$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa File: 7c128a18-fe39-4c85-9076-3ff17462d555.roa (raw, json) Hash identifier: Febji2tw9GofKYV6NAouj92QD0JsEz1QR/iUECmNFCs= Subject key identifier: 25:DE:01:0E:3D:62:D5:EA:8E:AE:BD:29:C3:E2:F5:32:DE:D9:88:73 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 67B281803B89015366BAC672380F3B66AB41BE78 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa Signing time: Fri 07 Nov 2025 00:01:05 +0000 ROA not before: Fri 07 Nov 2025 00:01:05 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:b2:81:80:3b:89:01:53:66:ba:c6:72:38:0f:3b:66:ab:41:be:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:01:05 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=613f25a2a590757849d361e8a54b75b06a11b7e282e0c960ba0eef7c354b6079, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a4:79:fc:61:96:b1:61:12:e1:1e:f2:05:df: 80:37:f7:15:ed:34:f5:d7:6b:c6:ca:ea:37:6e:29: 49:21:c0:6a:9f:b9:81:81:f5:17:45:00:85:b3:2e: f3:89:33:ce:8a:4e:e2:93:3b:f2:5d:f1:8c:4c:81: b8:78:99:ae:7a:17:c0:1e:44:0c:62:36:ca:d5:a3: 61:9a:95:10:a3:e9:f8:31:19:5e:f7:da:cb:1f:e6: 91:fa:bc:ee:4d:f5:2e:11:53:a4:b9:83:06:f0:19: 98:49:06:7f:e5:2e:9f:c3:ec:bd:ec:3e:5c:e8:40: 71:88:4e:c2:ef:73:e2:d7:be:27:56:d2:96:fe:e0: 8b:2a:35:08:7c:3b:fe:d1:7c:4c:da:06:ab:1d:de: 0e:b7:a3:4c:97:19:79:66:9c:cf:c6:79:d4:9b:02: e6:2e:33:84:78:73:f7:3f:f2:2d:c1:79:e1:fe:58: f3:c0:d5:b4:5a:a1:be:a6:fd:05:80:41:24:6d:70: 79:91:ec:25:32:29:a1:ad:74:3d:f9:63:9a:e9:a1: 9d:3e:36:f6:a3:fd:17:61:bf:ed:73:ae:74:01:e9: 90:39:76:1a:9e:5c:85:09:c5:5c:a6:e9:a0:91:3d: 78:ed:33:45:86:9f:1e:35:b5:35:12:25:f6:c0:b6: 3b:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:DE:01:0E:3D:62:D5:EA:8E:AE:BD:29:C3:E2:F5:32:DE:D9:88:73 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:b000::/40 Signature Algorithm: sha256WithRSAEncryption 4a:31:48:ae:f0:34:1f:de:38:2f:89:5b:19:39:25:97:c9:f2: 33:85:dc:6c:eb:fb:92:b8:a1:97:c8:b5:68:c9:f1:d4:4b:02: 4a:56:a7:af:fb:65:c7:72:92:b9:25:36:24:5d:e2:bd:34:52: 1a:21:78:b5:0f:93:4b:c4:9b:83:40:93:83:2b:45:1d:60:49: ae:eb:0b:55:31:97:2d:03:67:1c:bf:b9:d6:46:c4:e8:2e:43: 2e:86:2a:e0:61:8a:3a:4f:fd:f8:4e:95:81:05:e8:6e:c9:8f: 94:b4:1a:3f:24:b4:64:05:de:18:12:2f:cb:c7:9b:63:b2:7a: 92:c9:1b:8a:46:2d:79:86:fd:d3:c3:3f:fe:0b:b9:de:4a:bd: 4b:6d:dd:90:70:b0:e2:e4:b1:79:29:fe:f5:1c:ee:2c:8c:9b: ce:77:cd:37:41:44:2e:3f:2d:da:18:39:f9:81:7a:3c:4c:63: 88:3f:f8:36:d5:ec:df:a4:d4:f2:e1:7a:a3:49:1e:db:56:4f: e2:a0:05:1f:63:67:5a:53:51:26:f3:5f:f2:98:bd:75:fa:2b: ed:7d:34:e9:b9:a8:99:ea:4d:53:bf:b4:ef:8b:88:39:eb:3f: 4a:6e:11:90:25:bd:44:de:d9:1f:06:b5:e6:4f:cf:0b:a6:f9: 0b:49:85:2d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ7KBgDuJAVNmusZyOA87ZqtBvngwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMDEwNVoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNANjEzZjI1YTJhNTkwNzU3ODQ5ZDM2 MWU4YTU0Yjc1YjA2YTExYjdlMjgyZTBjOTYwYmEwZWVmN2MzNTRiNjA3OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqR5/GGWsWES4R7yBd+AN/cV7TT1 12vGyuo3bilJIcBqn7mBgfUXRQCFsy7ziTPOik7ikzvyXfGMTIG4eJmuehfAHkQM YjbK1aNhmpUQo+n4MRle99rLH+aR+rzuTfUuEVOkuYMG8BmYSQZ/5S6fw+y97D5c 6EBxiE7C73Pi174nVtKW/uCLKjUIfDv+0XxM2garHd4Ot6NMlxl5ZpzPxnnUmwLm LjOEeHP3P/ItwXnh/ljzwNW0WqG+pv0FgEEkbXB5kewlMimhrXQ9+WOa6aGdPjb2 o/0XYb/tc650AemQOXYanlyFCcVcpumgkT147TNFhp8eNbU1EiX2wLY7FwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCXeAQ49YtXqjq69KcPi9TLe2YhzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdjMTI4YTE4LWZlMzktNGM4NS05MDc2LTNmZjE3NDYyZDU1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9rAwDQYJKoZIhvcNAQELBQADggEBAEoxSK7wNB/eOC+JWxk5 JZfJ8jOF3Gzr+5K4oZfItWjJ8dRLAkpWp6/7ZcdykrklNiRd4r00UhoheLUPk0vE m4NAk4MrRR1gSa7rC1Uxly0DZxy/udZGxOguQy6GKuBhijpP/fhOlYEF6G7Jj5S0 Gj8ktGQF3hgSL8vHm2OyepLJG4pGLXmG/dPDP/4Lud5KvUtt3ZBwsOLksXkp/vUc 7iyMm853zTdBRC4/LdoYOfmBejxMY4g/+DbV7N+k1PLheqNJHttWT+KgBR9jZ1pT USbzX/KYvXX6K+19NOm5qJnqTVO/tO+LiDnrP0puEZAlvUTe2R8GteZPzwum+QtJ hS0= -----END CERTIFICATE-----Generated at Tue Nov 18 09:36:52 2025 by rpki-client