$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa File: 8c170584-7c9b-414b-8cba-a934a0a79bbe.roa (raw, json) Hash identifier: 26s/OMmcwWQLpExoQRxdUqhOk4rubcYfXvubjEKCfFA= Subject key identifier: 61:E9:3D:BE:89:92:E8:6C:00:AF:C8:8C:98:EF:1C:9D:68:5F:35:DC Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 591BE3EB02AEA9813CC87FD8E55F65E8B75CCC23 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa Signing time: Sat 18 Oct 2025 00:00:05 +0000 ROA not before: Sat 18 Oct 2025 00:00:05 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:1b:e3:eb:02:ae:a9:81:3c:c8:7f:d8:e5:5f:65:e8:b7:5c:cc:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 18 00:00:05 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=846c9365fd5e8b30b6ba7e88006a440da08822fba5972ff5bffebb4a1ba7cf51, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:ec:03:e3:57:45:8e:2e:5f:e2:f0:e1:e9:64: 89:c3:89:05:b1:f2:c9:52:5e:91:b3:46:c4:35:8c: 8c:81:d0:f8:6f:c0:79:ce:f0:ef:42:a6:e5:ea:e6: e8:95:6d:5e:e0:2f:ba:6c:13:07:e2:19:e1:e3:10: d5:dd:90:4b:6d:50:6a:3e:2c:7b:ac:95:5d:e0:61: f1:2e:05:5b:9a:94:7d:94:ff:b3:cb:a2:d3:b0:2f: aa:68:4e:bf:cf:cd:68:75:a4:89:6f:f0:04:8a:fc: 9f:4b:80:c5:8e:85:bf:b1:fd:19:68:07:f1:8f:b1: 42:bc:a9:47:87:9a:38:12:c9:bf:f0:b2:3d:79:de: 69:43:ac:69:9b:ae:19:b2:c0:e6:c7:0d:cf:81:ee: c4:96:ee:07:71:c1:a8:3f:b6:27:d2:8e:08:39:28: 5c:20:13:1c:b3:ef:c2:76:a9:2b:78:80:77:67:4f: f9:65:ff:af:5e:59:0a:7e:ac:20:b6:a8:13:31:a7: c6:e4:90:2a:54:0d:71:ae:5e:9f:71:b5:61:dc:c3: b4:89:7b:ed:54:85:36:16:e7:5f:40:94:d6:07:66: c3:f5:70:1a:e7:a0:13:61:52:bc:c0:cd:86:13:21: ca:12:fe:4b:d8:af:2b:af:9a:a4:ed:9c:6c:d6:22: df:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:E9:3D:BE:89:92:E8:6C:00:AF:C8:8C:98:EF:1C:9D:68:5F:35:DC X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:4000::/48 Signature Algorithm: sha256WithRSAEncryption 9b:c3:de:fb:fa:5e:f4:dd:22:3e:4b:d0:ac:60:d2:f6:6c:13: 1d:44:1d:03:b7:5f:7c:c2:0b:98:8b:d0:54:43:49:67:db:73: f3:8a:6e:ad:5b:fc:37:b4:77:fe:cc:7a:1b:b4:55:c8:1f:fe: a3:1b:50:71:7b:dd:66:ee:1b:02:b3:0c:85:82:cd:7e:38:3c: a4:35:0f:88:5f:43:fd:22:05:20:f2:03:8a:46:3a:07:e1:d3: 0c:7e:9d:b6:f3:01:3b:c1:4a:a6:d3:c1:33:e3:0f:be:af:9f: 75:a2:99:34:94:c3:5e:ac:24:fc:e6:3e:56:ac:bd:b5:1b:f2: 0a:4d:10:e0:6b:69:b5:ae:10:1e:38:fa:4e:4a:a4:b0:fc:6c: 67:84:75:80:c2:11:db:93:2d:a3:2a:6a:42:e8:d7:66:62:95: 01:61:7f:f4:82:79:71:c0:16:4d:31:0f:1d:b1:93:ae:89:9e: 16:ba:eb:53:2d:11:36:b5:f7:52:e8:aa:72:d0:89:49:99:64: a2:03:e9:71:0f:4e:6e:38:ef:7f:c3:d4:00:da:f9:6a:eb:d7: 88:af:11:61:58:b9:e7:48:cf:79:cb:ae:97:2c:39:bd:6b:9b: 93:91:a2:29:a0:c0:98:67:3e:1d:db:25:7e:de:7b:26:ed:35: 2c:b6:ea:89 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWRvj6wKuqYE8yH/Y5V9l6LdczCMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxODAwMDAwNVoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAODQ2YzkzNjVmZDVlOGIzMGI2YmE3 ZTg4MDA2YTQ0MGRhMDg4MjJmYmE1OTcyZmY1YmZmZWJiNGExYmE3Y2Y1MTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uwD41dFji5f4vDh6WSJw4kFsfLJ Ul6Rs0bENYyMgdD4b8B5zvDvQqbl6ubolW1e4C+6bBMH4hnh4xDV3ZBLbVBqPix7 rJVd4GHxLgVbmpR9lP+zy6LTsC+qaE6/z81odaSJb/AEivyfS4DFjoW/sf0ZaAfx j7FCvKlHh5o4Esm/8LI9ed5pQ6xpm64ZssDmxw3Pge7Elu4HccGoP7Yn0o4IOShc IBMcs+/CdqkreIB3Z0/5Zf+vXlkKfqwgtqgTMafG5JAqVA1xrl6fcbVh3MO0iXvt VIU2FudfQJTWB2bD9XAa56ATYVK8wM2GEyHKEv5L2K8rr5qk7Zxs1iLfhwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGHpPb6JkuhsAK/IjJjvHJ1oXzXcMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzhjMTcwNTg0LTdjOWItNDE0Yi04Y2JhLWE5MzRhMGE3OWJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAEAAMA0GCSqGSIb3DQEBCwUAA4IBAQCbw977+l703SI+S9Cs YNL2bBMdRB0Dt198wguYi9BUQ0ln23Pzim6tW/w3tHf+zHobtFXIH/6jG1Bxe91m 7hsCswyFgs1+ODykNQ+IX0P9IgUg8gOKRjoH4dMMfp228wE7wUqm08Ez4w++r591 opk0lMNerCT85j5WrL21G/IKTRDga2m1rhAeOPpOSqSw/GxnhHWAwhHbky2jKmpC 6NdmYpUBYX/0gnlxwBZNMQ8dsZOuiZ4WuutTLRE2tfdS6Kpy0IlJmWSiA+lxD05u OO9/w9QA2vlq69eIrxFhWLnnSM95y66XLDm9a5uTkaIpoMCYZz4d2yV+3nsm7TUs tuqJ -----END CERTIFICATE-----Generated at Sat Oct 18 13:43:59 2025 by rpki-client