$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa File: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (raw, json) Hash identifier: 8yPh7RFUtDHIOMlg2c13wT8N//u27y/UzlNQTFASLCE= Subject key identifier: 9A:65:B9:15:8F:50:2B:DB:44:E9:AF:7D:28:60:61:73:0C:69:3E:75 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 1F85DEE89C8DDC106D5E7CA7C7662DC583F87EDC Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa Signing time: Fri 24 Oct 2025 00:00:01 +0000 ROA not before: Fri 24 Oct 2025 00:00:01 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 00:00:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:85:de:e8:9c:8d:dc:10:6d:5e:7c:a7:c7:66:2d:c5:83:f8:7e:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 24 00:00:01 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=3b8961c17468a74a8918c2a5122673f412eed74bb7ab9616c94679b63897272c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b6:93:bf:9d:0c:cb:f5:25:bd:c8:0e:32:a0: 33:b6:7a:e8:0f:34:96:74:4f:87:57:30:d2:c1:d8: 10:0d:8d:ad:ca:b1:1a:0a:cc:b2:de:f8:9f:7f:11: ac:e9:5c:50:fe:d9:03:7f:73:78:f7:30:b0:e8:ca: 2d:5b:af:91:3e:45:39:05:e1:fc:39:5a:b8:a5:70: de:3a:6f:1c:c9:46:d2:83:a6:47:ae:02:16:e2:dc: 9a:2c:a0:69:f0:3c:25:64:2b:1a:cf:73:41:50:38: 14:b9:40:ca:2f:94:c3:11:47:21:be:bd:c8:b5:14: 08:d5:88:c5:a3:dc:25:c6:f7:f9:65:89:a5:83:1e: 87:a3:7b:01:35:52:66:f5:f9:7c:9e:10:e8:af:f8: 97:1c:ce:13:f3:e5:64:1a:28:a8:af:99:32:b1:14: c1:20:97:c9:a2:3c:8e:62:21:5c:0d:72:30:0d:f2: af:75:c2:ff:41:a4:d6:86:89:7d:c3:41:d4:14:22: 8c:82:75:c0:d9:ad:7f:99:92:55:bb:0f:c2:7e:79: b4:40:a0:85:6d:47:58:92:e1:0f:fe:cb:7f:7b:83: 80:d4:94:3a:a2:18:27:00:b1:d1:53:ea:5e:27:26: d8:b2:9f:36:14:4d:90:ea:07:87:77:92:c6:5e:ca: 02:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:65:B9:15:8F:50:2B:DB:44:E9:AF:7D:28:60:61:73:0C:69:3E:75 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 46:1b:83:aa:fd:fe:ba:27:ac:c0:13:2c:55:f7:e9:cb:c1:24: f5:68:f4:3f:dc:19:4e:14:cd:07:60:8b:ba:0a:d5:d9:54:10: 50:c6:e6:df:e3:2b:ea:5b:ee:8f:be:ed:58:ef:5a:87:e6:10: a6:21:ce:ab:16:5f:50:d9:ed:3d:7f:b8:08:08:bb:c0:ab:3d: d8:93:fe:a1:19:84:4d:95:ba:e8:1d:1f:43:09:b8:87:e2:8e: 24:ae:68:a2:5c:65:67:2a:4a:9d:45:e1:a4:58:c0:a6:33:4b: 10:6f:3b:7d:61:a7:35:68:08:1b:05:95:cf:89:dd:24:9a:8e: 2e:3e:58:d3:2f:2d:d6:6c:2c:dc:b1:57:d5:ed:9c:d3:1b:3d: 4c:93:7c:c6:53:ac:70:00:3f:8c:72:eb:42:5b:6f:3f:35:0c: da:7e:5e:a8:c2:5a:88:63:eb:b2:c9:c7:c9:53:4d:6e:ae:5b: d8:da:aa:9c:64:35:40:0b:f1:5a:77:3a:7f:1f:64:44:6f:49: 1d:50:8f:90:7d:2b:ad:64:01:b4:0c:b8:e6:17:83:6e:ad:be: f6:b8:60:04:c2:c2:4c:e6:1e:ce:04:8c:54:91:4f:8f:49:61: 0c:aa:40:bd:03:6a:c0:9e:86:ec:12:66:12:41:ab:a7:96:21: f2:51:fd:40 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUH4Xe6JyN3BBtXnynx2YtxYP4ftwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAyNDAwMDAwMVoX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNAM2I4OTYxYzE3NDY4YTc0YTg5MThj MmE1MTIyNjczZjQxMmVlZDc0YmI3YWI5NjE2Yzk0Njc5YjYzODk3MjcyYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7aTv50My/UlvcgOMqAztnroDzSW dE+HVzDSwdgQDY2tyrEaCsyy3viffxGs6VxQ/tkDf3N49zCw6MotW6+RPkU5BeH8 OVq4pXDeOm8cyUbSg6ZHrgIW4tyaLKBp8DwlZCsaz3NBUDgUuUDKL5TDEUchvr3I tRQI1YjFo9wlxvf5ZYmlgx6Ho3sBNVJm9fl8nhDor/iXHM4T8+VkGiior5kysRTB IJfJojyOYiFcDXIwDfKvdcL/QaTWhol9w0HUFCKMgnXA2a1/mZJVuw/Cfnm0QKCF bUdYkuEP/st/e4OA1JQ6ohgnALHRU+peJybYsp82FE2Q6geHd5LGXsoCuQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJpluRWPUCvbROmvfShgYXMMaT51MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2ZjZDZhZGFiLTA2ZjAtNDY3Ni05NTY4LTZkNGQ0OGY3NjU4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQBGG4Oq/f66J6zAEyxV 9+nLwST1aPQ/3BlOFM0HYIu6CtXZVBBQxubf4yvqW+6Pvu1Y71qH5hCmIc6rFl9Q 2e09f7gICLvAqz3Yk/6hGYRNlbroHR9DCbiH4o4krmiiXGVnKkqdReGkWMCmM0sQ bzt9Yac1aAgbBZXPid0kmo4uPljTLy3WbCzcsVfV7ZzTGz1Mk3zGU6xwAD+McutC W28/NQzafl6owlqIY+uyycfJU01urlvY2qqcZDVAC/Fadzp/H2REb0kdUI+QfSut ZAG0DLjmF4Nurb72uGAEwsJM5h7OBIxUkU+PSWEMqkC9A2rAnobsEmYSQaunliHy Uf1A -----END CERTIFICATE-----Generated at Fri Oct 24 08:06:10 2025 by rpki-client