$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa File: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (raw, json) Hash identifier: 3E0UzIBtNqbgRSeM6C1RsmZ5yhJBTi7pT11KO15DtNI= Subject key identifier: AA:CA:17:4F:E1:98:D0:84:F9:F3:94:3B:78:8C:87:97:2D:A0:D3:F6 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 362A29327F34432DB077B1882B4C9E5446EED31E Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa Signing time: Sat 18 Oct 2025 00:00:06 +0000 ROA not before: Sat 18 Oct 2025 00:00:06 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:2a:29:32:7f:34:43:2d:b0:77:b1:88:2b:4c:9e:54:46:ee:d3:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 18 00:00:06 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=ecda58eadbe2ac63fd11f4382abeee0a7ae62162907bab1e5022193a6c02e4dd, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:dd:c3:41:eb:c4:7d:ec:73:b9:4e:c5:76:52: 07:b5:52:3b:ca:f0:0a:7d:70:41:ad:81:91:38:10: 59:9e:bb:ee:64:96:cb:41:fe:c5:1f:6f:8f:e1:7c: 24:79:84:98:b5:ce:8b:e9:1a:49:c9:dc:67:28:54: 28:86:11:be:fe:b1:5a:a2:9c:f4:7c:6d:7c:34:f2: 2a:8e:a4:4a:cf:bc:08:52:90:62:be:dd:ce:2b:46: 0e:d2:8a:0d:a5:c1:60:4e:5f:84:0b:9e:0d:77:f3: cd:16:01:de:f2:ac:99:dd:6c:8f:40:03:b7:a4:f4: 8b:b3:f0:43:2b:d7:ad:96:85:1d:f5:70:78:3d:12: db:01:c0:98:d7:3a:32:df:18:ef:0c:7b:c6:4e:9f: ba:9a:bc:62:82:2a:f5:0f:3e:fb:e1:89:c6:5c:ce: ba:1b:20:9a:9c:5f:15:07:f1:e8:9d:a5:21:61:4b: 07:4a:2b:8d:53:d9:67:96:67:5b:d7:5f:97:83:19: 1b:84:4f:47:78:2d:49:c3:53:f8:e1:6f:f8:54:1f: ac:5f:d1:b4:df:98:70:ee:25:a4:b3:06:fb:5a:4d: 3b:b6:b1:f7:4d:b6:39:00:42:09:d8:41:21:b8:a3: 7f:88:b3:6a:74:b8:7b:64:35:6f:b1:52:37:8f:4e: 00:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:CA:17:4F:E1:98:D0:84:F9:F3:94:3B:78:8C:87:97:2D:A0:D3:F6 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/48 Signature Algorithm: sha256WithRSAEncryption 3b:07:6f:a1:9c:ef:50:37:0a:fd:9e:20:8d:79:c5:d5:39:e3: 59:1c:37:d7:59:09:4c:f9:a8:b6:0c:c2:98:a9:cc:f5:52:e5: 06:03:61:1e:a8:f5:47:4e:3b:ec:fc:30:85:94:bb:50:17:c7: 21:4b:e8:ae:36:19:10:cf:40:90:4e:d6:fa:0c:55:61:53:c5: fc:06:f3:5c:f5:1c:6c:fb:ca:66:ca:88:ec:b4:b2:43:8f:0d: 84:7c:56:21:80:28:d4:df:65:0b:4b:63:4f:d3:4e:7b:c4:cb: 79:79:4a:3d:fa:02:bf:2c:ab:e6:d7:01:15:5d:17:7c:d2:42: c0:95:2e:50:e1:5c:2f:0d:50:00:61:a6:1a:1a:d0:33:00:6d: 43:b7:f6:82:05:41:ca:ce:dc:4c:ce:15:61:a8:7d:01:d0:2d: fb:87:7d:d5:31:22:1e:96:b0:69:40:2d:ef:0e:87:01:5a:cf: 5e:93:41:e8:77:e0:c7:ee:8b:6d:d8:bf:a4:df:2b:6c:ae:2e: d6:94:b6:3f:89:7c:d2:f1:78:3c:a4:88:48:cc:d5:92:e1:53: a9:0e:26:cd:dc:37:8f:a2:71:70:38:25:1b:19:1b:a0:79:48: c0:19:92:16:fd:11:31:c8:74:a9:68:16:9c:d6:d7:d7:68:03: c4:15:56:b5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNiopMn80Qy2wd7GIK0yeVEbu0x4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxODAwMDAwNloX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAZWNkYTU4ZWFkYmUyYWM2M2ZkMTFm NDM4MmFiZWVlMGE3YWU2MjE2MjkwN2JhYjFlNTAyMjE5M2E2YzAyZTRkZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN3DQevEfexzuU7FdlIHtVI7yvAK fXBBrYGROBBZnrvuZJbLQf7FH2+P4XwkeYSYtc6L6RpJydxnKFQohhG+/rFaopz0 fG18NPIqjqRKz7wIUpBivt3OK0YO0ooNpcFgTl+EC54Nd/PNFgHe8qyZ3WyPQAO3 pPSLs/BDK9etloUd9XB4PRLbAcCY1zoy3xjvDHvGTp+6mrxigir1Dz774YnGXM66 GyCanF8VB/HonaUhYUsHSiuNU9lnlmdb11+XgxkbhE9HeC1Jw1P44W/4VB+sX9G0 35hw7iWkswb7Wk07trH3TbY5AEIJ2EEhuKN/iLNqdLh7ZDVvsVI3j04AZQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKrKF0/hmNCE+fOUO3iMh5ctoNP2MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzM2ODRlNTBjLWM1MGYtNGViYi1iMzI3LWUwNzU5MjQxMTk3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA7B2+hnO9QNwr9niCN ecXVOeNZHDfXWQlM+ai2DMKYqcz1UuUGA2EeqPVHTjvs/DCFlLtQF8chS+iuNhkQ z0CQTtb6DFVhU8X8BvNc9Rxs+8pmyojstLJDjw2EfFYhgCjU32ULS2NP0057xMt5 eUo9+gK/LKvm1wEVXRd80kLAlS5Q4VwvDVAAYaYaGtAzAG1Dt/aCBUHKztxMzhVh qH0B0C37h33VMSIelrBpQC3vDocBWs9ek0Hod+DH7ott2L+k3ytsri7WlLY/iXzS 8Xg8pIhIzNWS4VOpDibN3DePonFwOCUbGRugeUjAGZIW/RExyHSpaBac1tfXaAPE FVa1 -----END CERTIFICATE-----Generated at Sat Oct 18 13:44:00 2025 by rpki-client