$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: tRerzt2d2gilZ39X5Ni19bIKwAr1daXkckl3y1tsN24= Subject key identifier: 57:A7:7A:5C:B2:DE:86:EA:C0:4B:DB:11:78:C9:95:E4:69:C3:4A:FC Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 035ADF813648CAB202DF573ADC63AC753F0D70E8 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Fri 24 Oct 2025 00:00:01 +0000 ROA not before: Fri 24 Oct 2025 00:00:01 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:5a:df:81:36:48:ca:b2:02:df:57:3a:dc:63:ac:75:3f:0d:70:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Oct 24 00:00:01 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=243206075a30ec577dad1841a73b61200887d8b4565ee864a35529a6ce07adcd, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:30:e6:c7:e2:1b:40:87:05:8d:b5:dc:dc:dc: 53:68:24:31:a7:29:99:4f:41:df:dd:70:cb:dd:fe: f8:00:11:94:5d:fc:64:15:ef:de:2d:93:48:73:35: 88:6e:29:09:77:80:16:95:59:25:68:3b:ef:56:b7: de:79:16:34:4b:25:ad:d1:5d:8e:ed:ae:9e:27:47: f0:9c:b1:ee:54:16:e0:9e:ba:f6:86:11:5f:52:01: 13:f7:3b:36:de:0d:30:70:68:ff:31:0c:26:6c:49: f1:e9:35:e2:f5:b5:99:4c:3a:59:0c:86:81:5c:21: 65:6e:c0:86:32:4c:49:d0:99:8c:67:46:17:e6:60: 0d:f5:14:7f:fd:ca:0c:1f:15:60:75:58:da:42:03: 43:83:90:60:af:4a:0a:73:35:a6:40:a6:e4:93:ea: de:10:a9:7f:2d:20:f9:7f:36:c6:a8:61:26:69:9e: b4:8a:82:93:8a:be:54:ac:65:9b:42:db:08:11:c5: 82:1d:10:d9:f2:e0:b5:e0:3a:69:44:37:1a:88:dd: ee:67:07:a0:7e:d2:b9:f2:08:0d:41:ef:3f:73:6b: 32:f0:29:b4:b0:b7:9c:4f:e2:99:95:04:8e:c0:c6: 3a:0d:c7:6a:36:f3:38:dd:b1:aa:05:26:46:ab:9d: a9:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:A7:7A:5C:B2:DE:86:EA:C0:4B:DB:11:78:C9:95:E4:69:C3:4A:FC X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 2d:a6:98:25:05:38:36:24:c6:71:4c:53:0f:a3:00:7a:1f:0f: dd:ba:d5:b1:e0:7d:92:21:ac:90:90:e3:14:5c:e2:b9:4d:e3: 33:ef:2f:d5:c6:d8:f7:97:be:13:ae:91:45:1a:8e:7f:6e:0b: b7:09:29:a1:9f:2f:80:d0:c1:21:25:e2:00:44:2f:ad:eb:c1: 94:f0:49:0c:4a:39:b9:a8:e2:f5:00:5d:c3:db:d4:ef:14:6c: 53:8b:bf:13:a8:3d:dd:71:83:7d:17:38:57:ed:1b:32:05:43: b3:ea:33:fc:2b:e3:6f:a2:9e:da:c3:0d:7e:96:95:ab:d2:44: 05:f7:9b:ea:f5:fb:6e:75:82:13:75:52:88:f0:50:3a:3f:df: a4:d5:5f:bc:43:e9:11:d4:36:14:71:88:ec:3e:a5:8b:56:d8: 81:48:9b:cb:de:cb:da:82:b1:b4:57:6b:66:0a:0b:e7:d6:92: a2:5d:aa:37:46:bc:4c:67:3d:33:51:ea:cb:0f:84:e6:cd:13: 16:96:b7:3a:e8:fb:a1:6a:d3:e2:d0:03:78:26:30:c0:7a:41: 6a:f4:41:d1:7b:d5:8f:f4:a6:a1:d9:9d:23:92:c9:d8:82:eb: 48:5d:7c:28:37:c0:73:9a:f4:0f:56:f0:14:21:36:1d:21:76: 8a:3d:32:c0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUA1rfgTZIyrIC31c63GOsdT8NcOgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTAyNDAwMDAwMVoX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNAMjQzMjA2MDc1YTMwZWM1NzdkYWQx ODQxYTczYjYxMjAwODg3ZDhiNDU2NWVlODY0YTM1NTI5YTZjZTA3YWRjZDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTDmx+IbQIcFjbXc3NxTaCQxpymZ T0Hf3XDL3f74ABGUXfxkFe/eLZNIczWIbikJd4AWlVklaDvvVrfeeRY0SyWt0V2O 7a6eJ0fwnLHuVBbgnrr2hhFfUgET9zs23g0wcGj/MQwmbEnx6TXi9bWZTDpZDIaB XCFlbsCGMkxJ0JmMZ0YX5mAN9RR//coMHxVgdVjaQgNDg5Bgr0oKczWmQKbkk+re EKl/LSD5fzbGqGEmaZ60ioKTir5UrGWbQtsIEcWCHRDZ8uC14DppRDcaiN3uZweg ftK58ggNQe8/c2sy8Cm0sLecT+KZlQSOwMY6DcdqNvM43bGqBSZGq52pRQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFenelyy3obqwEvbEXjJleRpw0r8MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAtppglBTg2JMZxTFMP owB6Hw/dutWx4H2SIayQkOMUXOK5TeMz7y/Vxtj3l74TrpFFGo5/bgu3CSmhny+A 0MEhJeIARC+t68GU8EkMSjm5qOL1AF3D29TvFGxTi78TqD3dcYN9FzhX7RsyBUOz 6jP8K+Nvop7aww1+lpWr0kQF95vq9ftudYITdVKI8FA6P9+k1V+8Q+kR1DYUcYjs PqWLVtiBSJvL3svagrG0V2tmCgvn1pKiXao3RrxMZz0zUerLD4TmzRMWlrc66Puh atPi0AN4JjDAekFq9EHRe9WP9Kah2Z0jksnYgutIXXwoN8BzmvQPVvAUITYdIXaK PTLA -----END CERTIFICATE-----Generated at Sun Oct 26 22:21:43 2025 by rpki-client