$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa File: 018dea0d-42eb-4d58-8914-636d25ca3b3c.roa (raw, json) Hash identifier: /hQnYJTXsq3ZsMqeVUTl9+FiENaIpvUWD+3aaaSlhMU= Subject key identifier: F6:99:06:3B:FD:E6:89:97:47:D4:E5:97:5E:DF:EA:58:EA:B8:5E:E3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 676A3F2C09BD69D974A1CD1C7AA895EF871AA025 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa Signing time: Sat 18 Oct 2025 00:00:22 +0000 ROA not before: Sat 18 Oct 2025 00:00:22 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:6a:3f:2c:09:bd:69:d9:74:a1:cd:1c:7a:a8:95:ef:87:1a:a0:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:22 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=8851770ef15859ff46789e2ecdb1c884e4b025b32c9d5e4ec6c333cc9f9a54ef, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:02:42:5d:4d:c4:7f:1f:16:de:fd:31:dd:43: ac:1d:c1:d6:9f:a3:fd:4a:c6:bc:33:5b:e7:62:bf: 3d:45:86:52:0b:1f:84:0b:2d:2b:95:af:8a:d2:88: 9c:14:ac:c9:df:9f:bf:c7:f0:83:ad:71:85:b5:f5: 74:84:bb:db:1a:ec:a8:cd:b3:a8:0c:8c:27:00:3a: 5b:c3:62:7d:86:95:85:b9:2d:69:6c:25:ea:f4:dc: e1:9d:87:f1:b1:f2:18:7d:09:12:87:59:bf:7b:bd: 46:08:37:ca:a2:03:aa:07:9a:aa:34:36:66:a7:a5: 57:53:80:1c:28:af:16:f4:2d:11:55:90:f5:e3:b9: 7e:3e:da:eb:17:72:20:f9:b8:eb:fd:c8:18:fa:0c: d7:95:9a:62:1f:80:66:e7:48:9b:74:0d:1d:23:74: 5b:33:6f:62:11:95:cb:0d:7a:69:3f:02:62:b1:a4: 5f:7a:11:88:cb:47:29:94:05:42:39:40:99:a9:b7: 94:a2:27:1c:8d:a3:c7:67:7a:43:f5:b5:66:82:49: a8:13:72:fc:68:dc:07:f7:b4:08:92:e6:bc:c8:9a: 9c:69:06:ab:d6:9a:bc:ea:b3:58:4c:09:10:6b:c9: a8:10:c2:b9:bf:bd:32:1b:09:87:26:a7:f4:6b:b7: 14:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:99:06:3B:FD:E6:89:97:47:D4:E5:97:5E:DF:EA:58:EA:B8:5E:E3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:800::/38 Signature Algorithm: sha256WithRSAEncryption 2f:11:e2:9f:14:5f:ce:89:38:2d:57:ca:3d:2f:cb:f6:7d:21: d6:21:8d:c0:eb:2b:e2:61:2e:fb:3c:20:99:b7:a1:d7:ae:dc: 09:7d:e7:b5:26:5f:5c:be:45:d4:79:6a:fe:d0:a5:6a:7f:75: ac:d4:f4:2e:8e:f1:06:87:42:8f:bf:c7:31:82:df:cf:14:76: fb:51:5d:d0:14:b7:48:79:c4:d8:d2:9a:a4:21:22:7e:10:df: 18:cf:1a:57:c8:42:64:17:0a:dc:16:87:6e:d9:7d:48:54:60: d7:b4:ba:b6:e7:a1:1d:6b:07:70:8e:3b:d7:91:cf:f0:eb:bb: 76:28:fb:04:e9:00:25:5d:19:23:8d:f3:fb:af:61:16:35:b8: 3a:08:f7:03:dc:3e:81:c5:ac:01:21:68:28:70:68:cd:a1:ab: 3b:27:93:26:67:f2:58:bd:1a:26:87:0f:ab:ec:3e:7b:28:43: ac:c1:83:62:a2:26:6e:f5:cf:9e:d5:37:4e:9c:c0:bd:65:84: fc:0c:f7:fd:9d:8e:6b:c2:45:40:e7:71:17:1e:19:95:3e:64: a3:c8:61:41:91:0d:19:a9:b7:4a:c1:b6:42:ac:92:16:3f:15: 39:f6:78:c5:55:0f:ca:73:ca:7f:00:e4:7d:37:a1:86:83:4c: e5:f8:74:05 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ2o/LAm9adl0oc0ceqiV74caoCUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyMloX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAODg1MTc3MGVmMTU4NTlmZjQ2Nzg5 ZTJlY2RiMWM4ODRlNGIwMjViMzJjOWQ1ZTRlYzZjMzMzY2M5ZjlhNTRlZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AJCXU3Efx8W3v0x3UOsHcHWn6P9 Ssa8M1vnYr89RYZSCx+ECy0rla+K0oicFKzJ35+/x/CDrXGFtfV0hLvbGuyozbOo DIwnADpbw2J9hpWFuS1pbCXq9NzhnYfxsfIYfQkSh1m/e71GCDfKogOqB5qqNDZm p6VXU4AcKK8W9C0RVZD147l+PtrrF3Ig+bjr/cgY+gzXlZpiH4Bm50ibdA0dI3Rb M29iEZXLDXppPwJisaRfehGIy0cplAVCOUCZqbeUoiccjaPHZ3pD9bVmgkmoE3L8 aNwH97QIkua8yJqcaQar1pq86rNYTAkQa8moEMK5v70yGwmHJqf0a7cUewIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPaZBjv95omXR9Tll17f6ljquF7jMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzAxOGRlYTBkLTQyZWItNGQ1OC04OTE0LTYzNmQyNWNhM2IzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAgwDQYJKoZIhvcNAQELBQADggEBAC8R4p8UX86JOC1Xyj0v y/Z9IdYhjcDrK+JhLvs8IJm3odeu3Al957UmX1y+RdR5av7QpWp/dazU9C6O8QaH Qo+/xzGC388UdvtRXdAUt0h5xNjSmqQhIn4Q3xjPGlfIQmQXCtwWh27ZfUhUYNe0 urbnoR1rB3COO9eRz/Dru3Yo+wTpACVdGSON8/uvYRY1uDoI9wPcPoHFrAEhaChw aM2hqzsnkyZn8li9GiaHD6vsPnsoQ6zBg2KiJm71z57VN06cwL1lhPwM9/2djmvC RUDncRceGZU+ZKPIYUGRDRmpt0rBtkKskhY/FTn2eMVVD8pzyn8A5H03oYaDTOX4 dAU= -----END CERTIFICATE-----Generated at Mon Oct 20 18:00:17 2025 by rpki-client