$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa File: 29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa (raw, json) Hash identifier: ToWRiJfnWcgKYtgs7xEUgHcMbVen7TkAtEXeytEIR8w= Subject key identifier: F9:F9:DD:B8:E9:C5:C7:5B:3F:B2:49:4D:64:F7:0D:48:E9:C2:0A:39 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 396E48B910558AFBB6B1B59B70BFE6C275854168 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa Signing time: Sat 18 Oct 2025 00:00:23 +0000 ROA not before: Sat 18 Oct 2025 00:00:23 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:6e:48:b9:10:55:8a:fb:b6:b1:b5:9b:70:bf:e6:c2:75:85:41:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:23 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=38fe22714ac87a1e413641101504040dd23f489d445e9986b9cf5c93975cb856, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:0d:99:f1:40:3b:ae:6c:79:61:a6:d0:81:ca: 0d:d1:ea:a5:5d:70:9a:ff:6a:d4:06:ed:d0:1e:99: b9:d2:e7:1e:18:bc:3a:df:c9:0e:95:34:9f:d5:b8: c3:8d:e9:8b:53:5d:77:81:19:b3:f5:a7:7a:19:a1: 6e:11:bc:b8:c6:9e:22:27:0c:0b:b6:be:71:e4:5d: 52:ce:08:0d:9f:df:dc:56:8c:6e:04:50:1c:7d:63: 6f:a3:f7:85:84:3d:42:57:81:ba:54:50:28:b4:12: 2f:2e:21:d0:ca:7a:86:dd:bb:fe:60:9f:13:bf:54: d9:2e:d0:ba:68:68:b0:8d:59:e1:24:d1:01:c2:b1: af:12:2f:7a:a3:e2:ee:9e:b8:7b:8b:62:ef:bd:7c: 46:9b:78:a6:b4:c1:83:44:df:84:67:bc:9a:c8:20: 6f:ef:73:f0:8b:3f:64:d8:aa:2d:d0:e9:4a:49:21: 83:86:f8:a8:eb:03:03:68:1b:57:af:54:80:68:f4: 63:ff:b2:3a:3a:bc:1d:08:6a:39:48:06:d2:16:de: 50:6c:29:0b:9d:59:2e:fb:04:94:77:01:40:08:0d: ef:f4:bf:51:42:2c:df:64:95:8b:98:cf:32:31:64: 3e:09:08:ee:28:42:8d:d0:e7:ce:f2:29:dd:94:5e: c6:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:F9:DD:B8:E9:C5:C7:5B:3F:B2:49:4D:64:F7:0D:48:E9:C2:0A:39 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:c00::/38 Signature Algorithm: sha256WithRSAEncryption 30:96:d3:c4:20:8e:45:ec:52:b1:df:5c:b5:85:75:ae:fd:20: e1:72:01:16:84:50:07:4c:48:7c:95:10:a3:1c:e6:d5:d0:5f: f8:c3:54:39:58:94:ed:dd:15:86:48:6a:fa:a0:13:97:2e:3a: 9b:31:47:8e:0b:cf:58:46:e6:11:4e:4f:fd:57:8b:b0:05:65: 34:e8:c6:b1:55:64:33:ce:20:91:1a:3c:d5:55:90:37:81:23: 33:ed:89:ca:28:99:32:01:26:9f:82:cb:3f:3c:bc:51:f4:b3: af:d1:5c:a1:ee:cd:d7:b5:d8:4c:52:3e:68:47:88:df:44:5c: f8:2f:5e:95:fb:66:0b:cc:b0:83:46:77:0f:c8:11:14:f2:b2: bd:36:d0:0e:25:0c:a0:d9:28:a3:3d:6c:8e:20:b6:7a:7f:70: 85:be:65:49:6c:61:47:6f:12:74:ab:25:e3:12:19:e6:48:38: b3:e1:7c:22:c9:83:d5:54:42:d3:f1:3d:21:e7:aa:1d:4a:58: 7a:17:68:1e:6b:f7:e2:ab:4c:55:41:56:1b:d9:16:e5:17:a6: e1:33:70:b0:14:f4:43:a4:b3:4f:ed:45:5a:72:0f:3c:5b:91: e5:57:57:55:28:78:80:8d:0d:d6:eb:51:86:2d:2a:0f:2b:9b: 9d:40:f8:0c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOW5IuRBVivu2sbWbcL/mwnWFQWgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyM1oX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAMzhmZTIyNzE0YWM4N2ExZTQxMzY0 MTEwMTUwNDA0MGRkMjNmNDg5ZDQ0NWU5OTg2YjljZjVjOTM5NzVjYjg1NjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg2Z8UA7rmx5YabQgcoN0eqlXXCa /2rUBu3QHpm50uceGLw638kOlTSf1bjDjemLU113gRmz9ad6GaFuEby4xp4iJwwL tr5x5F1SzggNn9/cVoxuBFAcfWNvo/eFhD1CV4G6VFAotBIvLiHQynqG3bv+YJ8T v1TZLtC6aGiwjVnhJNEBwrGvEi96o+Lunrh7i2LvvXxGm3imtMGDRN+EZ7yayCBv 73Pwiz9k2Kot0OlKSSGDhvio6wMDaBtXr1SAaPRj/7I6OrwdCGo5SAbSFt5QbCkL nVku+wSUdwFACA3v9L9RQizfZJWLmM8yMWQ+CQjuKEKN0OfO8indlF7GdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPn53bjpxcdbP7JJTWT3DUjpwgo5MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI5ZmU0NDU0LWY3YTgtNDJmZC04YzM1LTc3YTZkNmY4ZTYwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAwwDQYJKoZIhvcNAQELBQADggEBADCW08QgjkXsUrHfXLWF da79IOFyARaEUAdMSHyVEKMc5tXQX/jDVDlYlO3dFYZIavqgE5cuOpsxR44Lz1hG 5hFOT/1Xi7AFZTToxrFVZDPOIJEaPNVVkDeBIzPticoomTIBJp+Cyz88vFH0s6/R XKHuzde12ExSPmhHiN9EXPgvXpX7ZgvMsINGdw/IERTysr020A4lDKDZKKM9bI4g tnp/cIW+ZUlsYUdvEnSrJeMSGeZIOLPhfCLJg9VUQtPxPSHnqh1KWHoXaB5r9+Kr TFVBVhvZFuUXpuEzcLAU9EOks0/tRVpyDzxbkeVXV1UoeICNDdbrUYYtKg8rm51A +Aw= -----END CERTIFICATE-----Generated at Tue Oct 21 01:36:32 2025 by rpki-client