 Oct 2025 00:01:48 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:54:36:c4:fa:92:ca:af:07:fb:64:e8:20:79:60:d1:d7:9e:2f:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:01:48 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=38d4230a2b58077f12432881c7c4375eaaf576409426d5fb1cbbe06da27f6b7b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d5:4c:66:80:43:c2:2c:6e:5c:e0:4d:40:9c: 2e:82:ba:3f:57:01:7b:db:91:85:c2:85:ce:77:5d: 1b:eb:08:ab:77:d1:cd:f4:fe:f8:11:c2:29:0d:4c: 7c:95:3e:00:78:96:c8:7d:ea:6d:05:cb:08:51:b9: 9d:61:2a:98:8a:35:e6:ea:0e:10:b3:f6:26:05:a1: 4b:8e:68:ab:6d:26:88:92:04:bd:1b:15:6e:e6:29: 17:62:c1:42:72:b2:82:b1:6a:85:6d:b0:e6:c1:cd: 42:ab:55:6a:e2:0a:ba:9a:37:9e:62:f1:7a:7b:f9: 9e:21:95:27:93:72:2d:bd:58:e4:5f:dd:8e:6b:cb: 99:34:7b:8f:45:fb:07:4a:fb:c5:d9:e5:1b:1b:b5: 2f:c4:63:59:ee:f5:71:85:0f:7f:9e:e4:92:2d:60: e8:75:8d:b8:6b:a0:bb:97:90:34:7e:b4:45:8d:4c: 21:4c:48:e0:2b:be:8e:c8:30:24:a1:dc:5b:82:34: 1f:06:17:b1:9a:c4:fe:22:2e:a0:89:7f:ea:89:03: 5e:76:10:98:64:78:54:cf:05:77:76:3a:67:73:15: 67:40:0b:91:ce:43:dc:f7:fb:58:d6:7b:69:0e:50: cf:76:a7:1e:dc:56:1c:c4:03:7e:ef:db:d4:2a:0e: 17:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:63:27:54:95:18:73:BF:34:33:23:E9:EC:DA:D9:F8:12:F6:FB:F3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:800::/40 Signature Algorithm: sha256WithRSAEncryption 5b:55:f4:d7:b0:d1:69:c2:dd:cb:4f:69:06:94:9d:56:67:83: 7d:97:91:01:e9:55:ff:77:44:21:77:7d:77:c7:c0:e3:83:b2: 42:6b:a1:ba:fb:91:0e:8f:ce:69:b7:ae:78:17:3b:0a:5f:ce: f5:78:89:32:78:61:15:37:6b:e8:ed:ef:f8:46:86:eb:41:4c: 3e:c6:dc:8a:bc:b4:d9:61:f4:3a:be:0b:40:b6:d0:b7:19:56: bf:12:75:f3:e1:27:c8:d4:cf:a2:24:8c:17:e5:ab:91:5c:a6: 76:dc:f4:72:a7:07:fa:0e:fc:14:c0:0f:b1:9a:24:a8:18:15: 7b:67:9b:a8:2b:1b:d2:87:29:02:aa:f7:ae:0b:bf:74:31:e0: 3a:4e:02:33:f5:bc:87:a1:f0:6c:ce:af:19:ee:42:4a:1d:79: 56:d4:3a:0a:70:43:c6:aa:78:4f:e4:0d:f2:59:30:b3:91:89: 85:3a:26:a8:f9:3c:50:46:29:46:38:25:77:a3:9b:24:93:9c: 60:f4:23:42:8d:1f:d6:39:03:24:c1:c8:33:de:85:39:ac:85: 1d:e7:58:73:97:0d:7c:82:f5:a8:b0:3a:7e:f4:33:b8:be:97: 2d:e1:52:5a:95:9e:2b:03:4c:9f:da:0f:d6:0c:a4:04:6e:ae: 67:cc:a4:e2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSVQ2xPqSyq8H+2ToIHlg0deeL9EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDE0OFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAMzhkNDIzMGEyYjU4MDc3ZjEyNDMy ODgxYzdjNDM3NWVhYWY1NzY0MDk0MjZkNWZiMWNiYmUwNmRhMjdmNmI3YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNVMZoBDwixuXOBNQJwugro/VwF7 25GFwoXOd10b6wird9HN9P74EcIpDUx8lT4AeJbIfeptBcsIUbmdYSqYijXm6g4Q s/YmBaFLjmirbSaIkgS9GxVu5ikXYsFCcrKCsWqFbbDmwc1Cq1Vq4gq6mjeeYvF6 e/meIZUnk3ItvVjkX92Oa8uZNHuPRfsHSvvF2eUbG7UvxGNZ7vVxhQ9/nuSSLWDo dY24a6C7l5A0frRFjUwhTEjgK76OyDAkodxbgjQfBhexmsT+Ii6giX/qiQNedhCY ZHhUzwV3djpncxVnQAuRzkPc9/tY1ntpDlDPdqce3FYcxAN+79vUKg4XGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMJjJ1SVGHO/NDMj6eza2fgS9vvzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMTdmMjg2LWY3N2UtNDQ1Zi1hMDg0LTBmZWY4YjI5ZWY2ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauAgwDQYJKoZIhvcNAQELBQADggEBAFtV9New0WnC3ctPaQaU nVZng32XkQHpVf93RCF3fXfHwOODskJrobr7kQ6Pzmm3rngXOwpfzvV4iTJ4YRU3 a+jt7/hGhutBTD7G3Iq8tNlh9Dq+C0C20LcZVr8SdfPhJ8jUz6IkjBflq5Fcpnbc 9HKnB/oO/BTAD7GaJKgYFXtnm6grG9KHKQKq964Lv3Qx4DpOAjP1vIeh8GzOrxnu QkodeVbUOgpwQ8aqeE/kDfJZMLORiYU6Jqj5PFBGKUY4JXejmySTnGD0I0KNH9Y5 AyTByDPehTmshR3nWHOXDXyC9aiwOn70M7i+ly3hUlqVnisDTJ/aD9YMpARurmfM pOI= -----END CERTIFICATE-----Generated at Wed Nov 5 07:43:44 2025 by rpki-client