$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa File: 9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa (raw, json) Hash identifier: ImN9gtoFSECZp4ZYR0NDC9ktJhwCpnWDJqqMTwD0VEE= Subject key identifier: 12:85:10:55:62:08:47:11:8F:AC:60:D9:47:DC:BB:7F:54:68:50:DD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60252271EE66325C964AE32274FDE038664EF426 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa Signing time: Sun 09 Nov 2025 00:10:29 +0000 ROA not before: Sun 09 Nov 2025 00:10:29 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:8c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:25:22:71:ee:66:32:5c:96:4a:e3:22:74:fd:e0:38:66:4e:f4:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:10:29 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=7cc77daf0a2d5acc2a6e940d589fdbfb0928bb4d6347cb5a4be26cc2b27cfea2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d5:eb:b5:92:5f:43:12:47:cb:bf:da:66:f1: ab:58:e7:ff:57:1c:96:4e:b9:09:40:91:95:8e:9f: 69:86:75:2d:a8:f7:b0:78:12:0c:b2:e8:3d:e4:fc: bd:b8:60:fd:f3:92:76:17:02:2b:cb:f3:71:23:c2: d1:2e:ce:e5:1c:07:7d:94:c7:17:18:83:71:f3:ab: db:91:27:e2:d1:84:43:63:ba:99:4a:b2:98:6f:ef: cc:56:03:b5:df:0e:36:cc:c7:2c:f8:11:39:2c:68: 59:6b:0f:d2:91:6e:58:af:c8:21:66:45:1c:4f:e1: 2a:e3:5b:1a:83:73:69:ec:d0:a9:73:cc:b4:a4:4c: 80:63:f4:5c:34:ae:a6:44:41:98:e8:a9:53:28:21: 82:05:b4:23:ff:92:28:1f:ae:b7:4f:0d:4b:76:7c: 84:ca:ac:f6:00:93:2c:95:87:c5:0a:f8:22:da:fa: 80:84:e0:29:55:b5:0a:7a:99:28:59:df:f9:3d:f8: fe:7f:d1:3d:b7:d0:d0:57:aa:96:7d:7b:20:de:23: 57:59:ec:4c:bb:4b:55:9f:1b:27:92:1f:a7:d7:b9: 2f:40:48:6e:09:dc:95:0a:5f:25:75:3a:73:8c:79: d8:55:38:de:dc:7e:92:47:b1:57:6e:7c:cd:b4:f8: 4c:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:85:10:55:62:08:47:11:8F:AC:60:D9:47:DC:BB:7F:54:68:50:DD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:8c00::/38 Signature Algorithm: sha256WithRSAEncryption 56:65:87:07:ab:73:77:56:07:b7:ef:7b:fc:98:91:0e:52:31: 80:23:59:4f:5d:86:4e:50:e3:ea:18:64:6e:2e:f2:11:b8:0a: a5:2a:68:19:0b:f4:57:68:6d:10:e1:b8:49:f9:4e:0f:d7:9c: cb:be:48:6d:81:80:bb:4f:6d:d4:d8:e3:c2:77:da:46:fe:f3: 06:32:02:76:92:c5:e0:3e:8e:59:ca:bf:63:9d:99:ec:58:9d: 5b:2c:a5:99:01:68:86:2d:3c:5b:f1:4a:f2:6e:fd:55:6f:2a: b7:e1:52:2e:59:86:e3:7c:c4:5f:f8:ad:74:37:03:b8:21:d9: c0:7c:95:1f:97:1b:6f:a1:37:91:da:9c:d7:87:46:b2:61:39: 11:6d:93:07:fa:29:01:0b:fb:c0:b8:0d:23:2c:06:6e:43:8d: 23:f1:15:c0:10:3a:20:e8:61:6b:72:c9:00:4f:0f:f7:3b:51: 5f:9b:23:52:ff:27:3c:74:5d:29:b2:20:d9:c9:ce:8d:bd:94: 6c:de:71:a7:08:a6:c9:d1:d2:9f:16:d9:91:76:1b:e4:d2:ed: dd:0f:81:43:59:e9:a4:2c:4d:23:70:8f:94:90:39:27:bb:a0: ac:f0:9e:4a:d7:76:3c:b1:e1:e2:ef:96:1f:e8:64:37:61:f6: 62:54:75:8d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYCUice5mMlyWSuMidP3gOGZO9CYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMTAyOVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAN2NjNzdkYWYwYTJkNWFjYzJhNmU5 NDBkNTg5ZmRiZmIwOTI4YmI0ZDYzNDdjYjVhNGJlMjZjYzJiMjdjZmVhMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9XrtZJfQxJHy7/aZvGrWOf/VxyW TrkJQJGVjp9phnUtqPeweBIMsug95Py9uGD985J2FwIry/NxI8LRLs7lHAd9lMcX GINx86vbkSfi0YRDY7qZSrKYb+/MVgO13w42zMcs+BE5LGhZaw/SkW5Yr8ghZkUc T+Eq41sag3Np7NCpc8y0pEyAY/RcNK6mREGY6KlTKCGCBbQj/5IoH663Tw1LdnyE yqz2AJMslYfFCvgi2vqAhOApVbUKepkoWd/5Pfj+f9E9t9DQV6qWfXsg3iNXWexM u0tVnxsnkh+n17kvQEhuCdyVCl8ldTpzjHnYVTje3H6SR7FXbnzNtPhMcQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBKFEFViCEcRj6xg2Ufcu39UaFDdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlkNjA5N2JiLTQ2ZjctNGEzOS05YWZlLTk4MjcxYzhiMDViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHIwwDQYJKoZIhvcNAQELBQADggEBAFZlhwerc3dWB7fve/yY kQ5SMYAjWU9dhk5Q4+oYZG4u8hG4CqUqaBkL9FdobRDhuEn5Tg/XnMu+SG2BgLtP bdTY48J32kb+8wYyAnaSxeA+jlnKv2OdmexYnVsspZkBaIYtPFvxSvJu/VVvKrfh Ui5ZhuN8xF/4rXQ3A7gh2cB8lR+XG2+hN5HanNeHRrJhORFtkwf6KQEL+8C4DSMs Bm5DjSPxFcAQOiDoYWtyyQBPD/c7UV+bI1L/Jzx0XSmyINnJzo29lGzecacIpsnR 0p8W2ZF2G+TS7d0PgUNZ6aQsTSNwj5SQOSe7oKzwnkrXdjyx4eLvlh/oZDdh9mJU dY0= -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:02 2025 by rpki-client