$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: k8FI6kmGXsYH0fRLiZDflLJ3GLnpPUiKGqnxk/3nCkI= Subject key identifier: 88:6F:A3:46:36:5E:9D:C3:45:59:07:B4:68:11:92:4E:7B:7B:AF:3D Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2EDBA6E02A271A6C5ECCD4C0584D22BF776415EF Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Mon 29 Sep 2025 15:00:04 +0000 ROA not before: Mon 29 Sep 2025 15:00:04 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:db:a6:e0:2a:27:1a:6c:5e:cc:d4:c0:58:4d:22:bf:77:64:15:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Sep 29 15:00:04 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=6530dc935598a6444fb01b19d83bf27e6a2223460d20c76d894a5b7bda9d84a3, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:ff:75:73:ea:98:9e:1e:35:70:af:f1:2b:68: 94:91:f7:c0:24:2f:96:69:40:43:a4:ba:46:3b:4f: 4e:98:81:3d:79:11:b5:53:61:61:18:67:2a:9b:05: b1:b0:4d:d9:07:06:2e:1d:92:52:a3:bd:8d:e3:2e: 12:5c:ef:3d:20:f3:c1:56:4b:6b:ca:88:dd:6d:d4: ab:7b:c7:18:10:ad:13:05:a6:9f:19:2d:a3:c8:01: af:3a:2a:4e:b3:ee:a3:b6:46:87:c5:77:ec:1f:08: 26:f6:a1:a8:3f:0f:74:b8:65:00:d9:02:d5:a4:3e: db:91:54:fe:d5:1d:fc:68:53:b0:7b:fe:99:aa:ca: 3c:33:c7:4b:96:57:de:3c:9e:da:85:e2:8a:53:13: 5a:0c:5b:4e:e5:a7:24:92:59:c8:e4:04:de:0b:f3: b0:a5:47:e9:01:ac:44:06:47:4d:d2:79:cd:a8:88: 08:47:fa:33:36:27:6d:df:ec:e4:3a:e0:2c:5f:7c: 89:98:33:df:32:42:4c:db:0a:04:d3:b0:ee:10:e3: 5a:c3:d2:6a:16:5a:3b:6e:ae:4b:8c:43:fa:86:d0: 13:20:4e:de:40:cc:9d:7f:c9:e7:ad:9c:de:99:aa: e1:62:61:74:38:ed:91:01:a7:ab:eb:4e:0d:ee:9f: b8:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:6F:A3:46:36:5E:9D:C3:45:59:07:B4:68:11:92:4E:7B:7B:AF:3D X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 2c:68:a2:d6:d2:40:63:14:c0:c1:cc:8c:d9:24:7d:cb:06:ab: ff:cc:a5:73:42:69:1a:b7:f7:41:7b:2e:2b:b9:96:53:5f:dd: 79:6b:4f:ea:93:5b:61:bc:f8:0c:5e:c3:44:2f:a7:ad:ac:7c: 93:7a:37:32:90:0f:e6:7d:c6:61:26:d1:f7:b6:f2:12:c9:56: 1f:45:41:bb:a3:f9:bb:b5:87:e7:48:9e:5c:e9:bb:88:41:69: 89:fa:8d:46:9f:23:5e:44:d1:d4:ba:22:7c:d7:be:76:3c:35: 15:a8:aa:62:85:ed:35:25:17:0c:cd:96:20:f6:54:37:e6:e9: 0b:27:e6:01:fb:db:8f:46:12:5e:3e:87:00:2d:08:1e:a8:16: 9c:b0:a7:d3:c2:50:9d:8b:dc:fe:a5:24:79:8a:89:19:eb:20: e0:99:6f:fc:d2:17:e2:cd:20:9b:50:46:52:14:14:07:f7:0e: 52:1e:23:41:fe:d4:75:46:06:b2:cf:1a:69:b5:9f:37:fc:5d: 5e:e6:ee:6a:26:3f:27:75:e2:00:ea:24:6e:21:07:59:52:25: 0c:cd:58:b9:e7:f0:e7:e5:c7:07:87:63:02:ef:ee:34:51:5f: e6:3a:5c:4b:2e:53:5b:35:2b:b4:8c:40:17:2b:82:e1:0a:51: 5d:d9:16:4d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULtum4ConGmxezNTAWE0iv3dkFe8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDkyOTE1MDAwNFoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNANjUzMGRjOTM1NTk4YTY0NDRmYjAx YjE5ZDgzYmYyN2U2YTIyMjM0NjBkMjBjNzZkODk0YTViN2JkYTlkODRhMzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP91c+qYnh41cK/xK2iUkffAJC+W aUBDpLpGO09OmIE9eRG1U2FhGGcqmwWxsE3ZBwYuHZJSo72N4y4SXO89IPPBVktr yojdbdSre8cYEK0TBaafGS2jyAGvOipOs+6jtkaHxXfsHwgm9qGoPw90uGUA2QLV pD7bkVT+1R38aFOwe/6Zqso8M8dLllfePJ7aheKKUxNaDFtO5ackklnI5ATeC/Ow pUfpAaxEBkdN0nnNqIgIR/ozNidt3+zkOuAsX3yJmDPfMkJM2woE07DuEONaw9Jq Flo7bq5LjEP6htATIE7eQMydf8nnrZzemarhYmF0OO2RAaer604N7p+43wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIhvo0Y2Xp3DRVkHtGgRkk57e689MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAsaKLW0kBjFMDBzIzZ JH3LBqv/zKVzQmkat/dBey4ruZZTX915a0/qk1thvPgMXsNEL6etrHyTejcykA/m fcZhJtH3tvISyVYfRUG7o/m7tYfnSJ5c6buIQWmJ+o1GnyNeRNHUuiJ81752PDUV qKpihe01JRcMzZYg9lQ35ukLJ+YB+9uPRhJePocALQgeqBacsKfTwlCdi9z+pSR5 iokZ6yDgmW/80hfizSCbUEZSFBQH9w5SHiNB/tR1RgayzxpptZ83/F1e5u5qJj8n deIA6iRuIQdZUiUMzVi55/Dn5ccHh2MC7+40UV/mOlxLLlNbNSu0jEAXK4LhClFd 2RZN -----END CERTIFICATE-----Generated at Mon Oct 20 12:36:18 2025 by rpki-client