$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json) Hash identifier: ibaZp+YjGH5VnNJafebxZIUG/khLXe5POMeNsISNYTE= Subject key identifier: B8:AD:82:26:E6:C5:B7:7F:99:3D:66:07:FF:25:27:9D:2A:EE:8C:5E Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 7C9FEA2B6E24955511BCEFAD84CEA8E2FF397BE3 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa Signing time: Sat 18 Oct 2025 00:00:05 +0000 ROA not before: Sat 18 Oct 2025 00:00:05 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:9f:ea:2b:6e:24:95:55:11:bc:ef:ad:84:ce:a8:e2:ff:39:7b:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 18 00:00:05 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=bde3d822e78e6767b41809b35202a6423a7899c6c03022377c9a029c7e57d71d, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:05:23:49:81:80:08:bc:ba:e4:33:b8:7c:dd: 95:d6:9c:64:23:a8:b6:e4:91:95:dd:11:57:c3:a1: 04:b2:2e:f9:39:8a:f7:29:d7:c5:b0:5a:be:cb:44: 74:2b:eb:b0:22:8c:99:bf:c8:10:91:05:84:10:4c: 3e:fa:a8:9c:96:7c:45:fd:9b:9e:63:06:c0:d6:8c: f8:9c:d9:42:b0:86:94:d6:cf:c7:66:9c:bf:81:7e: 85:30:80:62:95:ef:db:33:70:b3:eb:a9:f7:e2:6b: d0:1a:7c:91:af:30:ee:3c:6b:a6:61:e9:fc:05:53: ca:33:22:e7:df:8b:51:2c:82:6a:54:2b:b2:8e:89: fe:fc:c8:6a:52:ee:41:92:27:e1:a2:94:9d:38:1d: ba:02:e8:c4:81:d5:dc:cd:9e:7e:ca:26:8e:89:85: 6f:51:d8:b3:e0:1f:2c:7d:67:9a:ae:77:c4:c2:c5: fa:a3:63:68:98:7b:61:4f:31:ff:47:94:00:24:42: 51:d5:c2:2f:eb:0d:cf:da:34:71:04:d5:c7:50:a9: 34:93:fe:de:b9:f0:b4:08:ab:07:1c:0e:96:ae:30: ea:c9:ce:fa:f0:3b:5c:db:c0:b4:2a:15:fb:fe:9f: a8:1d:fe:56:08:bd:cd:71:73:d6:e6:88:66:7e:4a: 62:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:AD:82:26:E6:C5:B7:7F:99:3D:66:07:FF:25:27:9D:2A:EE:8C:5E X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:2000::/36 Signature Algorithm: sha256WithRSAEncryption c6:9f:33:59:88:d9:d3:cf:92:54:a1:ae:8d:f0:9b:cb:36:b9: d1:e3:0f:05:8d:87:66:1a:2c:12:d9:1a:fd:63:c9:08:21:1c: 61:43:f1:34:ee:f5:ea:66:5d:af:26:74:ed:68:d3:9f:52:69: 47:1e:75:ad:ee:1a:17:8b:5e:4b:c2:c6:e4:7e:9a:03:32:2b: 8c:f2:13:ab:f9:93:25:44:57:23:e0:9c:67:6e:52:36:76:59: 4c:09:47:44:a9:12:bd:2f:a3:78:1d:e8:27:b7:70:e5:57:67: 14:cc:3f:3c:2d:49:ca:07:cf:da:d3:d7:cb:44:a2:79:31:2c: 46:3d:55:d1:71:b2:34:3e:39:e8:99:b3:eb:85:ac:66:1d:f9: c5:fd:bc:44:a0:44:de:96:22:23:52:47:85:bf:a5:8b:4c:4e: e0:e2:b5:24:ab:60:ec:bd:9e:d4:3a:0a:8a:d7:e0:f5:95:eb: ef:7e:15:0c:88:65:22:2a:2b:76:25:50:61:c2:42:54:49:94: 36:0c:fc:46:d0:6c:06:dc:51:6f:bf:f8:6b:03:9b:92:86:67: ac:dc:0e:38:e3:9e:aa:f9:b1:67:2d:14:14:3e:00:6d:25:2f: 3d:7d:f4:1b:60:ca:56:98:af:5a:9f:e0:f5:c3:e5:f1:41:f2: 59:0f:b2:95 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfJ/qK24klVURvO+thM6o4v85e+MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxODAwMDAwNVoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAYmRlM2Q4MjJlNzhlNjc2N2I0MTgw OWIzNTIwMmE2NDIzYTc4OTljNmMwMzAyMjM3N2M5YTAyOWM3ZTU3ZDcxZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAUjSYGACLy65DO4fN2V1pxkI6i2 5JGV3RFXw6EEsi75OYr3KdfFsFq+y0R0K+uwIoyZv8gQkQWEEEw++qiclnxF/Zue YwbA1oz4nNlCsIaU1s/HZpy/gX6FMIBile/bM3Cz66n34mvQGnyRrzDuPGumYen8 BVPKMyLn34tRLIJqVCuyjon+/MhqUu5BkifhopSdOB26AujEgdXczZ5+yiaOiYVv Udiz4B8sfWearnfEwsX6o2NomHthTzH/R5QAJEJR1cIv6w3P2jRxBNXHUKk0k/7e ufC0CKsHHA6WrjDqyc768Dtc28C0KhX7/p+oHf5WCL3NcXPW5ohmfkpimwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLitgibmxbd/mT1mB/8lJ50q7oxeMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBAMafM1mI2dPPklShro3w m8s2udHjDwWNh2YaLBLZGv1jyQghHGFD8TTu9epmXa8mdO1o059SaUceda3uGheL XkvCxuR+mgMyK4zyE6v5kyVEVyPgnGduUjZ2WUwJR0SpEr0vo3gd6Ce3cOVXZxTM PzwtScoHz9rT18tEonkxLEY9VdFxsjQ+OeiZs+uFrGYd+cX9vESgRN6WIiNSR4W/ pYtMTuDitSSrYOy9ntQ6CorX4PWV6+9+FQyIZSIqK3YlUGHCQlRJlDYM/EbQbAbc UW+/+GsDm5KGZ6zcDjjjnqr5sWctFBQ+AG0lLz199BtgylaYr1qf4PXD5fFB8lkP spU= -----END CERTIFICATE-----Generated at Sat Oct 18 13:43:11 2025 by rpki-client