$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa File: dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa (raw, json) Hash identifier: Z7+c6Js+P6qcb/unEymS1nTAoRUO2VTeowUwkg+c+ho= Subject key identifier: 93:B7:0A:4D:21:F5:AB:9F:D8:EA:D3:F0:68:C3:1D:8A:7B:24:D5:FC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B9DB5C696112D59F2D47173D19DCD7301155A60 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa Signing time: Tue 09 Sep 2025 00:20:05 +0000 ROA not before: Tue 09 Sep 2025 00:20:05 +0000 ROA not after: Tue 14 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Sep 2025 00:20:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:9d:b5:c6:96:11:2d:59:f2:d4:71:73:d1:9d:cd:73:01:15:5a:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 9 00:20:05 2025 GMT Not After : Oct 14 23:59:59 2025 GMT Subject: serialNumber=7140bbb682d6aeefda9bfe953cb5ed6092bfde7f7778d6b4f734e33ddab1a5c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:de:ae:2e:6d:4b:0f:34:17:1b:1a:6c:83:53: 66:2d:be:7c:b8:3a:dd:e8:ee:7d:bd:77:3d:a0:22: a6:11:27:05:8f:b2:14:af:87:34:6c:68:e2:01:12: bd:04:9e:08:53:12:b5:24:40:a0:ff:d6:21:0c:21: 05:33:f4:d4:94:8c:98:08:b7:48:f3:ca:c3:ee:01: ec:b2:b2:a2:2d:68:d6:b8:65:34:cd:13:2b:d4:fd: 6d:c5:e5:15:e8:7e:20:b9:a4:59:06:53:9f:86:9d: dd:36:7f:02:75:38:a0:c9:ed:4b:9f:26:63:9e:04: c0:c8:b8:0e:49:c1:21:41:ac:ef:69:ff:1a:7c:bf: 7f:98:b2:dc:db:99:a3:56:7c:8c:1a:c2:52:cf:b3: 04:4f:be:d1:b8:0e:ef:7a:5e:cf:5a:b2:26:02:79: d0:d3:22:95:2f:7d:10:56:8d:b2:2d:30:01:e7:4c: 8b:38:52:29:e3:fd:bb:15:f4:e4:3c:fb:ef:9b:93: f1:b1:a0:91:40:18:75:29:5e:6f:2b:c2:76:7c:ac: cb:09:f2:c2:bc:9c:33:f3:b9:23:d2:ad:55:11:9c: ac:34:89:84:c6:67:75:ae:de:fc:04:a1:86:9f:17: 71:23:f0:c1:40:9b:0e:31:cb:ec:28:75:cf:c0:49: ea:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:B7:0A:4D:21:F5:AB:9F:D8:EA:D3:F0:68:C3:1D:8A:7B:24:D5:FC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:2000::/40 Signature Algorithm: sha256WithRSAEncryption 70:54:e1:24:b9:53:f6:23:3f:79:5b:f9:14:e5:5a:c7:27:9d: cc:70:2c:0d:41:76:c2:59:1e:16:ad:a8:de:bb:ac:70:51:ed: 39:7a:cd:8f:cd:3c:6b:46:bc:fc:8e:07:81:1a:53:51:12:3e: d1:55:ba:c5:68:60:5f:ea:d0:b9:35:37:e7:a1:b9:fc:8c:fc: bf:4c:ff:1e:e7:ef:7a:40:56:b6:e2:db:be:c9:24:a7:48:2b: ec:f1:72:11:34:14:1a:14:c0:0f:b3:fb:55:78:39:94:11:77: 7c:db:ef:27:20:76:8a:08:a0:25:95:78:41:71:3b:fd:ec:0d: 3c:0e:12:83:7c:89:8d:76:2b:69:34:57:7b:2f:fb:c3:25:7b: bd:96:e2:ff:53:27:49:ed:6f:a4:02:c3:ff:8c:8e:55:8f:88: 1b:e6:3e:cf:68:b3:57:e3:15:d7:5c:c0:05:2a:c3:38:1d:52: 9f:5f:5b:ab:81:38:f5:49:2a:24:cc:78:5d:5a:82:b6:df:2b: 4d:c5:1a:99:da:6b:42:e8:8b:9e:b7:c6:5d:60:c9:91:11:3f: fd:40:1e:43:9c:fa:b9:f9:8d:26:b4:01:85:db:36:3e:a1:98: 51:0b:ce:f6:0b:93:9d:7a:62:42:9d:4b:03:88:dd:30:fa:dc: a6:fd:42:e7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUO521xpYRLVny1HFz0Z3NcwEVWmAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkwOTAwMjAwNVoX DTI1MTAxNDIzNTk1OVowejFJMEcGA1UEBRNANzE0MGJiYjY4MmQ2YWVlZmRhOWJm ZTk1M2NiNWVkNjA5MmJmZGU3Zjc3NzhkNmI0ZjczNGUzM2RkYWIxYTVjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN6uLm1LDzQXGxpsg1NmLb58uDrd 6O59vXc9oCKmEScFj7IUr4c0bGjiARK9BJ4IUxK1JECg/9YhDCEFM/TUlIyYCLdI 88rD7gHssrKiLWjWuGU0zRMr1P1txeUV6H4guaRZBlOfhp3dNn8CdTigye1LnyZj ngTAyLgOScEhQazvaf8afL9/mLLc25mjVnyMGsJSz7MET77RuA7vel7PWrImAnnQ 0yKVL30QVo2yLTAB50yLOFIp4/27FfTkPPvvm5PxsaCRQBh1KV5vK8J2fKzLCfLC vJwz87kj0q1VEZysNImExmd1rt78BKGGnxdxI/DBQJsOMcvsKHXPwEnqNQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJO3Ck0h9auf2OrT8GjDHYp7JNX8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkM2Q2MDIwLWJlNzgtNDZjYS05YjhhLTYzZmRiZmM5ZGE5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9SAwDQYJKoZIhvcNAQELBQADggEBAHBU4SS5U/YjP3lb+RTl WscnncxwLA1BdsJZHhatqN67rHBR7Tl6zY/NPGtGvPyOB4EaU1ESPtFVusVoYF/q 0Lk1N+ehufyM/L9M/x7n73pAVrbi277JJKdIK+zxchE0FBoUwA+z+1V4OZQRd3zb 7ycgdooIoCWVeEFxO/3sDTwOEoN8iY12K2k0V3sv+8Mle72W4v9TJ0ntb6QCw/+M jlWPiBvmPs9os1fjFddcwAUqwzgdUp9fW6uBOPVJKiTMeF1agrbfK03FGpnaa0Lo i563xl1gyZERP/1AHkOc+rn5jSa0AYXbNj6hmFELzvYLk516YkKdSwOI3TD63Kb9 Quc= -----END CERTIFICATE-----Generated at Tue Sep 16 14:50:31 2025 by rpki-client