$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa File: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (raw, json) Hash identifier: crbnfBSBUv7kqzvdC15ui/LRtS7PQKPupuvCIreIl3Y= Subject key identifier: 74:D2:21:C2:C7:EE:0F:C3:8B:8F:B0:24:12:E9:D8:80:8F:C1:C6:AD Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 09EB757E63CA4CE0CE5D19C753CC928A1E3E9E70 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa Signing time: Sat 18 Oct 2025 00:00:27 +0000 ROA not before: Sat 18 Oct 2025 00:00:27 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:eb:75:7e:63:ca:4c:e0:ce:5d:19:c7:53:cc:92:8a:1e:3e:9e:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 18 00:00:27 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=c620b651cb9771ae67d3438203af0bdc96fe19e7b0c6932c57804885632026f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ae:2a:62:d1:b8:8f:e8:d9:4e:50:de:4a:c3: c8:83:83:76:7c:4f:15:54:b5:97:12:6e:5d:af:3c: fe:86:10:6b:a6:f5:e3:cb:9c:43:1f:44:9b:21:ca: a1:8f:32:fd:53:ec:35:dc:c4:eb:90:17:a6:2b:0c: ba:a7:8b:13:4a:4f:0d:be:a6:e2:1c:d6:5d:f4:a6: 63:7d:c5:54:9c:75:e1:05:a1:6c:76:a0:1f:88:c5: 34:0a:41:79:cf:1e:15:9a:0d:6c:6f:70:f6:df:35: c9:da:23:17:60:06:91:fe:72:c6:75:f1:bb:70:b0: c0:9d:9b:8b:64:a2:06:74:bd:01:b3:2d:aa:80:75: 37:c9:b8:c0:69:c8:13:d1:38:a7:5b:c7:1d:70:47: c2:bf:24:a1:ba:c9:da:ef:df:bf:67:ea:6c:3e:ea: 1f:ff:9f:1e:d9:3e:24:cc:2d:92:4d:b6:2d:d5:fc: c0:55:a6:84:a9:bb:1c:56:20:0d:af:8a:36:b0:53: e2:f6:1a:5b:15:47:39:52:37:9f:a0:5c:8c:e2:7a: ce:1b:7b:cb:37:5e:ee:0a:ac:fa:67:6a:65:5e:00: 00:5c:f5:54:b6:cd:cc:67:63:8c:b8:a0:08:f9:6e: 50:69:fd:de:18:a2:7c:6e:48:9e:0f:5b:19:f4:b3: 5c:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:D2:21:C2:C7:EE:0F:C3:8B:8F:B0:24:12:E9:D8:80:8F:C1:C6:AD X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.240.0/21 Signature Algorithm: sha256WithRSAEncryption 34:e4:ca:5c:05:fd:34:b9:f1:92:8a:64:95:65:1c:6a:a0:8b: ea:e6:e9:5e:12:d4:e1:69:d5:d7:17:52:f4:a2:50:c9:d0:6e: d0:55:5c:65:b1:8c:80:b3:85:00:ed:be:26:7f:4a:31:c9:16: 72:cd:dd:b8:7e:ad:c0:a5:92:a3:41:d2:0b:c3:90:b9:c4:34: 55:45:a6:56:34:7b:25:ce:cf:41:6f:b9:86:41:05:b2:94:b9: f0:ca:2f:55:ff:ad:b0:3d:f2:28:d9:64:00:43:39:cd:7a:8f: c3:4b:32:86:35:2c:28:2b:e5:27:e4:28:a6:cf:30:26:6c:c2: 96:6d:33:f8:eb:1c:78:7a:8e:88:5b:62:e7:c1:62:8c:3f:14: 76:a3:72:39:da:58:fa:5a:b7:c4:59:f9:6e:6b:6a:46:db:0c: 51:03:26:01:cd:eb:2e:44:ea:b2:cf:6e:fd:5f:76:d9:4a:6e: 01:15:0d:39:7a:01:a7:59:5f:29:b6:6b:3a:18:68:6e:78:b3: 2b:b9:08:c3:51:34:f1:10:80:c2:9e:2f:c6:45:d4:6c:11:42: a1:1b:1e:f2:54:44:89:a7:f3:74:1e:f4:2d:bd:cd:5a:cb:ee: 5e:b7:a5:fd:6a:c4:53:7f:8b:ac:46:5e:69:92:03:8c:c4:77: 42:b7:b5:16 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUCet1fmPKTODOXRnHU8ySih4+nnAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAxODAwMDAyN1oX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAYzYyMGI2NTFjYjk3NzFhZTY3ZDM0 MzgyMDNhZjBiZGM5NmZlMTllN2IwYzY5MzJjNTc4MDQ4ODU2MzIwMjZmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo64qYtG4j+jZTlDeSsPIg4N2fE8V VLWXEm5drzz+hhBrpvXjy5xDH0SbIcqhjzL9U+w13MTrkBemKwy6p4sTSk8Nvqbi HNZd9KZjfcVUnHXhBaFsdqAfiMU0CkF5zx4Vmg1sb3D23zXJ2iMXYAaR/nLGdfG7 cLDAnZuLZKIGdL0Bsy2qgHU3ybjAacgT0TinW8cdcEfCvyShusna79+/Z+psPuof /58e2T4kzC2STbYt1fzAVaaEqbscViANr4o2sFPi9hpbFUc5UjefoFyM4nrOG3vL N17uCqz6Z2plXgAAXPVUts3MZ2OMuKAI+W5Qaf3eGKJ8bkieD1sZ9LNcfwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHTSIcLH7g/Di4+wJBLp2ICPwcatMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwOTU2NjkwLTM2NjEtNDlmMi04ZWJjLTJmYTVhNDdhOThhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jwMA0GCSqGSIb3DQEBCwUAA4IBAQA05MpcBf00ufGSimSVZRxq oIvq5uleEtThadXXF1L0olDJ0G7QVVxlsYyAs4UA7b4mf0oxyRZyzd24fq3ApZKj QdILw5C5xDRVRaZWNHslzs9Bb7mGQQWylLnwyi9V/62wPfIo2WQAQznNeo/DSzKG NSwoK+Un5CimzzAmbMKWbTP46xx4eo6IW2LnwWKMPxR2o3I52lj6WrfEWflua2pG 2wxRAyYBzesuROqyz279X3bZSm4BFQ05egGnWV8ptms6GGhueLMruQjDUTTxEIDC ni/GRdRsEUKhGx7yVESJp/N0HvQtvc1ay+5et6X9asRTf4usRl5pkgOMxHdCt7UW -----END CERTIFICATE-----Generated at Mon Oct 20 15:58:03 2025 by rpki-client