$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa File: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (raw, json) Hash identifier: RByv4EVQGeNq1glNv1w/MkedeZ7C3SCHEdnUDoNPtmo= Subject key identifier: FF:F4:28:32:7A:3D:C3:BB:CE:4B:8B:CE:1B:88:E7:B4:71:49:6A:CC Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4DA05AC814F4DD451D35791D6593E1C90DCDE571 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa Signing time: Wed 03 Sep 2025 00:00:07 +0000 ROA not before: Wed 03 Sep 2025 00:00:07 +0000 ROA not after: Wed 08 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 00:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:a0:5a:c8:14:f4:dd:45:1d:35:79:1d:65:93:e1:c9:0d:cd:e5:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Sep 3 00:00:07 2025 GMT Not After : Oct 8 23:59:59 2025 GMT Subject: serialNumber=c2cd1bdfc8634b16bedcfce4897480c6da3d6fe21c62453d3e7673a30bdf0753, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:30:a6:02:d5:d5:1b:bc:23:72:eb:89:6b:e2: 6c:48:b6:e3:f1:71:3f:48:54:e2:fd:fc:de:55:82: f7:a5:7d:90:98:02:98:38:87:7b:ac:21:65:31:57: 75:d2:7d:b6:d2:54:1d:ca:38:58:db:7a:01:6c:f7: 11:b6:70:87:ad:d5:b1:2c:0f:26:86:06:2b:dc:54: 0e:c8:e5:13:c7:d6:f8:d9:1b:c7:db:dc:ab:af:12: e7:68:42:e1:24:2b:ff:a4:44:34:07:3d:99:ab:16: 1a:7c:4b:e8:1b:f0:16:33:33:82:38:64:58:36:dc: e7:34:a7:9c:97:00:14:3c:f4:cc:aa:c2:c9:f4:c6: ac:e0:a8:a5:e5:89:09:ba:7a:b3:56:92:fb:83:b9: e6:e9:93:12:c3:77:19:a8:ae:79:e9:85:a7:07:f1: 71:27:d7:1f:35:29:fd:cf:42:ef:52:d3:ac:88:fe: 07:ea:00:7c:a3:a0:7b:30:01:df:1e:86:05:31:7e: 6b:1d:ea:5c:59:7c:cf:58:52:d7:fb:83:0c:37:cc: 2e:37:6c:a4:e9:bc:48:80:fa:0b:32:fa:41:2b:51: bd:53:27:b0:40:17:17:3a:bc:fd:9a:61:aa:0a:92: e6:42:67:b2:a1:c8:17:02:94:80:74:35:12:f8:be: 4b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:F4:28:32:7A:3D:C3:BB:CE:4B:8B:CE:1B:88:E7:B4:71:49:6A:CC X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:ff00::/48 Signature Algorithm: sha256WithRSAEncryption a1:af:6b:d2:82:b0:a4:1a:d9:d2:0e:fe:05:f1:07:40:8b:3f: 8d:42:12:40:91:49:8c:0a:f3:15:ce:88:12:2d:99:2b:df:76: 08:1c:93:e6:9a:12:4e:b0:c0:7f:17:92:d0:37:66:25:f4:dc: 06:9b:6b:d4:b2:82:18:ad:fe:3d:99:db:8b:db:9d:a8:07:62: a4:1e:49:93:5d:f0:26:f9:8d:e4:48:d6:68:7d:00:3e:ca:1d: b9:c1:02:27:91:ae:25:48:5d:8f:c4:55:d2:82:56:f5:b2:39: 50:72:d1:4e:bc:b3:7a:9c:71:9d:f1:e2:6a:f8:d9:cd:82:68: c5:98:a7:89:25:b8:1e:9f:12:6d:d4:36:ac:4b:6e:32:91:65: d4:e9:81:e5:72:a9:20:e6:26:b7:24:8a:8f:68:36:a7:61:da: e6:0d:38:f3:f5:f9:e3:6c:29:01:38:37:1f:c6:88:24:2a:95: 24:14:22:f9:d8:a8:e9:74:c1:a1:af:3a:78:94:64:d8:67:fa: c5:56:af:84:4e:0d:9c:d4:bf:38:ad:5f:1b:1e:33:89:7d:a0: 90:3b:d0:c9:21:d5:c7:66:b3:2b:93:5d:0e:73:ca:43:ea:b4: 79:c9:f8:64:c9:ee:2f:af:9c:80:9a:ae:fd:07:c9:fd:c2:36: e6:0b:1e:8b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTaBayBT03UUdNXkdZZPhyQ3N5XEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDkwMzAwMDAwN1oX DTI1MTAwODIzNTk1OVowejFJMEcGA1UEBRNAYzJjZDFiZGZjODYzNGIxNmJlZGNm Y2U0ODk3NDgwYzZkYTNkNmZlMjFjNjI0NTNkM2U3NjczYTMwYmRmMDc1MzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjCmAtXVG7wjcuuJa+JsSLbj8XE/ SFTi/fzeVYL3pX2QmAKYOId7rCFlMVd10n220lQdyjhY23oBbPcRtnCHrdWxLA8m hgYr3FQOyOUTx9b42RvH29yrrxLnaELhJCv/pEQ0Bz2ZqxYafEvoG/AWMzOCOGRY NtznNKeclwAUPPTMqsLJ9Mas4Kil5YkJunqzVpL7g7nm6ZMSw3cZqK556YWnB/Fx J9cfNSn9z0LvUtOsiP4H6gB8o6B7MAHfHoYFMX5rHepcWXzPWFLX+4MMN8wuN2yk 6bxIgPoLMvpBK1G9UyewQBcXOrz9mmGqCpLmQmeyocgXApSAdDUS+L5LJQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP/0KDJ6PcO7zkuLzhuI57RxSWrMMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2ZjZDZhZGFiLTA2ZjAtNDY3Ni05NTY4LTZkNGQ0OGY3NjU4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQChr2vSgrCkGtnSDv4F 8QdAiz+NQhJAkUmMCvMVzogSLZkr33YIHJPmmhJOsMB/F5LQN2Yl9NwGm2vUsoIY rf49mduL252oB2KkHkmTXfAm+Y3kSNZofQA+yh25wQInka4lSF2PxFXSglb1sjlQ ctFOvLN6nHGd8eJq+NnNgmjFmKeJJbgenxJt1DasS24ykWXU6YHlcqkg5ia3JIqP aDanYdrmDTjz9fnjbCkBODcfxogkKpUkFCL52KjpdMGhrzp4lGTYZ/rFVq+ETg2c 1L84rV8bHjOJfaCQO9DJIdXHZrMrk10Oc8pD6rR5yfhkye4vr5yAmq79B8n9wjbm Cx6L -----END CERTIFICATE-----Generated at Wed Sep 17 09:27:58 2025 by rpki-client