$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa File: 565f9740-389f-45ac-956e-b96e19889315.roa (raw, json) Hash identifier: LJvew2T9bQIWuMlfUiq97MVDbVzuyC1QaX8FwA75otA= Subject key identifier: D0:57:92:1D:82:0E:D0:10:06:1B:61:6E:3D:83:3E:97:33:68:FB:51 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 6CA4F41771F818E3FE7962D75D9D9C948439D0C4 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa Signing time: Sat 18 Oct 2025 00:00:45 +0000 ROA not before: Sat 18 Oct 2025 00:00:45 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:a4:f4:17:71:f8:18:e3:fe:79:62:d7:5d:9d:9c:94:84:39:d0:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 18 00:00:45 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=0482426792bc21d1f71a2a1eca1ee5e28ab38b4dbfac2c3818a51a5f1f79da5e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:db:57:df:02:42:95:e3:94:74:79:ae:d8:4e: 7c:02:1c:7a:17:11:69:81:2e:40:33:ee:fa:9e:4f: bf:35:ed:9b:ad:e4:24:84:5c:52:f6:c6:0b:1f:da: 4f:9c:de:6c:da:26:59:dc:b8:91:af:ce:9a:1f:ca: 65:d2:44:b1:a9:bb:cc:82:e3:72:fa:91:68:3e:0a: 1d:29:06:7e:cb:16:f2:c4:aa:b1:f8:99:ce:3d:46: c8:57:be:4b:5c:6d:20:08:f4:a8:4f:63:0d:b6:eb: fc:3a:8b:44:a7:36:26:89:b6:6b:8f:aa:fc:7e:a0: 60:34:f5:24:bb:b0:16:72:f8:a0:c6:b2:9c:d7:b4: eb:50:3f:db:c3:e4:a4:90:0e:76:1b:5d:50:3a:2f: 89:58:c1:a1:45:84:50:fa:c7:ea:c9:4d:0d:f5:9e: 6a:66:cd:eb:a1:2d:fc:da:b4:63:ff:29:21:f2:0e: c9:82:d1:c1:4f:59:d9:89:79:ff:27:c0:99:10:a6: a6:2f:46:4d:c4:13:a3:9a:e7:b4:97:73:9f:d9:a2: e4:b2:ee:6d:22:85:bd:b7:36:15:71:13:54:fe:22: 71:2e:59:13:fa:14:a8:5a:61:1a:6a:94:4b:49:64: a0:aa:ac:32:dc:0b:85:d2:17:36:4d:08:7c:46:1d: 3d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:57:92:1D:82:0E:D0:10:06:1B:61:6E:3D:83:3E:97:33:68:FB:51 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 9a:71:4e:a8:4f:f7:69:b9:56:bc:51:96:af:f2:ed:f7:83:2b: ea:bc:2d:d2:79:01:74:88:48:0a:bd:24:e4:60:c6:7b:17:bb: 9e:66:e8:f8:dc:a9:d7:c7:c3:38:c3:80:5c:24:e8:67:11:69: 0a:9c:59:3c:04:89:7e:23:0c:48:d6:69:38:14:f0:10:f0:28: f0:2c:b0:ea:09:c1:74:74:3b:8e:60:60:68:ae:74:17:f3:e5: 69:a2:bf:bf:a6:6a:60:c7:ac:01:95:2b:b1:b5:39:68:77:d9: d6:d2:54:cb:83:af:37:64:e6:99:bc:a3:97:48:9a:51:c3:5b: 72:20:2f:90:6f:ae:38:77:4b:ed:21:29:c1:11:40:d8:f5:24: 8a:15:a5:69:c3:9e:12:bf:f7:b3:ab:2c:bb:5d:95:6f:58:d6: 26:76:51:8b:6d:82:ab:9a:2f:61:9b:c9:db:c8:88:f9:02:f2: f1:d4:d3:82:b2:e3:52:88:b9:57:bc:a9:a5:bc:3d:09:21:3b: e3:4c:f7:e4:94:01:c3:51:d3:5c:ae:2b:1d:aa:6b:e8:62:b6: dc:9b:e2:9a:df:66:b7:17:6b:ea:27:31:02:72:20:88:0b:1b: 06:47:c4:4e:52:9d:a7:15:1a:a7:54:dc:ba:6c:7b:b2:c1:f6: aa:a2:e9:8a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUbKT0F3H4GOP+eWLXXZ2clIQ50MQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAxODAwMDA0NVoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAMDQ4MjQyNjc5MmJjMjFkMWY3MWEy YTFlY2ExZWU1ZTI4YWIzOGI0ZGJmYWMyYzM4MThhNTFhNWYxZjc5ZGE1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19tX3wJCleOUdHmu2E58Ahx6FxFp gS5AM+76nk+/Ne2breQkhFxS9sYLH9pPnN5s2iZZ3LiRr86aH8pl0kSxqbvMguNy +pFoPgodKQZ+yxbyxKqx+JnOPUbIV75LXG0gCPSoT2MNtuv8OotEpzYmibZrj6r8 fqBgNPUku7AWcvigxrKc17TrUD/bw+SkkA52G11QOi+JWMGhRYRQ+sfqyU0N9Z5q Zs3roS382rRj/ykh8g7JgtHBT1nZiXn/J8CZEKamL0ZNxBOjmue0l3Of2aLksu5t IoW9tzYVcRNU/iJxLlkT+hSoWmEaapRLSWSgqqwy3AuF0hc2TQh8Rh09KwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNBXkh2CDtAQBhthbj2DPpczaPtRMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2NWY5NzQwLTM4OWYtNDVhYy05NTZlLWI5NmUxOTg4OTMxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jgMA0GCSqGSIb3DQEBCwUAA4IBAQCacU6oT/dpuVa8UZav8u33 gyvqvC3SeQF0iEgKvSTkYMZ7F7ueZuj43KnXx8M4w4BcJOhnEWkKnFk8BIl+IwxI 1mk4FPAQ8CjwLLDqCcF0dDuOYGBornQX8+Vpor+/pmpgx6wBlSuxtTlod9nW0lTL g683ZOaZvKOXSJpRw1tyIC+Qb644d0vtISnBEUDY9SSKFaVpw54Sv/ezqyy7XZVv WNYmdlGLbYKrmi9hm8nbyIj5AvLx1NOCsuNSiLlXvKmlvD0JITvjTPfklAHDUdNc risdqmvoYrbcm+Ka32a3F2vqJzECciCICxsGR8ROUp2nFRqnVNy6bHuywfaqoumK -----END CERTIFICATE-----Generated at Mon Oct 20 18:37:24 2025 by rpki-client