$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: +T6/QoiHGI2LZYOvScLYFN2i5jk3J26Zu5EdCaAiiSk= Subject key identifier: E9:A8:2D:B1:37:CC:C7:E4:BD:A7:C1:1E:7D:EF:D2:55:C4:C3:16:81 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 1A287808D544F4D3CD88DDBB52B33C6DA4653381 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Mon 29 Sep 2025 15:00:05 +0000 ROA not before: Mon 29 Sep 2025 15:00:05 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:28:78:08:d5:44:f4:d3:cd:88:dd:bb:52:b3:3c:6d:a4:65:33:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Sep 29 15:00:05 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=56b9ef5243d14929cc6a97a3c562f5e6663b9c66d2540f8bd80100dc0dd8f442, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c0:98:fb:cf:3c:f1:6a:eb:8f:aa:35:d9:2a: 44:a3:13:ee:3d:8e:1d:a3:33:06:72:c3:48:62:ab: da:a9:1a:2a:f5:2a:cd:eb:8c:eb:d5:ac:76:f7:77: f1:07:f5:8f:b4:c7:fc:73:ba:4f:b3:4d:68:ad:74: ad:67:be:ac:1f:3c:68:a5:6b:cc:bf:1e:6c:93:16: 51:ef:04:85:c9:64:19:d8:76:72:ce:48:86:3d:1c: 65:12:de:57:60:84:f3:9c:b1:c4:b5:81:4c:79:ed: f6:a6:75:b4:7a:c5:84:4c:ed:2b:8e:90:7b:02:f8: 8a:bf:78:23:68:30:a3:b0:4b:d7:b4:44:c6:f6:aa: e1:e8:22:f0:56:a0:8f:80:0b:cc:21:74:bf:84:8b: bd:64:ce:5c:d5:7b:89:0c:70:8f:5c:54:ae:63:78: 78:d0:d1:28:d1:64:46:14:3d:59:9e:3e:6f:39:f4: ff:4c:dc:3e:ef:d2:a9:cf:09:d6:78:5a:39:dc:08: da:02:f9:cf:5f:19:e8:98:00:e8:7d:b2:fb:ed:97: 4e:86:83:c1:4e:13:8d:6d:05:ed:c4:d4:9d:09:81: 93:b1:15:a9:01:00:bb:f1:81:9f:1f:15:16:c3:41: 03:89:a9:f3:47:40:b4:56:ff:2a:9b:7d:35:a1:37: 8f:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:A8:2D:B1:37:CC:C7:E4:BD:A7:C1:1E:7D:EF:D2:55:C4:C3:16:81 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 63:d5:52:38:db:77:e8:c4:19:0f:6e:36:4c:d3:17:99:23:e7: 1b:a6:69:76:82:d3:2e:b6:7b:c8:95:2a:4b:24:46:8d:82:af: 16:34:c2:97:e5:c4:c9:40:97:a8:d2:d1:14:fd:81:25:a0:60: a0:fc:bd:48:be:c4:87:68:cb:4c:bb:7d:b2:0a:f2:bc:4e:dc: e3:81:a4:40:57:f0:86:ea:38:e7:4c:6e:1f:58:44:23:17:06: e7:18:52:50:93:bb:1e:7d:c3:48:ae:b3:67:b1:a7:77:10:01: af:2c:bc:0f:ca:0e:e9:aa:39:c6:cd:42:85:9f:b4:81:01:fd: ec:11:30:06:64:72:f8:85:fd:42:f4:7c:dc:70:eb:64:6f:50: 21:c7:7f:5e:3d:19:c9:a6:13:16:c0:b0:bd:5b:a0:61:0c:32: 25:de:7d:5f:c3:8d:c5:d3:34:d5:af:76:f5:72:39:50:38:04: 9b:fb:dc:c0:ee:68:b2:55:32:7e:69:5b:a3:57:46:ea:62:e9: 19:0f:c6:22:0d:40:16:67:9d:a9:45:72:a2:d6:ac:c7:14:22: 74:00:b7:ea:18:a0:91:f5:00:c3:8f:6b:ee:6f:2d:25:61:31: 3c:76:f7:96:2b:d9:dd:17:ee:1c:e3:1e:29:f7:92:fa:2d:03: bf:56:80:d3 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUGih4CNVE9NPNiN27UrM8baRlM4EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDkyOTE1MDAwNVoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNANTZiOWVmNTI0M2QxNDkyOWNjNmE5 N2EzYzU2MmY1ZTY2NjNiOWM2NmQyNTQwZjhiZDgwMTAwZGMwZGQ4ZjQ0MjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsCY+8888Wrrj6o12SpEoxPuPY4d ozMGcsNIYqvaqRoq9SrN64zr1ax293fxB/WPtMf8c7pPs01orXStZ76sHzxopWvM vx5skxZR7wSFyWQZ2HZyzkiGPRxlEt5XYITznLHEtYFMee32pnW0esWETO0rjpB7 AviKv3gjaDCjsEvXtETG9qrh6CLwVqCPgAvMIXS/hIu9ZM5c1XuJDHCPXFSuY3h4 0NEo0WRGFD1Znj5vOfT/TNw+79KpzwnWeFo53AjaAvnPXxnomADofbL77ZdOhoPB ThONbQXtxNSdCYGTsRWpAQC78YGfHxUWw0EDianzR0C0Vv8qm301oTePswIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFOmoLbE3zMfkvafBHn3v0lXEwxaBMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAY9VSONt36MQZD242TNMX mSPnG6ZpdoLTLrZ7yJUqSyRGjYKvFjTCl+XEyUCXqNLRFP2BJaBgoPy9SL7Eh2jL TLt9sgryvE7c44GkQFfwhuo450xuH1hEIxcG5xhSUJO7Hn3DSK6zZ7GndxABryy8 D8oO6ao5xs1ChZ+0gQH97BEwBmRy+IX9QvR83HDrZG9QIcd/Xj0ZyaYTFsCwvVug YQwyJd59X8ONxdM01a929XI5UDgEm/vcwO5oslUyfmlbo1dG6mLpGQ/GIg1AFmed qUVyotasxxQidAC36higkfUAw49r7m8tJWExPHb3livZ3RfuHOMeKfeS+i0Dv1aA 0w== -----END CERTIFICATE-----Generated at Mon Oct 20 07:21:34 2025 by rpki-client