$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: zgw1gADDD2VRjNIGI30UlXvCJlMvy1Rc5dfChKjDH+8= Subject key identifier: 6A:89:E7:93:B2:14:A3:D6:C7:53:7B:3D:D0:0B:CD:CF:96:9A:5E:17 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 655B2D710C5BC5771928A7E1759579B21715E588 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Mon 29 Sep 2025 15:00:10 +0000 ROA not before: Mon 29 Sep 2025 15:00:10 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:5b:2d:71:0c:5b:c5:77:19:28:a7:e1:75:95:79:b2:17:15:e5:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Sep 29 15:00:10 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=cfd483ffcaff6ac69864bd0bfc8165377b3e753db9fdbcc18c7a7cbd9cb94b1f, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:59:1f:49:13:b9:37:86:70:43:d4:4e:5c:68: 86:3d:8f:c9:cc:96:95:17:81:cb:45:f0:da:eb:b9: e9:ec:59:df:c8:fa:8a:e1:cc:40:98:e0:de:a9:45: 23:23:e5:66:25:b2:d0:dd:18:35:ec:fb:68:1f:ef: 88:ec:1b:6a:3c:30:a1:80:c5:73:c2:fa:8d:1f:57: d5:f0:ef:52:0c:ad:bf:cf:11:ff:74:f5:bf:eb:aa: 78:64:b9:08:16:dd:37:0e:58:3f:94:c4:fd:24:79: 63:33:82:c3:cd:6d:70:a3:5f:ce:52:d5:72:f9:8d: fb:41:17:f7:07:69:a8:0e:6a:4f:f1:d5:3d:17:4d: c1:c9:82:2e:ed:0c:ec:f2:5b:52:83:6e:3c:d2:73: 8a:0a:00:aa:ad:09:9a:80:d3:69:cf:1f:48:9d:48: 91:ae:20:b0:26:2b:48:e4:6f:d9:0f:6a:e0:7b:cb: e8:2f:ed:ae:53:a1:db:44:35:a8:44:b2:c8:e5:84: 87:1f:8b:03:b5:c5:b8:32:16:93:28:e0:d6:c4:dc: 90:95:89:57:c5:bc:34:1d:89:e8:ef:b9:45:8d:46: fa:22:80:41:2d:93:80:50:3a:6a:1d:ed:a7:bf:5c: 67:7a:f4:2a:a2:6b:24:c4:7c:7b:ba:6b:16:8e:12: 5c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:89:E7:93:B2:14:A3:D6:C7:53:7B:3D:D0:0B:CD:CF:96:9A:5E:17 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 83:c9:cd:c6:74:d6:da:27:b1:7a:27:c0:00:c5:cb:c4:29:70: 79:b4:9e:a0:9a:30:e5:04:dc:90:cc:57:1c:d6:71:8f:6b:5a: 8b:40:94:cd:89:48:1a:d9:2f:b5:8e:6d:7d:af:40:a6:1a:af: 8a:5b:81:79:32:ae:a5:c2:3b:d2:e5:e3:ec:84:42:cc:2d:72: b4:ca:4d:d2:35:57:d1:12:e4:64:b0:4c:f3:2d:a4:4d:ca:76: dd:bf:0f:69:3a:1d:c6:f7:93:cc:7c:3c:74:98:cc:c9:10:cc: 75:35:e0:dc:40:e8:03:c3:04:82:6e:db:d0:2b:fd:5d:32:ae: 69:32:bc:2f:ef:f9:70:9d:9b:fb:de:a0:e8:54:55:e6:6d:22: ac:b7:d1:d2:eb:bf:31:be:f8:ac:df:e4:1f:32:40:56:10:34: 75:e7:0d:a4:4b:87:57:f1:29:81:d7:a2:24:5f:75:e7:37:89: ee:80:bb:e7:e7:94:c1:79:39:5f:1f:af:cf:a3:5c:dd:2f:fe: 5b:62:f1:0b:1e:7a:08:b2:04:cf:41:02:84:43:2b:84:36:f1: a1:0a:cf:23:32:e0:0b:9c:86:96:4f:3e:df:b0:79:bb:b7:82: 6a:cf:00:21:f2:5a:9f:18:95:5d:93:7b:f3:dc:22:db:b9:d8: ad:76:d7:0a -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUZVstcQxbxXcZKKfhdZV5shcV5YgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDkyOTE1MDAxMFoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNAY2ZkNDgzZmZjYWZmNmFjNjk4NjRi ZDBiZmM4MTY1Mzc3YjNlNzUzZGI5ZmRiY2MxOGM3YTdjYmQ5Y2I5NGIxZjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1kfSRO5N4ZwQ9ROXGiGPY/JzJaV F4HLRfDa67np7FnfyPqK4cxAmODeqUUjI+VmJbLQ3Rg17PtoH++I7BtqPDChgMVz wvqNH1fV8O9SDK2/zxH/dPW/66p4ZLkIFt03Dlg/lMT9JHljM4LDzW1wo1/OUtVy +Y37QRf3B2moDmpP8dU9F03ByYIu7Qzs8ltSg2480nOKCgCqrQmagNNpzx9InUiR riCwJitI5G/ZD2rge8voL+2uU6HbRDWoRLLI5YSHH4sDtcW4MhaTKODWxNyQlYlX xbw0HYno77lFjUb6IoBBLZOAUDpqHe2nv1xnevQqomskxHx7umsWjhJcOQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFGqJ55OyFKPWx1N7PdALzc+Wml4XMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAg8nNxnTW2iexeifAAMXL xClwebSeoJow5QTckMxXHNZxj2tai0CUzYlIGtkvtY5tfa9AphqviluBeTKupcI7 0uXj7IRCzC1ytMpN0jVX0RLkZLBM8y2kTcp23b8PaTodxveTzHw8dJjMyRDMdTXg 3EDoA8MEgm7b0Cv9XTKuaTK8L+/5cJ2b+96g6FRV5m0irLfR0uu/Mb74rN/kHzJA VhA0decNpEuHV/EpgdeiJF915zeJ7oC75+eUwXk5Xx+vz6Nc3S/+W2LxCx56CLIE z0EChEMrhDbxoQrPIzLgC5yGlk8+37B5u7eCas8AIfJanxiVXZN789wi27nYrXbX Cg== -----END CERTIFICATE-----Generated at Sat Oct 18 13:42:16 2025 by rpki-client