$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: JHY7FdKY5RbGnBDWOBqSUMkdOz7Q611ihvsN6YA7f5U= Subject key identifier: 0A:6C:47:17:18:D2:F1:50:A0:8C:D3:04:84:65:46:D9:84:B1:D7:0C Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2B777C7A69975BD8667EEC83A5C0716283D0B5CB Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Fri 24 Oct 2025 00:00:01 +0000 ROA not before: Fri 24 Oct 2025 00:00:01 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:77:7c:7a:69:97:5b:d8:66:7e:ec:83:a5:c0:71:62:83:d0:b5:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Oct 24 00:00:01 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=9d0119325351277c6c10ebbf0d2ab5c15beb38fd2defbd4446feba90459ce451, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e8:28:a6:55:e7:cd:09:49:77:a9:87:4a:4e: e9:5c:11:78:63:e1:ba:95:e1:4f:b5:12:58:d7:50: 84:99:5f:49:24:14:ab:a6:1f:91:38:c0:54:ce:f6: f9:b9:d7:7b:53:1b:24:a1:e8:83:6e:f6:ef:bb:78: e6:af:7d:0a:b7:07:48:6f:57:31:ce:60:fd:c6:ba: 7a:0c:8d:d4:00:1a:40:1e:48:da:f1:df:5a:a1:c5: c0:52:28:42:28:4b:71:53:b7:3e:db:67:32:68:77: e2:9b:c3:02:44:93:e2:69:b9:7d:eb:43:b7:87:2f: 44:3c:d7:6b:6b:36:0c:40:28:a2:24:14:f6:79:81: e8:0c:14:1c:a1:9b:bb:0b:b2:d2:c2:7b:f9:09:e1: bc:9e:15:0c:98:88:b6:72:85:60:74:1a:8c:39:d9: 04:b8:51:4f:d1:df:49:92:36:ee:e0:fc:8c:8b:15: be:d0:dd:2d:7d:00:ab:77:3d:9a:41:56:f8:f4:a5: 0a:30:13:e3:84:e8:81:e8:c0:02:aa:47:d4:99:aa: d7:38:ef:0c:e4:b3:33:00:d8:bb:f9:16:44:72:31: 35:de:0b:19:cd:18:e8:07:89:af:65:ab:36:98:3a: b6:fc:ad:b0:e6:ca:7b:52:5f:36:83:4d:93:19:44: 3f:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:6C:47:17:18:D2:F1:50:A0:8C:D3:04:84:65:46:D9:84:B1:D7:0C X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 24:01:3a:cb:04:b2:32:4f:0c:d4:ae:cc:08:dd:30:e7:48:52: 0a:cf:4f:32:11:5f:f2:61:8e:31:06:c2:5b:82:6e:f5:14:a8: 81:3e:e9:08:9d:14:f5:8f:61:ec:d7:fc:f0:2d:95:22:f2:73: 29:78:e5:94:d1:fa:f1:19:f1:5f:75:75:33:0b:aa:6b:84:76: 2b:dd:c0:2c:9b:07:22:cc:54:ed:1f:7f:89:63:df:55:a7:f4: bd:97:7d:69:84:e2:b8:b3:3d:27:d1:23:5d:2a:0d:e8:4b:e7: b5:87:1b:b0:29:87:d5:bd:16:33:3d:7b:a2:32:d9:c1:83:8b: 60:01:9b:8a:fc:51:1b:79:b4:c7:f5:5b:81:4d:c7:0f:2b:93: 3b:2a:39:1d:78:88:cd:08:4a:ab:c6:24:24:21:30:3c:6c:43: 88:fb:21:ce:55:ce:29:c0:43:8b:de:61:a4:e4:7b:b2:01:b1: 48:12:55:f3:af:04:7a:c4:6f:fa:ed:08:6f:a9:5d:04:04:72: 55:e3:01:08:e5:62:7d:a9:13:2a:8d:83:14:a4:7c:13:47:90: 03:6f:fe:a3:8f:75:53:66:ca:bd:0d:3c:52:a1:cc:5e:4a:f7: a2:fe:3d:79:77:22:91:c7:86:d2:58:4d:f6:a7:22:19:c8:7d: ca:a6:64:25 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUK3d8emmXW9hmfuyDpcBxYoPQtcswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTAyNDAwMDAwMVoX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNAOWQwMTE5MzI1MzUxMjc3YzZjMTBl YmJmMGQyYWI1YzE1YmViMzhmZDJkZWZiZDQ0NDZmZWJhOTA0NTljZTQ1MTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxegoplXnzQlJd6mHSk7pXBF4Y+G6 leFPtRJY11CEmV9JJBSrph+ROMBUzvb5udd7UxskoeiDbvbvu3jmr30KtwdIb1cx zmD9xrp6DI3UABpAHkja8d9aocXAUihCKEtxU7c+22cyaHfim8MCRJPiabl960O3 hy9EPNdrazYMQCiiJBT2eYHoDBQcoZu7C7LSwnv5CeG8nhUMmIi2coVgdBqMOdkE uFFP0d9Jkjbu4PyMixW+0N0tfQCrdz2aQVb49KUKMBPjhOiB6MACqkfUmarXOO8M 5LMzANi7+RZEcjE13gsZzRjoB4mvZas2mDq2/K2w5sp7Ul82g02TGUQ/5wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFApsRxcY0vFQoIzTBIRlRtmEsdcMMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAJAE6ywSyMk8M1K7MCN0w 50hSCs9PMhFf8mGOMQbCW4Ju9RSogT7pCJ0U9Y9h7Nf88C2VIvJzKXjllNH68Rnx X3V1Mwuqa4R2K93ALJsHIsxU7R9/iWPfVaf0vZd9aYTiuLM9J9EjXSoN6EvntYcb sCmH1b0WMz17ojLZwYOLYAGbivxRG3m0x/VbgU3HDyuTOyo5HXiIzQhKq8YkJCEw PGxDiPshzlXOKcBDi95hpOR7sgGxSBJV868EesRv+u0Ib6ldBARyVeMBCOVifakT Ko2DFKR8E0eQA2/+o491U2bKvQ08UqHMXkr3ov49eXcikceG0lhN9qciGch9yqZk JQ== -----END CERTIFICATE-----Generated at Sun Oct 26 10:41:12 2025 by rpki-client