$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: oIWzjZ0fOrFIxmtoGIo39Ts2SGlH615lIsgzWqJGHm4= Subject key identifier: D6:F5:51:44:3D:E1:D7:D4:85:E4:3D:F1:64:C9:A8:AE:E9:76:D8:01 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5EFE4C1FEFB44D8C3809366B023ACF3338E967F5 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Wed 29 Oct 2025 00:10:04 +0000 ROA not before: Wed 29 Oct 2025 00:10:04 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:fe:4c:1f:ef:b4:4d:8c:38:09:36:6b:02:3a:cf:33:38:e9:67:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 29 00:10:04 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=00e440cd563a73b2a3cf456c2e462535719f3513b95782244b06bce9a7733621, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:dc:bb:e4:18:b4:a9:56:62:d9:bf:a6:59:66: d8:04:85:14:aa:9f:a1:0f:0e:ea:a5:d8:6f:c8:a4: 4c:d3:54:86:58:77:a2:c9:3a:5a:b5:25:f7:a7:2c: 70:8b:3e:e3:52:38:3e:f3:90:e3:b2:e6:b7:c5:37: 1e:e9:52:32:22:dd:94:55:7f:82:d6:a0:fb:15:2b: c9:9e:cd:9b:44:c1:e2:1e:fd:94:a9:52:a2:8a:18: 34:cd:5d:16:2d:89:81:66:83:6a:92:37:68:24:eb: fa:9f:c2:a5:19:d9:a3:b4:c4:ab:75:e0:91:b5:09: 0e:54:55:11:58:1a:66:89:f0:44:a8:61:fd:89:16: 20:94:93:a8:05:bb:5b:66:0f:24:83:7f:6f:4a:89: 1d:57:20:14:33:60:93:7c:b9:61:d7:57:5b:7e:46: 8e:94:18:62:58:59:27:42:ee:66:60:bc:06:69:c9: a7:93:1a:ea:e7:9b:62:d4:38:e0:92:df:76:2a:2c: 38:51:2b:ca:81:ad:2b:88:4a:c8:f1:01:33:df:0a: fe:b7:8f:98:7e:f5:64:19:7c:0b:c0:a9:74:88:31: a7:b3:bc:81:84:ba:57:f3:99:df:e2:ca:93:b3:eb: 5f:5e:60:4c:80:0d:aa:91:72:80:21:d4:dc:0a:2f: 88:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:F5:51:44:3D:E1:D7:D4:85:E4:3D:F1:64:C9:A8:AE:E9:76:D8:01 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 17:ff:95:b1:72:02:08:87:ba:67:a4:1d:41:4e:8d:78:25:0d: db:65:39:12:22:e1:cf:80:42:75:76:ca:ab:ea:81:5e:29:0d: c9:c3:af:a4:b5:02:21:60:3c:54:a3:9b:01:7a:6d:b2:b7:3e: 1f:f9:8f:d6:8f:2e:f8:f7:84:6f:65:b1:d6:b2:55:75:6e:a3: 2d:05:c7:83:5f:aa:db:bf:df:f6:fa:85:78:87:8e:86:60:57: cd:de:4b:81:a1:51:ec:ea:b7:38:e7:36:98:38:bd:df:59:d7: bc:4d:9c:45:61:ce:27:70:2a:8d:42:87:39:80:14:d7:9c:e7: e8:56:ca:64:e8:3f:56:ce:40:82:94:13:ee:1d:f7:86:dc:07: ca:60:57:16:89:fc:f0:ad:58:8d:5b:b4:6e:d6:d5:f2:02:ef: 83:e8:4f:4d:bf:e3:20:17:03:b9:ab:d7:43:df:1f:04:e6:c5: ec:f6:9f:91:c4:8f:81:d8:5d:c0:37:71:a6:c5:50:56:f6:b8: 6f:cd:e0:2a:15:0d:61:85:c8:3d:d7:62:96:ed:3b:97:96:5a: f0:fb:d4:90:22:a9:45:37:07:7d:54:c5:4c:41:5b:f8:ad:14: d1:47:75:b9:97:89:80:f7:00:d0:23:0a:64:7a:b0:dd:82:46: 76:8a:70:ff -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXv5MH++0TYw4CTZrAjrPMzjpZ/UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAyOTAwMTAwNFoX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAMDBlNDQwY2Q1NjNhNzNiMmEzY2Y0 NTZjMmU0NjI1MzU3MTlmMzUxM2I5NTc4MjI0NGIwNmJjZTlhNzczMzYyMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdy75Bi0qVZi2b+mWWbYBIUUqp+h Dw7qpdhvyKRM01SGWHeiyTpatSX3pyxwiz7jUjg+85Djsua3xTce6VIyIt2UVX+C 1qD7FSvJns2bRMHiHv2UqVKiihg0zV0WLYmBZoNqkjdoJOv6n8KlGdmjtMSrdeCR tQkOVFURWBpmifBEqGH9iRYglJOoBbtbZg8kg39vSokdVyAUM2CTfLlh11dbfkaO lBhiWFknQu5mYLwGacmnkxrq55ti1Djgkt92Kiw4USvKga0riErI8QEz3wr+t4+Y fvVkGXwLwKl0iDGns7yBhLpX85nf4sqTs+tfXmBMgA2qkXKAIdTcCi+IrwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNb1UUQ94dfUheQ98WTJqK7pdtgBMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQAX/5WxcgIIh7pnpB1BTo14 JQ3bZTkSIuHPgEJ1dsqr6oFeKQ3Jw6+ktQIhYDxUo5sBem2ytz4f+Y/Wjy7494Rv ZbHWslV1bqMtBceDX6rbv9/2+oV4h46GYFfN3kuBoVHs6rc45zaYOL3fWde8TZxF Yc4ncCqNQoc5gBTXnOfoVspk6D9WzkCClBPuHfeG3AfKYFcWifzwrViNW7Ru1tXy Au+D6E9Nv+MgFwO5q9dD3x8E5sXs9p+RxI+B2F3AN3GmxVBW9rhvzeAqFQ1hhcg9 12KW7TuXllrw+9SQIqlFNwd9VMVMQVv4rRTRR3W5l4mA9wDQIwpkerDdgkZ2inD/ -----END CERTIFICATE-----Generated at Wed Nov 5 12:20:05 2025 by rpki-client