$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: D8bBPQUOCTEk8pdNz92K1MRwyNVwdAT9TarkZGSGScU= Subject key identifier: 3B:67:12:FF:68:49:19:A1:28:32:6D:4E:5C:52:3D:40:55:64:5C:15 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 63CD92F0E0154DBF43A717512240DDE09562CE42 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Fri 24 Oct 2025 00:00:01 +0000 ROA not before: Fri 24 Oct 2025 00:00:01 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:02:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:cd:92:f0:e0:15:4d:bf:43:a7:17:51:22:40:dd:e0:95:62:ce:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 24 00:00:01 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=4725f9125fa66b70880b3efb548358f9b514402c590f19d57ab8f43c0d88b0e1, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:9a:4a:b1:73:23:83:fc:2b:6c:5c:73:ec:87: 52:56:6c:95:9f:21:39:78:b2:88:c6:e8:1b:af:8b: 18:63:9b:86:06:03:9a:2b:6a:6e:de:1f:07:25:68: 71:12:ca:0f:84:8b:30:20:53:cd:6f:9c:c2:ed:7b: b1:81:d1:48:79:41:99:f0:3e:92:0f:75:09:bb:34: af:13:70:b3:15:76:d0:21:df:5f:bc:c1:04:c1:3b: 86:35:26:a9:7b:d1:6d:5c:11:2a:68:09:7c:53:65: d5:55:08:3a:49:76:01:b0:92:94:3d:fd:63:c4:05: b2:a8:62:49:50:49:71:70:5d:29:74:a8:2f:da:15: c6:cb:11:40:2b:ef:3c:6b:23:41:45:fb:7b:32:83: c5:06:8a:a8:15:f2:bc:a8:38:c1:30:07:c6:60:69: 01:e0:3b:47:1e:15:e6:3a:6f:d0:54:96:ed:9b:6c: fa:d9:a6:d2:2f:ac:d6:e2:5c:f4:5d:7e:3e:cc:3a: f7:24:36:60:a8:43:0e:86:a8:57:46:54:c7:01:26: 29:6c:31:c9:ed:04:6e:61:e4:f7:4b:66:27:25:bb: 67:12:e4:2d:e8:8f:1e:8a:5c:e3:e6:25:ed:60:3a: 56:6c:23:63:b2:70:28:29:88:2d:ff:56:29:01:28: 9e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:67:12:FF:68:49:19:A1:28:32:6D:4E:5C:52:3D:40:55:64:5C:15 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 04:48:11:41:c7:0e:ef:ae:2f:ef:eb:23:54:57:03:0e:7c:bd: ba:72:46:e3:ad:14:77:ae:f4:9b:84:28:21:97:50:f0:74:a0: 2e:69:1a:bd:91:26:55:70:72:d3:12:6b:d5:49:65:e3:f8:13: 3c:a1:e5:4c:cf:d6:73:ed:43:bc:f4:32:d2:24:d9:b4:63:ad: 5b:e3:4b:3f:00:3a:12:7d:8d:01:5b:6e:a2:5e:43:2b:39:5d: 07:43:eb:dd:1b:40:66:e5:14:f3:a6:51:5e:ba:20:a5:9e:b4: 37:ad:f6:d6:cf:55:6c:0a:6f:62:b2:48:30:c3:e1:b4:e5:4a: f0:d9:e5:94:5b:ae:50:b7:70:a8:e9:44:9c:f8:20:b8:61:50: 9c:9a:1d:8d:a0:d3:66:21:3d:f4:dd:32:6d:22:56:f7:41:7e: 3c:fa:1e:48:49:cd:2c:7e:86:c6:9f:ea:27:3d:94:47:fa:a1: 8b:17:d3:26:01:f0:a1:cb:2a:5e:6d:a3:99:d9:09:b2:93:b6: 5e:a0:ee:5e:42:a0:d0:cb:de:87:8f:66:be:9c:3e:22:83:59: 52:97:96:d6:2f:19:39:14:9c:5f:d5:30:b1:39:eb:5c:52:f9: 98:d5:2e:5d:41:c2:75:0b:dd:fd:c3:f0:83:11:d1:b8:45:1f: ea:29:27:79 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUY82S8OAVTb9DpxdRIkDd4JVizkIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAyNDAwMDAwMVoX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNANDcyNWY5MTI1ZmE2NmI3MDg4MGIz ZWZiNTQ4MzU4ZjliNTE0NDAyYzU5MGYxOWQ1N2FiOGY0M2MwZDg4YjBlMTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZpKsXMjg/wrbFxz7IdSVmyVnyE5 eLKIxugbr4sYY5uGBgOaK2pu3h8HJWhxEsoPhIswIFPNb5zC7XuxgdFIeUGZ8D6S D3UJuzSvE3CzFXbQId9fvMEEwTuGNSape9FtXBEqaAl8U2XVVQg6SXYBsJKUPf1j xAWyqGJJUElxcF0pdKgv2hXGyxFAK+88ayNBRft7MoPFBoqoFfK8qDjBMAfGYGkB 4DtHHhXmOm/QVJbtm2z62abSL6zW4lz0XX4+zDr3JDZgqEMOhqhXRlTHASYpbDHJ 7QRuYeT3S2YnJbtnEuQt6I8eilzj5iXtYDpWbCNjsnAoKYgt/1YpASieiwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFDtnEv9oSRmhKDJtTlxSPUBVZFwVMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEABEgRQccO764v7+sjVFcD Dny9unJG460Ud670m4QoIZdQ8HSgLmkavZEmVXBy0xJr1Ull4/gTPKHlTM/Wc+1D vPQy0iTZtGOtW+NLPwA6En2NAVtuol5DKzldB0Pr3RtAZuUU86ZRXrogpZ60N632 1s9VbApvYrJIMMPhtOVK8NnllFuuULdwqOlEnPgguGFQnJodjaDTZiE99N0ybSJW 90F+PPoeSEnNLH6Gxp/qJz2UR/qhixfTJgHwocsqXm2jmdkJspO2XqDuXkKg0Mve h49mvpw+IoNZUpeW1i8ZORScX9UwsTnrXFL5mNUuXUHCdQvd/cPwgxHRuEUf6ikn eQ== -----END CERTIFICATE-----Generated at Wed Nov 5 04:13:31 2025 by rpki-client