$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa File: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (raw, json) Hash identifier: IAE/EgLUs20wPy1NberdZ5RlgXXRQyh5hMi8XIkDDVc= Subject key identifier: A1:BF:C5:A2:34:D0:91:A1:F0:B9:51:28:41:3F:C7:D0:35:43:62:DE Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 56B7DA9455C9572F0E2FE342978ECEB20F0187BD Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa Signing time: Sat 18 Oct 2025 00:00:26 +0000 ROA not before: Sat 18 Oct 2025 00:00:26 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:b7:da:94:55:c9:57:2f:0e:2f:e3:42:97:8e:ce:b2:0f:01:87:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 18 00:00:26 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=f288e0de7118eef39a25005ca78d5347ff299035b820813e80da03fbd059ac87, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f6:42:50:31:5f:57:89:a8:b1:8a:6b:ab:b1: 34:50:45:86:18:e7:77:18:f1:49:de:95:11:b1:0b: 14:8a:fa:70:e4:f4:09:e8:85:b9:88:45:6e:be:b9: 8e:30:8d:91:07:d1:93:a6:cd:42:20:fe:af:68:dc: 19:1c:4f:25:78:55:9e:c8:30:93:08:83:bf:a1:9c: 75:4d:4b:51:72:22:90:4e:e3:d5:7f:06:e1:d6:f1: b5:c9:20:03:5b:54:55:04:c4:a6:e3:3e:f2:ec:f7: 68:eb:d3:87:4e:c0:0e:91:7a:48:98:89:d1:97:88: c7:2d:83:4c:a5:4a:bd:6b:68:75:4b:27:13:b5:db: 48:5e:f2:54:c7:12:1e:3b:fe:04:5e:a7:26:e9:ab: e9:8c:5d:b2:2c:63:35:68:32:64:87:01:e7:32:3f: 8b:29:ce:4d:5b:60:45:88:64:8d:4a:3b:cd:ac:8a: 93:ed:0b:49:92:17:be:e7:b9:62:5e:f5:27:46:9c: ec:12:1e:a4:c6:0d:56:d1:15:e5:56:62:ae:1a:d0: 91:2c:a5:c7:f5:56:c4:ee:ae:81:f5:3d:ca:f0:a3: ca:70:d6:b7:cf:be:c0:c1:f3:ef:c7:3a:83:38:34: a4:af:5c:2c:00:a3:c0:d9:6d:e2:07:40:b6:5b:d6: 29:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:BF:C5:A2:34:D0:91:A1:F0:B9:51:28:41:3F:C7:D0:35:43:62:DE X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 93:5d:17:13:4f:b2:63:c2:13:5a:16:16:2f:aa:5e:7f:e3:43: 27:2a:a8:26:c1:61:a5:fd:a1:9a:42:80:40:14:4c:7b:5e:65: 5d:37:e7:86:e4:da:b2:60:e8:b6:a3:1c:5d:32:0e:fe:d1:f3: ac:9f:98:57:2d:1c:76:e3:b4:c0:15:6b:84:9f:ae:af:f9:89: 7f:fb:c4:d3:7d:30:3f:bd:29:64:54:34:f9:5b:0f:a0:b3:c5: 91:e6:6f:4f:e2:03:9e:42:94:6b:c7:e9:cc:9d:fa:b1:4b:33: 8f:04:c9:1e:1a:80:14:1d:e4:f3:7c:ee:7a:e9:49:bb:e9:f4: 4c:a3:36:61:f2:f2:b3:01:82:55:e1:bd:5c:e8:31:70:66:07: 03:e3:ff:0a:a8:a8:36:82:96:6c:dc:33:f7:40:16:2c:7d:f6: 1a:b8:e6:f7:fb:cf:6f:e0:40:b9:4c:ce:f6:42:9d:f9:fe:b3: 2b:39:32:22:c5:c8:b2:45:60:b9:88:51:61:db:d5:98:b8:0b: 4c:8a:26:bd:cd:82:5b:5e:24:7e:58:b5:5c:42:ce:d7:18:ae: 76:05:d7:6f:cc:aa:13:c3:35:bf:19:68:a7:f2:09:19:9b:c4: 7d:b7:17:5f:a7:72:41:29:8b:49:85:a8:82:50:ac:1f:90:cf: 05:21:59:96 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVrfalFXJVy8OL+NCl47Osg8Bh70wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAxODAwMDAyNloX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAZjI4OGUwZGU3MTE4ZWVmMzlhMjUw MDVjYTc4ZDUzNDdmZjI5OTAzNWI4MjA4MTNlODBkYTAzZmJkMDU5YWM4NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/ZCUDFfV4mosYprq7E0UEWGGOd3 GPFJ3pURsQsUivpw5PQJ6IW5iEVuvrmOMI2RB9GTps1CIP6vaNwZHE8leFWeyDCT CIO/oZx1TUtRciKQTuPVfwbh1vG1ySADW1RVBMSm4z7y7Pdo69OHTsAOkXpImInR l4jHLYNMpUq9a2h1SycTtdtIXvJUxxIeO/4EXqcm6avpjF2yLGM1aDJkhwHnMj+L Kc5NW2BFiGSNSjvNrIqT7QtJkhe+57liXvUnRpzsEh6kxg1W0RXlVmKuGtCRLKXH 9VbE7q6B9T3K8KPKcNa3z77AwfPvxzqDODSkr1wsAKPA2W3iB0C2W9YpzwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKG/xaI00JGh8LlRKEE/x9A1Q2LeMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJlNDBlZTBiLTlhYTktNDkxOS1hMDc5LTk3MTIyMTJlMTI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/joMA0GCSqGSIb3DQEBCwUAA4IBAQCTXRcTT7JjwhNaFhYvql5/ 40MnKqgmwWGl/aGaQoBAFEx7XmVdN+eG5NqyYOi2oxxdMg7+0fOsn5hXLRx247TA FWuEn66v+Yl/+8TTfTA/vSlkVDT5Ww+gs8WR5m9P4gOeQpRrx+nMnfqxSzOPBMke GoAUHeTzfO566Um76fRMozZh8vKzAYJV4b1c6DFwZgcD4/8KqKg2gpZs3DP3QBYs ffYauOb3+89v4EC5TM72Qp35/rMrOTIixciyRWC5iFFh29WYuAtMiia9zYJbXiR+ WLVcQs7XGK52BddvzKoTwzW/GWin8gkZm8R9txdfp3JBKYtJhaiCUKwfkM8FIVmW -----END CERTIFICATE-----Generated at Mon Oct 20 20:53:56 2025 by rpki-client