$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa File: 27ffe405-af5c-4562-aa96-cff0cf796a1c.roa (raw, json) Hash identifier: FPZJnap7Qb/i6oxyoR5IWwRT5boQMgQSkdrnje3Mg2o= Subject key identifier: DC:8B:74:3C:6D:4A:43:C2:CF:F8:3B:D0:C7:D6:5E:C6:69:99:CA:5E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5070F2E2C21E70F5DA64B411A627B60C56F1CF56 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa Signing time: Fri 07 Nov 2025 00:40:49 +0000 ROA not before: Fri 07 Nov 2025 00:40:49 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:6020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:70:f2:e2:c2:1e:70:f5:da:64:b4:11:a6:27:b6:0c:56:f1:cf:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:40:49 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=f0446bb5f0c82fd80e75d3ebb959e65c5212762f265bca101d91d2b97a4c30ef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:98:9a:b6:1c:07:64:12:57:0c:63:df:72:6f: 40:b4:51:06:df:c8:af:c7:00:6b:43:7d:43:f0:92: a2:d8:bf:e4:3d:67:bf:a2:73:0a:e4:c8:da:54:18: dc:b6:93:43:49:99:88:ac:8f:71:b2:fb:c7:e0:16: 53:de:6b:57:6d:a1:e2:35:77:4e:1b:c9:71:3d:c3: c2:35:33:35:1f:a8:c3:f8:d5:df:52:c9:d1:8f:c8: 4f:41:ae:10:3f:02:c5:05:22:c6:65:5f:df:06:c5: e8:02:f6:cb:76:a7:cf:e4:49:4b:0a:1f:9b:a8:bf: c4:f6:e7:19:d5:a9:e2:fe:8a:23:e9:a8:36:98:a3: a9:3c:2a:4a:67:01:28:93:e0:41:57:06:ae:39:d4: e1:ec:c6:50:0e:13:7d:49:c3:2b:20:de:6e:e9:5d: 57:c5:d6:43:36:d1:10:05:11:8d:9e:c7:30:0b:ec: 91:05:b7:67:00:1c:92:01:c9:28:4b:86:2a:c3:89: b1:54:1e:8e:50:ac:2e:8a:a0:ed:bd:13:09:27:14: ba:e6:cb:2f:16:4a:28:59:38:b5:4b:a9:9c:b6:2c: 63:44:26:9e:e4:5a:a1:f7:30:4d:86:98:6f:6b:84: f2:f2:c4:bc:fa:08:2a:96:be:1c:0e:31:55:e3:25: 5c:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8B:74:3C:6D:4A:43:C2:CF:F8:3B:D0:C7:D6:5E:C6:69:99:CA:5E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27ffe405-af5c-4562-aa96-cff0cf796a1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:6020::/48 Signature Algorithm: sha256WithRSAEncryption a4:49:f2:a4:61:97:34:f1:d9:f8:08:d6:c7:bc:a5:1b:05:04: 1f:0f:87:2f:fe:23:06:ae:36:30:fe:28:d2:d5:9e:83:79:fe: d5:19:ee:06:5e:8f:4f:e6:64:a7:9d:70:99:07:72:09:31:d5: 96:a9:cc:f3:44:20:ad:50:ae:47:a1:99:cc:de:b3:64:da:65: 8c:3f:6e:45:ef:29:99:ed:11:c7:46:46:e6:a5:5f:ef:06:d1: 2f:f9:99:8d:c5:ab:5a:8c:62:d9:90:b3:1b:4a:7f:8e:cd:b5: 02:b0:68:5f:c0:57:d3:63:5f:04:df:b3:29:c3:a7:66:02:43: 5c:a9:ce:6b:6b:67:ab:74:34:64:75:e6:32:49:25:26:7e:b6: 9d:da:dd:5d:4b:9d:da:52:28:90:ef:71:1d:3a:9d:12:fa:a1: 0a:1d:40:76:97:62:c9:74:59:f8:bf:b9:3b:5b:2b:15:31:fe: 05:1a:21:4e:70:f3:e6:16:fe:f3:f3:00:59:3e:3e:1c:d3:69: 0c:fb:7f:ac:26:aa:ee:b1:04:38:d9:c2:e7:5c:dc:fd:be:5e: 75:fe:de:a6:87:98:be:c2:e9:b5:66:93:3f:c9:3b:1c:4f:c3: 9f:a3:91:f3:9e:d7:55:70:87:e5:52:9e:ed:88:65:d1:47:bc: ab:5f:9b:45 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUHDy4sIecPXaZLQRpie2DFbxz1YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwNDA0OVoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAZjA0NDZiYjVmMGM4MmZkODBlNzVk M2ViYjk1OWU2NWM1MjEyNzYyZjI2NWJjYTEwMWQ5MWQyYjk3YTRjMzBlZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5iathwHZBJXDGPfcm9AtFEG38iv xwBrQ31D8JKi2L/kPWe/onMK5MjaVBjctpNDSZmIrI9xsvvH4BZT3mtXbaHiNXdO G8lxPcPCNTM1H6jD+NXfUsnRj8hPQa4QPwLFBSLGZV/fBsXoAvbLdqfP5ElLCh+b qL/E9ucZ1ani/ooj6ag2mKOpPCpKZwEok+BBVwauOdTh7MZQDhN9ScMrIN5u6V1X xdZDNtEQBRGNnscwC+yRBbdnABySAckoS4Yqw4mxVB6OUKwuiqDtvRMJJxS65ssv FkooWTi1S6mctixjRCae5Fqh9zBNhphva4Ty8sS8+ggqlr4cDjFV4yVc9QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNyLdDxtSkPCz/g70MfWXsZpmcpeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI3ZmZlNDA1LWFmNWMtNDU2Mi1hYTk2LWNmZjBjZjc5NmExYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/2AgMA0GCSqGSIb3DQEBCwUAA4IBAQCkSfKkYZc08dn4CNbH vKUbBQQfD4cv/iMGrjYw/ijS1Z6Def7VGe4GXo9P5mSnnXCZB3IJMdWWqczzRCCt UK5HoZnM3rNk2mWMP25F7ymZ7RHHRkbmpV/vBtEv+ZmNxatajGLZkLMbSn+OzbUC sGhfwFfTY18E37Mpw6dmAkNcqc5ra2erdDRkdeYySSUmfrad2t1dS53aUiiQ73Ed Op0S+qEKHUB2l2LJdFn4v7k7WysVMf4FGiFOcPPmFv7z8wBZPj4c02kM+3+sJqru sQQ42cLnXNz9vl51/t6mh5i+wum1ZpM/yTscT8Ofo5HzntdVcIflUp7tiGXRR7yr X5tF -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:52 2025 by rpki-client