$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa File: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (raw, json) Hash identifier: YWCFEoQJdKZwxxiiaZDGsmtfIPNCHJy0waaA5H0NDrQ= Subject key identifier: 83:0B:88:E9:91:DD:B0:FB:F7:64:83:B9:13:CF:A2:24:90:43:00:40 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 0248CDB959FCF28858511851B87165829D6691AB Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa Signing time: Mon 29 Sep 2025 15:00:10 +0000 ROA not before: Mon 29 Sep 2025 15:00:10 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:48:cd:b9:59:fc:f2:88:58:51:18:51:b8:71:65:82:9d:66:91:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Sep 29 15:00:10 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=f10c5383140e23ec1601076e99171a0c09074cb24d5e034c7d27174be1b382e5, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:92:19:dd:47:8d:9e:72:26:71:64:94:8c:ed: a0:d7:8f:ab:fd:78:4d:1c:11:da:98:6b:b9:1f:f7: 50:12:4c:c9:f1:b6:20:69:66:de:41:d0:b4:29:55: 0c:a1:e8:05:db:c4:6b:90:49:f5:1c:49:8c:0e:75: 5d:f3:cd:4b:bb:97:22:e9:a0:0a:2a:0b:da:6f:85: 36:e0:ec:52:7f:99:e0:ef:9e:8f:44:1b:c0:c7:53: 57:d8:7f:9c:e1:7f:ef:4a:f2:50:a5:6f:11:d8:63: 78:be:1b:5f:cf:1f:2f:4b:ba:39:a5:f2:f5:b5:3f: c7:cc:a3:fb:70:05:1f:27:fb:b4:4d:3c:bf:c2:d9: ac:0b:10:f6:b5:ab:bf:9e:e9:ee:c9:19:76:04:72: 43:97:60:c3:29:66:12:71:02:42:64:94:98:28:5f: 12:75:6f:7a:cb:e5:56:ef:30:bc:5e:1b:11:eb:1a: 73:5c:ff:c3:fe:69:e0:78:81:59:a7:c4:49:b8:d0: 8b:9b:a4:40:9b:61:8c:f8:64:95:db:02:50:d6:b4: 64:26:e1:84:50:7e:e4:9d:e8:c6:b7:4b:5d:65:94: b1:da:92:b6:9d:33:5b:47:21:3a:15:42:26:2b:8c: 38:27:d3:d8:07:8c:aa:a7:9f:37:4a:13:0a:be:32: a0:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:0B:88:E9:91:DD:B0:FB:F7:64:83:B9:13:CF:A2:24:90:43:00:40 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 19:69:ee:45:31:37:91:3f:97:61:1b:ab:2f:90:84:ff:a4:4a: 0f:7f:f6:c5:ed:eb:08:f0:57:8a:6f:47:bd:eb:48:09:d3:fa: 19:db:3c:09:da:e0:0a:5d:71:23:7a:35:1d:9b:ca:32:be:7d: 2f:32:a4:3c:74:a2:0f:c9:fa:f0:e1:6b:a9:f2:e4:a4:19:5d: d8:eb:93:9f:b1:5b:58:75:ee:bc:db:d4:50:34:66:85:cd:15: 25:0c:5f:8f:61:9b:9e:d1:c2:69:3f:59:08:ee:44:dd:2c:5f: c5:e8:5b:cc:74:e0:ad:26:d9:9b:81:8e:9b:b4:37:3d:93:84: d7:ac:50:bc:9a:87:a6:59:25:c9:df:4f:40:d4:e1:ac:08:81: da:18:82:2f:e4:bc:15:1c:df:df:16:b6:a1:45:b5:6f:d2:ac: 21:28:b2:c8:3e:ed:d7:99:7d:24:e6:bf:08:b6:e0:d5:ee:14: 67:92:b2:40:75:e1:37:e4:24:fe:81:29:6a:9b:c2:f8:2b:95: dc:a6:f9:28:91:bd:f8:9a:9b:ea:1d:a0:02:03:17:a4:00:38: 2c:dd:05:7e:0a:46:7e:fa:6c:40:c3:33:b9:d3:78:41:d0:1b: f0:b5:b6:34:11:1c:fa:2a:0d:bf:c9:7f:3a:4d:57:20:13:fe: 02:32:b6:78 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAkjNuVn88ohYURhRuHFlgp1mkaswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDkyOTE1MDAxMFoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNAZjEwYzUzODMxNDBlMjNlYzE2MDEw NzZlOTkxNzFhMGMwOTA3NGNiMjRkNWUwMzRjN2QyNzE3NGJlMWIzODJlNTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZIZ3UeNnnImcWSUjO2g14+r/XhN HBHamGu5H/dQEkzJ8bYgaWbeQdC0KVUMoegF28RrkEn1HEmMDnVd881Lu5ci6aAK Kgvab4U24OxSf5ng756PRBvAx1NX2H+c4X/vSvJQpW8R2GN4vhtfzx8vS7o5pfL1 tT/HzKP7cAUfJ/u0TTy/wtmsCxD2tau/nunuyRl2BHJDl2DDKWYScQJCZJSYKF8S dW96y+VW7zC8XhsR6xpzXP/D/mngeIFZp8RJuNCLm6RAm2GM+GSV2wJQ1rRkJuGE UH7knejGt0tdZZSx2pK2nTNbRyE6FUImK4w4J9PYB4yqp583ShMKvjKgWwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIMLiOmR3bD792SDuRPPoiSQQwBAMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2ZjZDZhZGFiLTA2ZjAtNDY3Ni05NTY4LTZkNGQ0OGY3NjU4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAZae5FMTeRP5dhG6sv kIT/pEoPf/bF7esI8FeKb0e960gJ0/oZ2zwJ2uAKXXEjejUdm8oyvn0vMqQ8dKIP yfrw4Wup8uSkGV3Y65OfsVtYde6829RQNGaFzRUlDF+PYZue0cJpP1kI7kTdLF/F 6FvMdOCtJtmbgY6btDc9k4TXrFC8moemWSXJ309A1OGsCIHaGIIv5LwVHN/fFrah RbVv0qwhKLLIPu3XmX0k5r8ItuDV7hRnkrJAdeE35CT+gSlqm8L4K5Xcpvkokb34 mpvqHaACAxekADgs3QV+CkZ++mxAwzO503hB0BvwtbY0ERz6Kg2/yX86TVcgE/4C MrZ4 -----END CERTIFICATE-----Generated at Mon Oct 20 05:03:09 2025 by rpki-client