$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa File: 519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa (raw, json) Hash identifier: 0vZw4yEArEaGPylWpRKz+L3N42FBFFiEDSsFDEwwA08= Subject key identifier: 56:C9:71:E4:5B:E0:BD:CA:CC:C3:24:73:18:11:DB:72:1D:F5:0F:65 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60F30A6DFFCEA30CF956E1C35E69CFC889E465F3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa Signing time: Wed 15 Oct 2025 00:00:10 +0000 ROA not before: Wed 15 Oct 2025 00:00:10 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 00:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:f3:0a:6d:ff:ce:a3:0c:f9:56:e1:c3:5e:69:cf:c8:89:e4:65:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:00:10 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=67f44821c385d48fd00040f72e0d66a6218cb3e4386bfa05ac703e70708765a9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:cc:8c:bf:71:2e:a1:de:64:b8:a5:de:72:e7: 7b:f1:b5:3d:e4:20:2e:83:53:4a:9d:34:e3:65:e1: 5e:35:11:31:2e:68:b7:e6:9a:44:07:cc:7a:8b:b9: ef:c8:97:e3:77:5b:54:d5:b0:b4:e3:fe:1d:72:ee: b9:5d:3f:61:67:2e:39:84:ae:7e:4e:2e:7e:14:84: 9f:6b:93:f3:f9:ba:87:df:0e:4c:e4:74:3b:64:dc: 1a:c1:35:56:f9:f6:22:22:ad:9f:16:10:51:73:0d: 58:d6:e8:a7:16:63:a7:37:4f:c7:6e:68:7c:be:0a: f2:e5:0b:b2:0b:58:cf:8a:f3:14:5a:c2:3f:46:40: d8:59:df:6b:66:d7:34:bc:2c:bc:88:72:3d:fa:d6: 35:6c:6c:7d:96:fd:3a:b6:76:86:39:fe:32:ae:e1: 22:ab:68:de:27:05:9d:ee:51:32:43:a3:9c:c3:4c: ed:ac:be:ed:8f:c0:55:63:d3:0c:59:8b:76:3c:43: 6e:21:b8:36:16:31:69:25:08:46:11:48:33:4d:0d: 09:f3:3c:b5:8a:f9:1f:ce:43:da:37:06:20:2b:ea: 1f:49:8e:2f:b7:e0:7b:3e:87:39:3b:d3:4f:06:73: 83:e5:5d:ee:26:83:17:80:24:44:a4:bc:9a:fd:35: 83:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:C9:71:E4:5B:E0:BD:CA:CC:C3:24:73:18:11:DB:72:1D:F5:0F:65 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:e000::/40 Signature Algorithm: sha256WithRSAEncryption 26:83:6e:38:13:43:bd:16:8c:ba:11:18:83:3e:e6:21:9a:d5: 01:b4:07:9d:c1:91:35:81:87:2f:7d:32:d9:85:47:ba:86:94: 2c:36:2b:42:58:bb:0b:7b:2b:bf:f9:8a:01:a6:b0:27:3d:3f: 39:93:2b:e1:be:c4:03:c4:14:24:68:d2:27:89:dc:15:2c:e5: 64:c4:53:b4:02:09:3e:b3:2a:e8:64:38:f6:54:66:c1:c7:22: b1:39:60:c2:0a:e4:a6:53:2c:a7:a5:93:59:9b:e2:85:0a:33: 4a:c5:bc:3e:a8:6e:ba:f2:3b:37:15:cd:6e:97:5f:37:87:95: 8d:33:82:94:e5:e2:b9:45:d1:28:8e:82:93:44:0b:c7:1f:c2: 15:30:96:ce:8b:d8:fb:b1:6e:76:af:19:4e:90:7f:83:c9:5e: bc:24:21:11:d9:a0:a5:a2:68:86:36:6c:af:07:7d:55:a3:d4: 67:b9:59:c6:80:6d:75:d8:3f:78:ad:a3:82:8f:5b:76:27:bf: dd:4a:28:fb:13:7d:96:f0:62:c7:b7:f6:25:c3:26:f8:74:7a: c2:ca:43:1f:a5:33:dc:32:f1:3f:16:d9:e8:d1:bc:c5:60:23: a2:87:52:7c:aa:04:13:d3:68:ec:49:73:a3:8e:0d:61:4f:e1: e3:41:7f:25 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYPMKbf/Oowz5VuHDXmnPyInkZfMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMDAxMFoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNANjdmNDQ4MjFjMzg1ZDQ4ZmQwMDA0 MGY3MmUwZDY2YTYyMThjYjNlNDM4NmJmYTA1YWM3MDNlNzA3MDg3NjVhOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcyMv3Euod5kuKXecud78bU95CAu g1NKnTTjZeFeNRExLmi35ppEB8x6i7nvyJfjd1tU1bC04/4dcu65XT9hZy45hK5+ Ti5+FISfa5Pz+bqH3w5M5HQ7ZNwawTVW+fYiIq2fFhBRcw1Y1uinFmOnN0/Hbmh8 vgry5QuyC1jPivMUWsI/RkDYWd9rZtc0vCy8iHI9+tY1bGx9lv06tnaGOf4yruEi q2jeJwWd7lEyQ6Ocw0ztrL7tj8BVY9MMWYt2PENuIbg2FjFpJQhGEUgzTQ0J8zy1 ivkfzkPaNwYgK+ofSY4vt+B7Poc5O9NPBnOD5V3uJoMXgCREpLya/TWDwQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFbJceRb4L3KzMMkcxgR23Id9Q9lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUxOWYwZTg4LWZhOTAtNGI2MS05NTdkLTU3ZmUxY2MyZjZjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoOAwDQYJKoZIhvcNAQELBQADggEBACaDbjgTQ70WjLoRGIM+ 5iGa1QG0B53BkTWBhy99MtmFR7qGlCw2K0JYuwt7K7/5igGmsCc9PzmTK+G+xAPE FCRo0ieJ3BUs5WTEU7QCCT6zKuhkOPZUZsHHIrE5YMIK5KZTLKelk1mb4oUKM0rF vD6obrryOzcVzW6XXzeHlY0zgpTl4rlF0SiOgpNEC8cfwhUwls6L2PuxbnavGU6Q f4PJXrwkIRHZoKWiaIY2bK8HfVWj1Ge5WcaAbXXYP3ito4KPW3Ynv91KKPsTfZbw Yse39iXDJvh0esLKQx+lM9wy8T8W2ejRvMVgI6KHUnyqBBPTaOxJc6OODWFP4eNB fyU= -----END CERTIFICATE-----Generated at Sun Oct 19 05:21:00 2025 by rpki-client