$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa File: feddcef0-1c49-4db6-b667-d3a813db2a74.roa (raw, json) Hash identifier: uy9QP9I/x+IrAb+SP35SPJRrMnwljp3WPophauEmS1E= Subject key identifier: 9E:1E:62:80:D8:0B:09:73:8C:17:F6:B6:5D:CB:C0:3B:15:86:53:91 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5CA7CF939F9D3F1724E24B2265DE9086166853B3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa Signing time: Sun 09 Nov 2025 00:40:53 +0000 ROA not before: Sun 09 Nov 2025 00:40:53 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Nov 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:a7:cf:93:9f:9d:3f:17:24:e2:4b:22:65:de:90:86:16:68:53:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:40:53 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=be8f180399bf01bc1bfacb280574956aa89f510c94a3ac26e517e1964bb6787f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:23:d1:0f:07:e7:65:e5:56:4b:d5:c8:a7:3f: 19:ab:c4:b4:2e:cf:a4:44:1f:a4:36:18:2a:16:ec: 54:aa:e1:0e:ea:55:72:cd:a6:f2:63:f9:e3:bc:d0: 84:a2:bc:e8:8d:53:d2:cf:13:6e:2a:1e:ec:3d:8b: dc:cc:8a:0b:33:6d:e7:49:6d:50:12:d6:89:8f:5e: 7b:9a:67:35:d8:45:cb:10:5a:a8:42:91:fe:cc:f8: c5:95:2c:b1:d3:86:fc:c3:c3:36:bb:80:f3:84:fd: fe:1d:00:b9:7e:3c:fd:58:c7:ec:3c:9e:fa:e0:59: c4:5f:2d:74:22:43:04:0f:48:90:a4:90:2b:2b:1b: a0:b6:39:39:6c:6f:c3:9a:41:95:e6:23:ce:1f:e4: d4:c9:63:f1:f2:fc:46:68:98:60:27:6a:97:74:a3: 86:66:67:4b:a6:5d:df:8d:59:85:4c:cc:df:c3:53: 73:5b:f8:ea:4a:17:d1:fa:db:23:e9:cc:9e:2b:f6: e0:a9:88:29:6e:c7:cf:26:3b:07:f0:d5:78:a6:be: 78:97:9b:e4:6b:ab:ff:18:35:de:90:ad:24:e9:f0: 0d:b1:b9:3f:ab:d5:9e:d2:3f:08:09:c0:90:ff:77: c0:6d:3d:7c:9b:a2:9a:8b:7a:de:aa:4f:02:fe:7c: 59:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:1E:62:80:D8:0B:09:73:8C:17:F6:B6:5D:CB:C0:3B:15:86:53:91 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:1000::/40 Signature Algorithm: sha256WithRSAEncryption 4b:70:68:1a:1e:86:f5:e5:8e:f9:f9:4b:16:ac:50:a8:0d:09: eb:77:29:50:46:aa:2d:56:38:cb:4c:10:ef:46:91:99:c9:91: 8a:7b:18:27:e7:fd:ef:33:47:47:b7:ff:fd:3d:df:f4:2a:f9: cd:77:3e:ad:07:45:13:ff:58:a7:90:85:36:f3:f5:3a:9c:cc: 3a:b5:5a:ea:cc:82:5a:7d:95:c9:f5:f8:e5:c7:d3:ab:e2:d7: b7:65:f8:26:1e:af:a2:46:9a:be:8e:81:e7:0e:0e:14:8a:be: 08:63:e0:38:81:14:5b:f6:5f:3c:bc:f5:b7:57:d5:32:02:45: 41:64:59:33:67:a4:5c:2d:bb:9c:8f:3d:40:ba:a4:7b:cb:2a: 57:f9:c9:fb:da:52:d5:d2:ca:52:db:ac:4a:27:33:3b:58:d4: 0c:1f:6c:e2:63:d8:ba:de:09:fa:bd:3c:b0:1f:a4:ab:37:54: 17:cf:c4:e2:3f:57:fe:a4:01:4e:1e:e8:65:9a:2c:05:a4:5f: 66:67:49:2f:4d:71:da:68:b1:d4:db:b1:26:79:90:28:96:9e: ef:03:3b:97:d8:3b:d8:70:5a:74:0f:c9:01:3a:dd:c5:45:6d: f6:4b:e0:e9:ae:41:f7:70:85:47:73:9c:34:d6:8d:39:f0:24: e5:2e:0a:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXKfPk5+dPxck4ksiZd6QhhZoU7MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNDA1M1oX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYmU4ZjE4MDM5OWJmMDFiYzFiZmFj YjI4MDU3NDk1NmFhODlmNTEwYzk0YTNhYzI2ZTUxN2UxOTY0YmI2Nzg3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSPRDwfnZeVWS9XIpz8Zq8S0Ls+k RB+kNhgqFuxUquEO6lVyzabyY/njvNCEorzojVPSzxNuKh7sPYvczIoLM23nSW1Q EtaJj157mmc12EXLEFqoQpH+zPjFlSyx04b8w8M2u4DzhP3+HQC5fjz9WMfsPJ76 4FnEXy10IkMED0iQpJArKxugtjk5bG/DmkGV5iPOH+TUyWPx8vxGaJhgJ2qXdKOG ZmdLpl3fjVmFTMzfw1NzW/jqShfR+tsj6cyeK/bgqYgpbsfPJjsH8NV4pr54l5vk a6v/GDXekK0k6fANsbk/q9We0j8ICcCQ/3fAbT18m6Kai3reqk8C/nxZ4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ4eYoDYCwlzjBf2tl3LwDsVhlORMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlZGRjZWYwLTFjNDktNGRiNi1iNjY3LWQzYTgxM2RiMmE3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaBAwDQYJKoZIhvcNAQELBQADggEBAEtwaBoehvXljvn5Sxas UKgNCet3KVBGqi1WOMtMEO9GkZnJkYp7GCfn/e8zR0e3//093/Qq+c13Pq0HRRP/ WKeQhTbz9TqczDq1WurMglp9lcn1+OXH06vi17dl+CYer6JGmr6OgecODhSKvghj 4DiBFFv2Xzy89bdX1TICRUFkWTNnpFwtu5yPPUC6pHvLKlf5yfvaUtXSylLbrEon MztY1AwfbOJj2LreCfq9PLAfpKs3VBfPxOI/V/6kAU4e6GWaLAWkX2ZnSS9Ncdpo sdTbsSZ5kCiWnu8DO5fYO9hwWnQPyQE63cVFbfZL4OmuQfdwhUdznDTWjTnwJOUu CsI= -----END CERTIFICATE-----Generated at Sat Nov 15 20:21:53 2025 by rpki-client