$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa File: 4a75b2a7-15e5-4501-aaaf-4737a678d996.roa (raw, json) Hash identifier: OUWFtTuaM4TVhQ0nOoICFFEDiMBdhm5nbDEPAvt952E= Subject key identifier: 15:0F:10:A9:AB:B5:1D:35:1A:3A:73:52:E5:54:F1:C0:4E:A5:1E:92 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1564ABA062CBD218A64FE45062B515DAF18E8E09 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa Signing time: Fri 17 Oct 2025 00:01:57 +0000 ROA not before: Fri 17 Oct 2025 00:01:57 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:64:ab:a0:62:cb:d2:18:a6:4f:e4:50:62:b5:15:da:f1:8e:8e:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:01:57 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=33363f6b39566f6b718474c45c180d108dec80f6bd4bd47ddfdf33eeae5a6216, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:a7:4d:3c:0e:e0:29:83:c7:57:b0:7c:df:65: 79:88:4b:9e:19:3f:ed:47:c1:4f:44:de:b5:d9:df: 7a:59:62:d1:25:6a:37:8e:d9:33:f3:a1:54:36:61: 1f:26:e5:bf:0f:f2:48:a6:ed:0c:41:b4:c1:17:36: 9a:2c:a9:58:2d:6c:8d:72:9d:a2:8e:b9:0f:8c:eb: 4f:8f:b6:dd:46:65:0d:d9:ae:cc:c2:e4:6d:e3:95: 65:67:51:14:21:80:5e:b5:b8:5a:18:4a:46:0b:bd: 96:c1:e2:d3:97:da:4a:d1:cc:03:1c:5b:21:7d:dd: b1:66:7e:89:b9:45:df:a4:f6:b7:e0:00:df:db:c3: 12:50:8e:b7:e6:93:38:6d:17:76:ba:4a:a3:f7:0d: e5:de:dc:4c:7d:94:c4:e0:69:7e:9e:6f:e8:51:74: cb:91:08:a9:60:47:79:1e:a7:99:8c:80:fb:3f:fe: 0e:c7:d4:af:ce:f0:47:3f:fa:f8:5b:aa:18:81:96: 95:71:2e:72:6c:22:0d:e5:8a:37:6c:3c:68:16:0b: 64:e9:95:f9:1b:c9:2c:10:26:3f:cd:df:49:4c:a6: f6:74:f3:89:bb:00:6e:da:1a:e9:92:2d:ab:bd:21: 84:ec:b0:34:c4:a5:7f:27:a4:f9:56:21:84:e1:25: f1:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:0F:10:A9:AB:B5:1D:35:1A:3A:73:52:E5:54:F1:C0:4E:A5:1E:92 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:7000::/40 Signature Algorithm: sha256WithRSAEncryption b1:d6:fd:43:5d:58:73:2d:7d:a2:c5:dd:34:26:d0:64:1d:14: f4:b2:f3:a4:5c:41:95:b1:b9:55:05:bb:c4:57:cc:09:60:10: 3e:15:2c:e9:7b:6c:6b:25:5f:2f:c2:96:70:47:e5:7d:1f:f8: a8:05:13:b1:b7:63:6a:6a:11:c8:e8:54:53:89:43:40:3b:d7: 11:5d:21:67:8a:e2:2a:d7:28:32:fa:22:98:51:c5:70:ca:df: b8:79:12:0a:5d:91:b0:84:28:c6:bf:bd:3d:a6:a7:2a:20:9c: a9:c5:2d:b7:3a:75:d2:e5:a4:b4:49:fc:2d:d2:29:75:d5:6d: 54:d3:8f:3d:09:e9:0d:cc:8a:b2:c5:fe:61:e5:e4:5d:f0:59: f6:17:57:e0:13:09:8b:a7:79:e4:ff:46:57:2a:e2:f2:83:e0: 9d:93:1d:94:64:c8:fc:4b:7d:7c:52:b9:cf:ec:e9:ab:30:0f: 5c:a7:cb:98:86:6f:61:b8:64:2d:f8:5b:45:ce:94:af:11:03: 9a:e0:9e:12:74:48:a4:51:e9:98:b8:80:87:84:46:ca:b0:03: 55:f1:07:df:90:0a:4c:cc:74:61:60:42:ac:67:87:bd:f2:a2: b2:f2:91:22:ea:3e:d6:77:15:c7:1d:78:ee:04:3e:60:ff:32: 6f:88:f0:3e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFWSroGLL0himT+RQYrUV2vGOjgkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDE1N1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAMzMzNjNmNmIzOTU2NmY2YjcxODQ3 NGM0NWMxODBkMTA4ZGVjODBmNmJkNGJkNDdkZGZkZjMzZWVhZTVhNjIxNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAladNPA7gKYPHV7B832V5iEueGT/t R8FPRN612d96WWLRJWo3jtkz86FUNmEfJuW/D/JIpu0MQbTBFzaaLKlYLWyNcp2i jrkPjOtPj7bdRmUN2a7MwuRt45VlZ1EUIYBetbhaGEpGC72WweLTl9pK0cwDHFsh fd2xZn6JuUXfpPa34ADf28MSUI635pM4bRd2ukqj9w3l3txMfZTE4Gl+nm/oUXTL kQipYEd5HqeZjID7P/4Ox9SvzvBHP/r4W6oYgZaVcS5ybCIN5Yo3bDxoFgtk6ZX5 G8ksECY/zd9JTKb2dPOJuwBu2hrpki2rvSGE7LA0xKV/J6T5ViGE4SXx4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBUPEKmrtR01GjpzUuVU8cBOpR6SMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhNzViMmE3LTE1ZTUtNDUwMS1hYWFmLTQ3MzdhNjc4ZDk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaHAwDQYJKoZIhvcNAQELBQADggEBALHW/UNdWHMtfaLF3TQm 0GQdFPSy86RcQZWxuVUFu8RXzAlgED4VLOl7bGslXy/ClnBH5X0f+KgFE7G3Y2pq EcjoVFOJQ0A71xFdIWeK4irXKDL6IphRxXDK37h5EgpdkbCEKMa/vT2mpyognKnF Lbc6ddLlpLRJ/C3SKXXVbVTTjz0J6Q3MirLF/mHl5F3wWfYXV+ATCYuneeT/Rlcq 4vKD4J2THZRkyPxLfXxSuc/s6aswD1yny5iGb2G4ZC34W0XOlK8RA5rgnhJ0SKRR 6Zi4gIeERsqwA1XxB9+QCkzMdGFgQqxnh73yorLykSLqPtZ3FccdeO4EPmD/Mm+I 8D4= -----END CERTIFICATE-----Generated at Sat Oct 18 05:46:39 2025 by rpki-client