$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa File: 2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa (raw, json) Hash identifier: wFii3oIr05kgKmZVhuQ/WEuTIctc4Hw9Pkn6l6L7xP8= Subject key identifier: D5:B9:F1:03:91:AA:1E:6C:D3:98:86:8F:34:D0:87:F5:5A:7E:0D:2F Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 23A7D89ADFFA13D7416A027CA6C732726F31B71D Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa Signing time: Fri 17 Oct 2025 00:10:03 +0000 ROA not before: Fri 17 Oct 2025 00:10:03 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:a7:d8:9a:df:fa:13:d7:41:6a:02:7c:a6:c7:32:72:6f:31:b7:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 17 00:10:03 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=736484030f1b49bd5fc1017babe61c27d9d09440777b4863224aaaacf44245df, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:48:13:4d:49:dd:55:2d:7e:fb:78:15:ba:77: 8b:30:3d:ae:55:22:80:cd:f5:92:6e:0c:44:cb:02: 93:11:59:f2:4c:67:88:82:ed:5b:08:23:6c:91:4d: d0:5c:2f:f6:a1:5e:8a:ee:4d:42:fe:9c:f3:c2:40: e4:fe:e1:9e:db:8c:42:c0:1a:b1:59:74:03:5b:c8: 80:c1:98:67:45:48:df:48:1c:5e:c3:b6:5f:fa:da: 19:3e:25:9a:62:54:c1:97:2a:94:77:40:00:1a:64: 96:05:db:ec:eb:42:99:92:a6:6f:43:82:ec:a5:64: 5e:9a:00:be:57:fa:0f:ce:e0:94:67:ae:57:ae:8f: 16:33:f0:23:b1:50:07:03:ff:a5:9d:b1:4c:2c:ba: 11:d2:c5:a4:ed:e2:37:ef:92:bc:26:26:2c:45:8e: 74:5c:b9:90:57:d7:68:9b:96:e9:45:28:26:20:7a: 43:ed:d9:98:9a:34:e6:4a:9e:08:3f:d7:cb:a2:7d: 53:a0:f5:6c:a4:55:f4:6b:cf:21:ee:a1:18:ab:28: e3:34:32:c6:3e:bc:f2:d5:ec:e6:63:4d:57:7e:59: d8:30:4e:f8:fb:4e:2d:f6:08:ad:d3:7f:d5:cb:51: 53:cc:c3:d2:24:82:8d:14:62:12:36:57:ca:23:e7: 3a:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:B9:F1:03:91:AA:1E:6C:D3:98:86:8F:34:D0:87:F5:5A:7E:0D:2F X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:8000::/40 Signature Algorithm: sha256WithRSAEncryption a1:c6:c6:3f:7f:35:b9:c3:88:a8:0c:bc:c5:ac:03:24:ce:a9: 32:32:36:92:f0:89:07:b8:dc:5e:aa:05:c5:67:45:4e:90:40: ac:74:e6:14:63:12:b5:f5:82:b8:84:8f:69:6e:53:bf:12:fd: 73:50:9b:55:74:31:b5:52:10:49:30:03:21:3a:91:1f:34:ed: 37:1b:5b:55:3c:73:17:22:be:cf:2f:11:a8:a0:a7:da:08:52: 2d:ad:18:81:66:dc:9c:a0:30:85:47:a4:47:22:c6:3f:be:fd: 13:66:90:13:f2:1f:c5:43:25:b1:a0:06:60:0b:e6:68:cc:48: d3:7d:35:43:68:c6:73:eb:bc:49:b0:ca:d5:5a:26:87:6b:b5: 53:6e:df:19:f9:4a:bc:c3:f5:01:a9:fb:30:93:c4:70:34:93: fb:4e:dc:d6:ea:c8:79:93:79:10:b4:40:3f:18:3f:d5:af:77: 86:cb:c7:53:81:db:b3:f5:62:8a:45:d3:62:65:4f:84:1f:ad: 8c:a5:f6:03:97:d0:58:a2:69:cc:22:26:ba:15:f9:c1:be:d9: c3:2f:cb:45:af:f6:13:79:96:2d:c4:32:c3:57:95:2e:51:75: 17:24:21:ab:de:bf:f9:5c:7c:25:88:90:6c:72:af:19:42:18: 21:8b:d4:0b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUI6fYmt/6E9dBagJ8pscycm8xtx0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxNzAwMTAwM1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANzM2NDg0MDMwZjFiNDliZDVmYzEw MTdiYWJlNjFjMjdkOWQwOTQ0MDc3N2I0ODYzMjI0YWFhYWNmNDQyNDVkZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUgTTUndVS1++3gVuneLMD2uVSKA zfWSbgxEywKTEVnyTGeIgu1bCCNskU3QXC/2oV6K7k1C/pzzwkDk/uGe24xCwBqx WXQDW8iAwZhnRUjfSBxew7Zf+toZPiWaYlTBlyqUd0AAGmSWBdvs60KZkqZvQ4Ls pWRemgC+V/oPzuCUZ65Xro8WM/AjsVAHA/+lnbFMLLoR0sWk7eI375K8JiYsRY50 XLmQV9dom5bpRSgmIHpD7dmYmjTmSp4IP9fLon1ToPVspFX0a88h7qEYqyjjNDLG Przy1ezmY01XflnYME74+04t9git03/Vy1FTzMPSJIKNFGISNlfKI+c6sQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNW58QORqh5s05iGjzTQh/Vafg0vMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIyNDdmMzRmLWU1YjEtNDIzYy1hYzBmLTcxNDJhZDg2YmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+YAwDQYJKoZIhvcNAQELBQADggEBAKHGxj9/NbnDiKgMvMWs AyTOqTIyNpLwiQe43F6qBcVnRU6QQKx05hRjErX1griEj2luU78S/XNQm1V0MbVS EEkwAyE6kR807TcbW1U8cxcivs8vEaigp9oIUi2tGIFm3JygMIVHpEcixj++/RNm kBPyH8VDJbGgBmAL5mjMSNN9NUNoxnPrvEmwytVaJodrtVNu3xn5SrzD9QGp+zCT xHA0k/tO3NbqyHmTeRC0QD8YP9Wvd4bLx1OB27P1YopF02JlT4QfrYyl9gOX0Fii acwiJroV+cG+2cMvy0Wv9hN5li3EMsNXlS5RdRckIavev/lcfCWIkGxyrxlCGCGL 1As= -----END CERTIFICATE-----Generated at Mon Oct 20 12:52:05 2025 by rpki-client