$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: wcYYwgkTAd9Q2xT1BuIAMuJob/FJA9RrYdGr+wpFwVw= Subject key identifier: 10:99:C8:7F:87:27:5E:9C:DB:C0:B6:42:26:21:E4:22:28:71:93:7B Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 628CFFD23BF89D7F8B66BDABD9209B37E8123B14 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Fri 24 Oct 2025 00:00:01 +0000 ROA not before: Fri 24 Oct 2025 00:00:01 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 00:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:8c:ff:d2:3b:f8:9d:7f:8b:66:bd:ab:d9:20:9b:37:e8:12:3b:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Oct 24 00:00:01 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=fd47324db15017f2dd6dc3472bc48d379f7e21c9a033ec6aa7661e1cb273e177, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e3:6d:23:ae:89:ff:c6:47:aa:20:5d:26:00: a8:79:09:e7:b7:5d:e6:3a:80:30:c3:e4:e0:57:4d: e2:9b:66:09:e8:c7:90:f5:23:0d:75:b2:42:a3:09: 61:b6:e6:e2:ec:25:bb:e9:39:27:b3:96:91:f0:61: f4:b6:5e:73:21:a3:81:d2:82:6c:6d:92:f5:50:24: d0:e2:c3:f8:0d:ee:6c:e2:74:43:bb:ad:51:7b:c8: bb:30:ff:0f:a1:1c:e5:b4:42:de:57:68:44:c2:1e: 3f:0b:b3:fc:4b:f7:00:69:70:7f:b7:76:54:50:0f: d9:aa:84:01:c3:a3:8d:a1:40:c0:fc:96:d0:22:76: ef:fb:d7:bd:5f:74:35:a8:67:9f:50:cc:25:94:0e: a8:be:ce:9f:f2:05:50:43:dd:99:ad:27:dc:dc:be: 13:60:05:85:73:6a:10:b9:b5:59:d1:2b:34:10:4f: cd:c9:18:20:8b:6c:6e:e9:c3:b1:7e:e2:22:89:de: 0c:f6:a0:7b:05:a8:40:6e:33:4b:db:db:4c:2f:35: b6:b1:1d:96:36:94:2c:a8:84:54:d9:a6:42:2d:37: 85:3c:84:d4:e2:14:f3:a1:c6:b9:35:74:e8:cc:cd: 5b:5f:ef:d7:51:8f:73:13:e6:69:17:52:da:ac:ac: 7a:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:99:C8:7F:87:27:5E:9C:DB:C0:B6:42:26:21:E4:22:28:71:93:7B X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 5c:08:73:89:94:2f:44:01:66:36:9d:06:a7:5e:cf:be:38:01: b4:6d:e2:46:fd:d9:89:8d:00:47:ec:3e:f6:08:2e:c3:a8:f9: ab:d2:8d:d4:61:23:48:1e:f3:b0:3d:36:28:98:b1:7e:91:e3: d4:a7:7e:b1:b2:34:31:c4:28:08:79:b1:99:f7:ab:34:a5:38: c6:c7:7a:b9:20:0e:db:21:a4:22:5d:9d:9c:70:2f:fa:33:b6: 5f:de:ba:49:85:65:ec:d0:4d:19:18:e6:b5:8d:f2:dd:1e:41: 9b:6e:f5:dd:8b:78:9c:fa:2f:d8:5f:6d:d6:27:1a:33:1a:4b: af:36:9e:b1:40:37:06:17:95:f1:53:e7:8b:42:c6:45:dc:4d: 26:07:cb:32:63:39:b1:4f:7c:03:17:3c:69:4e:21:13:09:9d: d8:c3:3e:15:31:27:dd:44:df:cb:31:36:39:5d:ae:13:53:80: 99:7e:11:20:dc:4c:62:23:9d:6a:db:9a:06:c5:67:9a:47:83: b3:df:92:60:bc:a7:a9:bb:b7:51:fa:0f:e5:1a:62:ca:25:d9: 80:a7:d7:3e:7e:b8:0e:94:39:8a:c8:99:98:8d:b6:73:1f:48: 7a:9b:fa:fb:11:78:33:98:ff:46:08:16:a5:8c:76:6b:56:e3: 7a:2e:4a:8e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYoz/0jv4nX+LZr2r2SCbN+gSOxQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTAyNDAwMDAwMVoX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNAZmQ0NzMyNGRiMTUwMTdmMmRkNmRj MzQ3MmJjNDhkMzc5ZjdlMjFjOWEwMzNlYzZhYTc2NjFlMWNiMjczZTE3NzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+NtI66J/8ZHqiBdJgCoeQnnt13m OoAww+TgV03im2YJ6MeQ9SMNdbJCowlhtubi7CW76Tkns5aR8GH0tl5zIaOB0oJs bZL1UCTQ4sP4De5s4nRDu61Re8i7MP8PoRzltELeV2hEwh4/C7P8S/cAaXB/t3ZU UA/ZqoQBw6ONoUDA/JbQInbv+9e9X3Q1qGefUMwllA6ovs6f8gVQQ92ZrSfc3L4T YAWFc2oQubVZ0Ss0EE/NyRggi2xu6cOxfuIiid4M9qB7BahAbjNL29tMLzW2sR2W NpQsqIRU2aZCLTeFPITU4hTzoca5NXTozM1bX+/XUY9zE+ZpF1LarKx6EQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBCZyH+HJ16c28C2QiYh5CIocZN7MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQBcCHOJlC9EAWY2nQan Xs++OAG0beJG/dmJjQBH7D72CC7DqPmr0o3UYSNIHvOwPTYomLF+kePUp36xsjQx xCgIebGZ96s0pTjGx3q5IA7bIaQiXZ2ccC/6M7Zf3rpJhWXs0E0ZGOa1jfLdHkGb bvXdi3ic+i/YX23WJxozGkuvNp6xQDcGF5XxU+eLQsZF3E0mB8syYzmxT3wDFzxp TiETCZ3Ywz4VMSfdRN/LMTY5Xa4TU4CZfhEg3ExiI51q25oGxWeaR4Oz35JgvKep u7dR+g/lGmLKJdmAp9c+frgOlDmKyJmYjbZzH0h6m/r7EXgzmP9GCBaljHZrVuN6 LkqO -----END CERTIFICATE-----Generated at Mon Oct 27 14:02:38 2025 by rpki-client