$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa File: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (raw, json) Hash identifier: orzuAvwA0tXGSbVd44tpHtx/sQmjzy5GEpUYNIU4BYE= Subject key identifier: 50:82:10:9E:FA:D6:76:6B:89:BB:6C:EC:B3:E3:22:25:11:D1:64:39 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 6FF149E9C1D15F57E83343DB503432189F087774 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa Signing time: Mon 29 Sep 2025 15:00:29 +0000 ROA not before: Mon 29 Sep 2025 15:00:29 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:f1:49:e9:c1:d1:5f:57:e8:33:43:db:50:34:32:18:9f:08:77:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 29 15:00:29 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=4b78133dc4f74c7e982ad0f9f408d83d8440cb31d26e03dcb1d6d07fbe9ddb93, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:40:13:ca:c2:bc:78:50:c2:fe:ea:63:06:de: 59:ea:1b:7c:e6:1c:9e:eb:0b:a5:d0:a4:54:98:eb: 4b:93:72:68:28:99:94:3a:4a:b8:63:47:d0:d3:af: 24:4a:30:34:c0:58:ed:11:7e:4b:c4:29:90:d8:af: 50:e9:34:be:37:63:25:bc:02:6f:6c:8a:c6:bd:2e: 58:4c:e4:bc:d7:f7:2d:e9:09:cb:e2:cb:74:51:d5: 16:1b:38:44:44:dd:b9:12:a6:75:f6:b9:b7:12:c6: a0:f9:0c:0a:ee:fe:4b:1b:11:66:f9:2a:54:b8:b7: 18:ce:51:f6:5e:5e:0f:57:f8:dc:6a:ba:d9:3a:5b: f1:93:45:80:a5:18:3d:f3:ff:73:7b:3b:ae:a2:e8: 3e:76:27:73:29:55:b4:3d:2b:bd:5e:fc:1e:75:48: a3:ea:c7:e4:7b:a7:53:e3:5b:44:01:96:73:6d:c7: a3:c1:20:1a:86:4b:98:2d:f7:b6:54:9e:25:31:f2: 48:ed:bb:85:c4:7d:de:5a:df:58:4a:3c:c0:cb:02: 30:0c:4e:ca:0d:d7:26:8b:27:cc:30:9a:e5:8a:12: c9:e6:4f:1a:24:17:27:f9:27:d8:8c:8e:98:ef:c5: 07:94:be:71:c2:85:65:cf:3a:0d:fc:fe:02:fa:ea: bf:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:82:10:9E:FA:D6:76:6B:89:BB:6C:EC:B3:E3:22:25:11:D1:64:39 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300::/32 Signature Algorithm: sha256WithRSAEncryption 8c:f3:e7:a0:c9:18:8d:fa:d3:03:77:98:bc:19:87:d4:7a:f2: 6b:58:1b:6e:65:03:0b:c6:b6:81:62:14:8d:e7:d2:06:aa:31: 3d:37:ee:e5:8b:95:4d:f6:a6:f3:00:93:ef:9d:f2:41:1a:f7: 9b:c8:94:31:5e:d9:b6:c1:bb:e3:3a:4e:1d:62:3e:f4:a2:f3: 27:b6:bf:13:cf:4a:80:10:8c:c1:4b:b2:00:87:b9:ed:60:95: 66:79:bb:de:77:c1:fc:d1:f6:3f:f1:00:bb:17:43:19:64:d1: f6:04:81:5e:ca:82:10:c1:57:ef:21:87:4c:b6:e4:01:60:fa: 86:31:3e:60:27:29:be:f5:51:7e:2e:a3:e3:11:55:36:7e:7c: 7c:f4:e1:ba:2f:e7:b3:ea:83:9e:4c:60:44:45:e4:9c:4f:c8: 16:65:eb:1f:36:43:1f:45:1e:74:b6:e8:92:d5:cb:6f:b5:73: 9f:47:05:59:a3:d9:a5:7c:3f:48:bb:30:73:aa:5d:5d:4e:05: a3:91:56:fc:e4:ef:6c:d4:2d:aa:c6:9f:4b:de:eb:d5:3b:61: cb:fe:a4:a1:42:35:e5:66:c5:c7:57:ea:8d:15:3f:47:42:df: de:df:d2:5d:70:51:f1:91:6b:85:65:fb:c1:e5:30:3a:8f:66: e8:31:38:58 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUb/FJ6cHRX1foM0PbUDQyGJ8Id3QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDkyOTE1MDAyOVoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNANGI3ODEzM2RjNGY3NGM3ZTk4MmFk MGY5ZjQwOGQ4M2Q4NDQwY2IzMWQyNmUwM2RjYjFkNmQwN2ZiZTlkZGI5MzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikATysK8eFDC/upjBt5Z6ht85hye 6wul0KRUmOtLk3JoKJmUOkq4Y0fQ068kSjA0wFjtEX5LxCmQ2K9Q6TS+N2MlvAJv bIrGvS5YTOS81/ct6QnL4st0UdUWGzhERN25EqZ19rm3Esag+QwK7v5LGxFm+SpU uLcYzlH2Xl4PV/jcarrZOlvxk0WApRg98/9zezuuoug+didzKVW0PSu9XvwedUij 6sfke6dT41tEAZZzbcejwSAahkuYLfe2VJ4lMfJI7buFxH3eWt9YSjzAywIwDE7K DdcmiyfMMJrlihLJ5k8aJBcn+SfYjI6Y78UHlL5xwoVlzzoN/P4C+uq/jwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFFCCEJ761nZribts7LPjIiUR0WQ5MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2NjMmY3MDkzLTIxYTYtNDAwZi05ZGIxLTkzYzJmZTAyYmMxYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEAjPPnoMkYjfrTA3eYvBmH 1Hrya1gbbmUDC8a2gWIUjefSBqoxPTfu5YuVTfam8wCT753yQRr3m8iUMV7ZtsG7 4zpOHWI+9KLzJ7a/E89KgBCMwUuyAIe57WCVZnm73nfB/NH2P/EAuxdDGWTR9gSB XsqCEMFX7yGHTLbkAWD6hjE+YCcpvvVRfi6j4xFVNn58fPThui/ns+qDnkxgREXk nE/IFmXrHzZDH0UedLboktXLb7Vzn0cFWaPZpXw/SLswc6pdXU4Fo5FW/OTvbNQt qsafS97r1Tthy/6koUI15WbFx1fqjRU/R0Lf3t/SXXBR8ZFrhWX7weUwOo9m6DE4 WA== -----END CERTIFICATE-----Generated at Mon Oct 20 07:27:41 2025 by rpki-client