$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa File: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (raw, json) Hash identifier: 1v9wIq4sBNlm/GC2BfQyE/SqWT0MGKf/GJbKnEXdVbE= Subject key identifier: 4D:50:E1:02:2C:70:8F:28:FA:3D:C1:FF:2E:90:05:88:34:E7:D6:77 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 4257667E1EB7E39CB38980CD4C33D3C1E4056549 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa Signing time: Sat 18 Oct 2025 00:00:26 +0000 ROA not before: Sat 18 Oct 2025 00:00:26 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:57:66:7e:1e:b7:e3:9c:b3:89:80:cd:4c:33:d3:c1:e4:05:65:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 18 00:00:26 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=3e605474a7474f259b6c8055cd255b679c673883b28e0d3d58e3962b9ac36f7f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f9:c2:f4:67:83:29:1e:7c:47:26:77:6e:d8: f5:96:a6:8c:a0:5d:2b:64:c7:cb:b9:dd:89:e9:e1: cd:c8:9d:37:31:ff:7f:98:8c:23:43:1a:e7:41:81: ef:af:3a:c3:78:31:1a:2f:00:0c:bc:e5:33:72:3b: ba:13:04:49:d6:07:5c:80:c3:c5:3d:a2:89:c1:d3: 9e:b4:38:78:77:d5:07:95:6e:ab:27:3a:00:1f:86: d2:e6:d7:0b:d9:e9:09:da:38:91:7b:97:bf:09:2c: 2e:85:f4:c1:a2:31:b3:82:54:7e:72:1b:ed:97:a8: 5a:dc:b6:ee:cf:2e:9d:bc:8c:89:6a:30:bb:38:c5: 43:69:91:f6:d6:27:09:88:06:70:46:cc:20:03:17: 6e:fe:5f:9a:79:7d:82:fb:2d:8e:47:9b:eb:9e:b2: eb:77:83:d6:96:88:bc:a6:c8:52:ac:ac:27:cd:66: a6:a0:5b:61:73:69:80:24:43:2a:87:e2:1a:38:7e: d8:41:66:8c:70:ef:b3:f3:77:bb:07:cc:6b:2e:d3: 52:28:26:ff:e2:e0:fe:c1:65:98:25:40:5c:19:b2: 16:2a:4f:6b:a0:ef:b9:6e:27:4d:ec:df:fd:13:d0: 15:2f:7c:84:26:33:da:b7:6d:d2:9d:01:21:05:71: 32:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:50:E1:02:2C:70:8F:28:FA:3D:C1:FF:2E:90:05:88:34:E7:D6:77 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 2a:66:c6:51:c1:e8:9c:b2:02:22:68:4e:c0:89:91:12:95:6b: 68:73:3e:1a:63:95:2b:1e:3a:eb:f0:ad:8f:b2:4e:d7:c4:d9: b4:10:e6:c8:c6:f2:aa:e0:93:b3:85:af:ad:d0:db:72:f4:52: d3:a4:39:aa:93:1b:bc:b6:73:7a:1d:5e:4d:8e:b1:87:5d:55: c3:4b:21:1f:8c:8a:1a:2f:9b:5b:93:d7:ec:ef:f2:bb:17:91: 19:e7:b2:23:29:3c:f9:de:cf:f0:12:9a:7c:88:6b:fd:24:72: 3e:cd:66:83:a0:7c:e6:64:9b:42:6b:a0:13:8c:b5:19:d6:c0: 8d:aa:9e:ed:e1:84:f5:fe:bd:cc:07:68:9c:46:e7:fa:3b:4a: bf:ab:94:6c:f7:69:38:33:f6:80:02:c7:da:d1:cc:4a:4c:c9: 73:48:78:1d:a4:de:c9:39:dc:15:54:b2:25:24:e5:5e:40:52: 0f:41:1b:6a:ad:51:fb:e1:ef:93:ea:f3:4c:95:ff:ba:a9:9a: ea:4c:86:c6:88:49:5a:c8:21:c6:26:99:70:c2:ec:ce:e6:14: 91:9f:89:c9:d8:67:48:4d:c2:eb:7e:ea:9a:67:71:e7:47:35: 43:53:c6:99:a1:da:bc:9f:fb:68:26:d9:a4:f2:57:fc:1d:5c: 31:40:4b:56 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQldmfh6345yziYDNTDPTweQFZUkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAxODAwMDAyNloX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAM2U2MDU0NzRhNzQ3NGYyNTliNmM4 MDU1Y2QyNTViNjc5YzY3Mzg4M2IyOGUwZDNkNThlMzk2MmI5YWMzNmY3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvnC9GeDKR58RyZ3btj1lqaMoF0r ZMfLud2J6eHNyJ03Mf9/mIwjQxrnQYHvrzrDeDEaLwAMvOUzcju6EwRJ1gdcgMPF PaKJwdOetDh4d9UHlW6rJzoAH4bS5tcL2ekJ2jiRe5e/CSwuhfTBojGzglR+chvt l6ha3Lbuzy6dvIyJajC7OMVDaZH21icJiAZwRswgAxdu/l+aeX2C+y2OR5vrnrLr d4PWloi8pshSrKwnzWamoFthc2mAJEMqh+IaOH7YQWaMcO+z83e7B8xrLtNSKCb/ 4uD+wWWYJUBcGbIWKk9roO+5bidN7N/9E9AVL3yEJjPat23SnQEhBXEyPwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFE1Q4QIscI8o+j3B/y6QBYg059Z3MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1ZDZjYmFlLThiN2YtNDVhOS04ZDliLTQ1OGQxMGE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQAqZsZRweicsgIiaE7AiZES lWtocz4aY5UrHjrr8K2Psk7XxNm0EObIxvKq4JOzha+t0Nty9FLTpDmqkxu8tnN6 HV5NjrGHXVXDSyEfjIoaL5tbk9fs7/K7F5EZ57IjKTz53s/wEpp8iGv9JHI+zWaD oHzmZJtCa6ATjLUZ1sCNqp7t4YT1/r3MB2icRuf6O0q/q5Rs92k4M/aAAsfa0cxK TMlzSHgdpN7JOdwVVLIlJOVeQFIPQRtqrVH74e+T6vNMlf+6qZrqTIbGiElayCHG JplwwuzO5hSRn4nJ2GdITcLrfuqaZ3HnRzVDU8aZodq8n/toJtmk8lf8HVwxQEtW -----END CERTIFICATE-----Generated at Mon Oct 20 13:22:08 2025 by rpki-client