$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa File: 840736df-cd98-4b5b-a4f2-5615993fc74d.roa (raw, json) Hash identifier: 75kKL/m4BuM1QQoQFl4qCsfC7J3SQk2Hr+xN2+D37Rw= Subject key identifier: D9:EF:72:4F:40:D8:32:C3:72:9E:5C:58:F3:13:29:9B:57:35:FE:1B Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 53108B526A763F4E515243035BE2438BDD52A274 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa Signing time: Fri 07 Nov 2025 00:01:06 +0000 ROA not before: Fri 07 Nov 2025 00:01:06 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:10:8b:52:6a:76:3f:4e:51:52:43:03:5b:e2:43:8b:dd:52:a2:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Nov 7 00:01:06 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=87b32f25f5df4d291486a2973b3bb59d46d9d047c5dd7223935adc240ae4090e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:69:8d:5c:cd:ab:c3:64:ca:53:ec:f8:d7:28: a2:8d:16:54:06:68:30:d6:fc:ff:71:9a:b0:97:be: 62:d6:4c:90:17:13:50:65:a0:7b:0c:38:01:87:73: b4:cd:01:e7:67:07:80:0c:2a:fa:e2:0b:95:e3:9d: 02:a5:1d:7c:f9:10:a4:15:ec:46:ed:b2:ad:ea:1e: 1c:ca:aa:26:d8:fb:e1:13:bf:dc:67:8f:b9:80:bb: b7:de:35:d4:c2:01:dc:ac:59:ba:a3:5c:5f:26:ce: f6:be:03:d9:d8:d3:1e:80:7a:07:e7:5a:08:f6:8a: 03:d2:56:a2:b6:21:a2:09:79:6b:cb:0f:9a:39:79: 32:0d:30:b9:90:b8:ac:48:ce:a0:a5:1b:64:22:f1: 2c:a7:bd:34:18:11:94:1f:4c:e9:cf:87:d2:00:bd: 0c:02:c4:c3:02:21:df:2c:32:17:9a:d2:26:75:cd: 82:67:40:47:e5:f0:62:a9:10:c5:a9:c3:2d:48:1f: 10:54:66:67:5d:78:ef:57:b0:f6:e6:0f:1d:38:ad: c9:c9:9f:cc:54:0a:7a:e6:3d:55:cf:1e:58:90:95: b9:85:6b:b7:d5:a6:c5:9d:6f:bc:4b:67:fd:3a:78: 15:8c:13:2d:6f:16:68:50:2e:c3:d7:28:1d:9d:5c: 2a:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:EF:72:4F:40:D8:32:C3:72:9E:5C:58:F3:13:29:9B:57:35:FE:1B X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/840736df-cd98-4b5b-a4f2-5615993fc74d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.0.0/24 Signature Algorithm: sha256WithRSAEncryption 45:23:32:21:45:90:59:cf:09:47:09:71:30:70:c0:96:3c:6b: de:29:0d:18:7e:f2:93:6b:79:fe:80:40:69:fb:cb:64:b4:94: dd:f3:6d:2d:5b:d0:15:fa:e0:3a:fd:97:67:60:77:3b:63:27: 45:68:ea:a4:2a:c0:46:cc:e9:da:c9:d9:34:22:5a:64:a2:be: 15:88:68:49:77:97:71:1e:fe:06:3a:cd:4f:c8:d5:29:b5:33: 51:25:25:61:c8:ec:5f:4c:e9:1c:75:5e:60:5b:68:bf:3a:ec: 21:d5:5f:f0:f4:7b:e6:f9:83:0d:ec:21:6a:48:3b:bf:91:e8: d8:4c:08:d2:1f:d5:e1:e2:7f:b2:c8:c9:01:2c:02:a6:41:05: 95:3a:e9:d9:e6:e0:17:82:df:8a:05:23:25:65:b4:07:e1:e2: a5:c2:d8:e0:d6:50:c6:e0:41:d0:f9:42:6f:54:44:36:8a:fb: d6:e3:88:cc:ec:a0:a3:1b:fb:51:0b:cd:55:94:b9:da:fa:88: 2c:85:07:b9:86:82:8b:23:6a:e9:c6:22:d9:e8:8a:dc:e1:55: 5f:56:31:2c:5a:20:7e:5f:bc:cd:40:c4:ec:9d:3b:25:b4:a1: 50:4d:7a:11:f1:0d:0e:a4:92:97:c1:b4:34:e0:e7:26:d6:dd: 3e:43:bb:c3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUxCLUmp2P05RUkMDW+JDi91SonQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTEwNzAwMDEwNloX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAODdiMzJmMjVmNWRmNGQyOTE0ODZh Mjk3M2IzYmI1OWQ0NmQ5ZDA0N2M1ZGQ3MjIzOTM1YWRjMjQwYWU0MDkwZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02mNXM2rw2TKU+z41yiijRZUBmgw 1vz/cZqwl75i1kyQFxNQZaB7DDgBh3O0zQHnZweADCr64guV450CpR18+RCkFexG 7bKt6h4cyqom2PvhE7/cZ4+5gLu33jXUwgHcrFm6o1xfJs72vgPZ2NMegHoH51oI 9ooD0laitiGiCXlryw+aOXkyDTC5kLisSM6gpRtkIvEsp700GBGUH0zpz4fSAL0M AsTDAiHfLDIXmtImdc2CZ0BH5fBiqRDFqcMtSB8QVGZnXXjvV7D25g8dOK3JyZ/M VAp65j1Vzx5YkJW5hWu31abFnW+8S2f9OngVjBMtbxZoUC7D1ygdnVwqdwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNnvck9A2DLDcp5cWPMTKZtXNf4bMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0MDczNmRmLWNkOTgtNGI1Yi1hNGYyLTU2MTU5OTNmYzc0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/gAMA0GCSqGSIb3DQEBCwUAA4IBAQBFIzIhRZBZzwlHCXEwcMCW PGveKQ0YfvKTa3n+gEBp+8tktJTd820tW9AV+uA6/ZdnYHc7YydFaOqkKsBGzOna ydk0Ilpkor4ViGhJd5dxHv4GOs1PyNUptTNRJSVhyOxfTOkcdV5gW2i/Ouwh1V/w 9Hvm+YMN7CFqSDu/kejYTAjSH9Xh4n+yyMkBLAKmQQWVOunZ5uAXgt+KBSMlZbQH 4eKlwtjg1lDG4EHQ+UJvVEQ2ivvW44jM7KCjG/tRC81VlLna+ogshQe5hoKLI2rp xiLZ6Irc4VVfVjEsWiB+X7zNQMTsnTsltKFQTXoR8Q0OpJKXwbQ04Ocm1t0+Q7vD -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:44 2025 by rpki-client