$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json) Hash identifier: APcHTk5HLwRH+oabHPXGqw3oVtuyzKdnhOS7dLB7JpQ= Subject key identifier: BA:5D:A8:09:B7:F6:DC:43:00:15:0E:D5:89:8B:98:A6:AD:95:01:32 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1BBE5E44839C85643880BD35A9BF3593F55795C9 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa Signing time: Sat 18 Oct 2025 00:00:36 +0000 ROA not before: Sat 18 Oct 2025 00:00:36 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:be:5e:44:83:9c:85:64:38:80:bd:35:a9:bf:35:93:f5:57:95:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:36 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=e781288d2196bf9c21598d246f91d82ce18416092df4f0e8f97ffeef5b04427e, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:39:29:53:94:0e:70:61:91:60:36:08:1e:f6: 5b:aa:00:9d:e2:64:4a:c6:39:ea:a5:b9:56:83:06: 0f:c8:ab:0e:b0:c2:78:92:6c:3b:e7:41:e4:07:ab: ab:ff:82:ba:2e:c8:44:5e:3a:f9:91:eb:3d:e5:ef: 07:6a:69:81:cc:55:41:19:89:56:23:de:28:ed:03: ee:70:fe:da:31:4c:4c:0d:46:da:28:5e:2a:e6:89: f3:5b:aa:c3:a1:fd:78:dc:0f:77:cb:11:5a:12:ba: 3f:07:a3:7f:13:ce:32:c5:64:f0:be:79:e5:db:ae: 0e:fc:bc:c5:0e:ed:de:ac:d6:d2:eb:72:eb:66:47: 89:08:a6:6a:f2:7d:cb:30:8f:91:87:de:51:92:75: b4:19:6c:8c:ef:79:2e:b9:a4:00:0a:f7:7f:c2:44: db:3e:a1:0a:4a:82:46:c6:95:77:af:1a:9b:50:d0: ca:6c:1d:b4:91:75:2f:d7:ae:87:52:f3:fd:18:8a: db:42:a8:b3:c9:35:44:46:0e:f5:a9:e8:a7:eb:0b: 4d:37:34:0c:08:d5:29:b7:e4:b4:f3:71:d1:98:06: 67:cc:dd:a7:5a:b9:76:3f:9d:ac:e0:28:be:8c:cf: 3e:4f:99:bf:5e:ad:1e:6d:27:8e:c7:13:3f:45:86: 41:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:5D:A8:09:B7:F6:DC:43:00:15:0E:D5:89:8B:98:A6:AD:95:01:32 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fc::/32 Signature Algorithm: sha256WithRSAEncryption 3e:05:99:42:9d:0a:fb:7b:58:a2:f3:7c:ae:0f:f4:66:b5:41: 59:e7:6d:f2:28:13:9a:a1:b7:3d:66:b1:c3:3a:49:22:f3:02: 56:dc:0f:78:25:6e:6a:36:90:0c:68:43:e4:b1:69:8b:66:8a: 03:6b:2d:23:30:00:52:06:c1:d8:c8:aa:a5:88:fb:69:eb:5e: 59:4d:07:3b:a4:7c:26:3f:a7:5b:e7:99:8b:93:ba:0c:3b:46: ea:96:34:93:9a:17:6d:97:a8:05:7f:67:0b:e6:90:9c:51:4e: 1d:0a:fb:e6:11:22:c7:13:e8:a3:30:2d:6a:87:2e:77:0d:24: f4:0c:ef:13:21:54:ab:a5:a4:aa:fc:00:f7:cc:e2:2f:ea:12: 00:35:b6:18:44:f6:0a:0b:45:9b:73:7f:28:b2:87:4b:b9:12: 11:1b:61:f6:6f:72:3f:67:b6:4b:a1:ef:37:b4:ca:07:2e:21: 78:14:10:0e:e3:d5:bb:ed:ea:b9:4a:b8:f5:4d:27:55:23:db: fe:56:c6:64:d2:de:7b:5f:7c:82:7b:ee:40:f0:b5:73:5b:1f: 00:c4:d4:92:e7:17:d5:9d:06:42:83:a5:e1:e2:99:c8:e0:80: a4:0b:54:ec:dc:28:23:bd:e9:d2:43:40:46:81:90:07:67:dc: 32:4d:48:41 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUG75eRIOchWQ4gL01qb81k/VXlckwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAzNloX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAZTc4MTI4OGQyMTk2YmY5YzIxNTk4 ZDI0NmY5MWQ4MmNlMTg0MTYwOTJkZjRmMGU4Zjk3ZmZlZWY1YjA0NDI3ZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjkpU5QOcGGRYDYIHvZbqgCd4mRK xjnqpblWgwYPyKsOsMJ4kmw750HkB6ur/4K6LshEXjr5kes95e8HammBzFVBGYlW I94o7QPucP7aMUxMDUbaKF4q5onzW6rDof143A93yxFaEro/B6N/E84yxWTwvnnl 264O/LzFDu3erNbS63LrZkeJCKZq8n3LMI+Rh95RknW0GWyM73kuuaQACvd/wkTb PqEKSoJGxpV3rxqbUNDKbB20kXUv166HUvP9GIrbQqizyTVERg71qein6wtNNzQM CNUpt+S083HRmAZnzN2nWrl2P52s4Ci+jM8+T5m/Xq0ebSeOxxM/RYZBSwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFLpdqAm39txDABUO1YmLmKatlQEyMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAPgWZQp0K+3tYovN8rg/0 ZrVBWedt8igTmqG3PWaxwzpJIvMCVtwPeCVuajaQDGhD5LFpi2aKA2stIzAAUgbB 2MiqpYj7aeteWU0HO6R8Jj+nW+eZi5O6DDtG6pY0k5oXbZeoBX9nC+aQnFFOHQr7 5hEixxPoozAtaocudw0k9AzvEyFUq6WkqvwA98ziL+oSADW2GET2CgtFm3N/KLKH S7kSERth9m9yP2e2S6HvN7TKBy4heBQQDuPVu+3quUq49U0nVSPb/lbGZNLee198 gnvuQPC1c1sfAMTUkucX1Z0GQoOl4eKZyOCApAtU7NwoI73p0kNARoGQB2fcMk1I QQ== -----END CERTIFICATE-----Generated at Mon Oct 20 12:52:07 2025 by rpki-client