$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: QWQGn0O87MrqL3Ou/TvaODwQ3hW0NC7jrGn7TVnolKE= Subject key identifier: 5B:D4:8F:2B:50:29:C6:EC:BE:1E:F5:43:DB:7F:90:71:46:74:C6:78 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 40DC5F875ADC0821C8497E36D96D96A95E236E78 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Fri 17 Oct 2025 00:10:06 +0000 ROA not before: Fri 17 Oct 2025 00:10:06 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:dc:5f:87:5a:dc:08:21:c8:49:7e:36:d9:6d:96:a9:5e:23:6e:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 17 00:10:06 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=107c6dd24f06c01f7ab6267ee3cc25ee8091f53740048ed52e2121a3590f60ed, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:df:37:df:48:2c:47:b2:dd:63:a6:e6:ef:e9: dc:9c:06:97:60:06:18:2c:4a:45:bd:54:29:df:5e: d3:72:21:ff:d1:65:74:b6:c9:82:a1:29:50:72:9c: 6d:16:29:4f:15:20:9f:da:f7:cc:ab:cc:58:63:e4: cc:cf:a6:8b:03:e2:ad:81:ab:b1:25:e4:31:27:c9: e5:61:46:88:78:40:19:c5:cf:66:69:1e:83:5e:30: 51:50:14:0e:5e:45:31:1e:1a:1c:b9:36:1f:1b:b2: 35:af:ec:af:41:b0:68:fe:a7:c3:5a:99:30:4f:c8: 81:c4:11:81:75:3a:d2:32:f5:d1:44:74:c8:e8:53: f8:67:1e:d0:6f:c0:85:23:80:7d:5d:58:44:13:57: 06:71:7e:bb:79:a3:fb:84:90:8c:c0:ca:93:e4:6f: 31:12:ed:7a:72:1e:a6:ba:84:c9:ff:f9:03:90:45: f3:c2:18:dc:69:94:c9:da:f3:19:1b:5a:68:34:71: 15:a7:49:ac:21:ef:df:ce:c9:30:e1:7f:0c:d7:34: f1:69:60:b0:b1:56:98:df:70:07:52:7b:7a:da:a3: 45:d4:af:5f:b3:34:36:a0:ca:83:2a:23:81:17:80: 01:20:f3:89:ae:b4:1d:4f:bc:cc:d7:b7:b3:65:97: 28:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:D4:8F:2B:50:29:C6:EC:BE:1E:F5:43:DB:7F:90:71:46:74:C6:78 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 49:71:b9:ab:49:db:9b:b8:65:09:41:03:45:c5:84:6b:8b:ae: 6d:2d:35:26:32:b7:4d:2a:5a:83:dc:53:98:95:ee:58:2e:47: 9b:3e:a2:5a:27:ad:bd:63:bb:8e:b2:ac:26:8b:3f:6e:af:38: 69:3b:03:85:30:64:1f:4d:8a:28:8e:0c:77:69:e5:7f:d3:7b: 73:7e:fa:56:9c:a9:ed:ad:45:d9:e1:29:bb:13:ee:f2:85:78: be:2f:64:ba:a6:77:4b:81:84:a2:1a:30:0a:0d:e5:ca:5e:f1: 4d:c7:ce:7e:38:ca:40:ad:f6:ba:7a:08:b2:83:b5:54:bb:b4: 02:8b:41:9c:6c:51:2e:77:ed:0a:f6:ed:63:c7:cb:51:43:f0: 9b:c2:89:17:38:6d:b8:39:1d:6a:7d:2e:44:ba:aa:cc:88:e1: 9a:b9:88:09:44:4e:36:6b:b7:dc:53:6b:2a:98:b8:21:87:41: 7a:15:ab:78:01:d4:de:88:78:cb:9e:18:a2:f2:a1:87:61:f9: 15:b8:2c:98:62:a4:2b:4d:3c:b7:27:29:bf:f2:9b:3a:84:3a: 37:5f:36:5c:e5:74:3c:ef:45:58:f6:12:2f:e5:0e:0c:96:9b: e5:8a:f8:71:01:a6:cf:4c:22:8d:ed:fc:2a:2a:e7:61:b7:fc: 5f:8d:7a:99 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQNxfh1rcCCHISX422W2WqV4jbngwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxNzAwMTAwNloX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAMTA3YzZkZDI0ZjA2YzAxZjdhYjYy NjdlZTNjYzI1ZWU4MDkxZjUzNzQwMDQ4ZWQ1MmUyMTIxYTM1OTBmNjBlZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1d8330gsR7LdY6bm7+ncnAaXYAYY LEpFvVQp317TciH/0WV0tsmCoSlQcpxtFilPFSCf2vfMq8xYY+TMz6aLA+Ktgaux JeQxJ8nlYUaIeEAZxc9maR6DXjBRUBQOXkUxHhocuTYfG7I1r+yvQbBo/qfDWpkw T8iBxBGBdTrSMvXRRHTI6FP4Zx7Qb8CFI4B9XVhEE1cGcX67eaP7hJCMwMqT5G8x Eu16ch6muoTJ//kDkEXzwhjcaZTJ2vMZG1poNHEVp0msIe/fzskw4X8M1zTxaWCw sVaY33AHUnt62qNF1K9fszQ2oMqDKiOBF4ABIPOJrrQdT7zM17ezZZcoywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFvUjytQKcbsvh71Q9t/kHFGdMZ4MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBAElxuatJ25u4ZQlBA0XF hGuLrm0tNSYyt00qWoPcU5iV7lguR5s+olonrb1ju46yrCaLP26vOGk7A4UwZB9N iiiODHdp5X/Te3N++lacqe2tRdnhKbsT7vKFeL4vZLqmd0uBhKIaMAoN5cpe8U3H zn44ykCt9rp6CLKDtVS7tAKLQZxsUS537Qr27WPHy1FD8JvCiRc4bbg5HWp9LkS6 qsyI4Zq5iAlETjZrt9xTayqYuCGHQXoVq3gB1N6IeMueGKLyoYdh+RW4LJhipCtN PLcnKb/ymzqEOjdfNlzldDzvRVj2Ei/lDgyWm+WK+HEBps9MIo3t/Coq52G3/F+N epk= -----END CERTIFICATE-----Generated at Tue Oct 21 01:34:04 2025 by rpki-client