$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa File: 453c01e0-c333-4283-987c-be2c8b71798c.roa (raw, json) Hash identifier: oCXvlvk9mpQ3/pfiX8v9b2VWv0AHjgPgKF9KBcfU9Zk= Subject key identifier: BA:0D:59:DE:C7:EC:56:75:70:A6:ED:FF:03:8A:1E:5E:70:C7:18:E1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2642B9EF2530BCBCC7E27F58A0B540028F186420 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa Signing time: Sat 18 Oct 2025 00:00:27 +0000 ROA not before: Sat 18 Oct 2025 00:00:27 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:42:b9:ef:25:30:bc:bc:c7:e2:7f:58:a0:b5:40:02:8f:18:64:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:27 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=221a63ff3151a9db06a9e06ba8b1807b7e4726e8aebfa68a2b5414ac1e380a9f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:5f:13:a6:43:73:20:89:c7:57:1c:3c:6a:20: 0f:35:e1:f4:2c:f5:33:d3:fa:2e:9d:21:d5:7d:8c: 06:a5:b6:c6:d8:c6:56:37:3a:6c:94:cb:c4:d8:bf: 4c:57:45:90:19:29:95:a6:e1:83:43:ef:c2:d9:30: e6:f6:8f:c0:b1:ce:1b:1e:e5:80:33:57:56:55:f8: a9:7b:c4:90:c8:cf:f2:3e:16:df:a6:b5:ec:4a:63: 27:0c:58:9e:8f:45:67:41:4c:50:b3:ca:b5:ed:76: 4b:d4:48:18:a7:86:39:1a:1d:3e:ee:84:23:af:8e: 34:dc:1b:6f:d2:4c:eb:71:c7:3c:89:a1:0b:10:08: 7a:93:29:68:5f:5b:76:51:7f:98:73:1f:d6:ff:0b: dd:31:cd:8b:58:24:77:b7:72:8e:78:ee:65:bb:fb: 79:41:ad:1d:0e:3e:77:2e:a4:66:8b:0a:b2:cc:10: c1:7b:60:88:5b:e8:07:d1:f4:47:99:7e:68:ea:1d: 85:c4:58:6b:df:5d:da:8a:33:66:d0:39:ce:31:68: 14:51:45:e3:e0:75:85:c2:eb:c3:41:7e:72:a5:f8: 88:2f:d5:47:a1:d5:68:3e:26:69:db:06:94:d0:00: bd:de:d7:46:51:2d:4a:a6:c7:41:d0:a1:52:9c:9e: c3:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:0D:59:DE:C7:EC:56:75:70:A6:ED:FF:03:8A:1E:5E:70:C7:18:E1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:80c0::/48 Signature Algorithm: sha256WithRSAEncryption a6:75:75:48:18:05:fd:16:32:91:35:d2:26:03:dd:9c:0f:3e: 45:c4:a3:3f:6b:f2:77:8f:31:d0:1a:19:82:e3:e7:25:e3:88: 5f:e4:d6:f0:8e:c1:f4:ee:4a:b0:43:13:5d:49:f1:0b:63:ca: 4d:4e:05:fd:a0:50:db:d9:bb:f2:08:db:12:af:c0:1a:22:94: fc:e2:99:7c:77:25:b2:b2:02:ac:72:3b:99:67:65:ce:11:4c: 7c:be:11:a7:c4:c4:75:3e:c0:9c:4b:90:2f:1e:98:5d:30:3c: 54:41:48:35:bf:1e:37:d8:1b:c2:f0:c0:dc:a6:9b:5d:0d:af: 66:e2:b5:be:de:3a:85:c7:27:26:b2:05:b4:5b:ff:1e:cb:1c: 0f:93:57:33:6c:1e:40:3c:81:16:2d:d3:2a:2c:0d:1e:84:f9: f5:75:09:04:1d:0c:dc:f4:1e:32:fa:fb:0d:88:36:f6:ad:e8: a1:02:86:b2:49:58:67:79:f5:f9:2b:10:31:97:43:27:1b:4a: ea:73:46:4c:05:69:d6:7d:b3:0f:eb:37:3e:26:ca:56:1d:34: 94:c3:3a:f5:0a:df:59:61:21:47:78:90:55:d8:69:3e:d4:5d: ae:be:87:a0:22:3f:af:9e:22:97:db:9e:07:c3:78:f6:f3:37: 0e:aa:2c:d4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJkK57yUwvLzH4n9YoLVAAo8YZCAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyN1oX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAMjIxYTYzZmYzMTUxYTlkYjA2YTll MDZiYThiMTgwN2I3ZTQ3MjZlOGFlYmZhNjhhMmI1NDE0YWMxZTM4MGE5ZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApF8TpkNzIInHVxw8aiAPNeH0LPUz 0/ounSHVfYwGpbbG2MZWNzpslMvE2L9MV0WQGSmVpuGDQ+/C2TDm9o/Asc4bHuWA M1dWVfipe8SQyM/yPhbfprXsSmMnDFiej0VnQUxQs8q17XZL1EgYp4Y5Gh0+7oQj r4403Btv0kzrccc8iaELEAh6kyloX1t2UX+Ycx/W/wvdMc2LWCR3t3KOeO5lu/t5 Qa0dDj53LqRmiwqyzBDBe2CIW+gH0fRHmX5o6h2FxFhr313aijNm0DnOMWgUUUXj 4HWFwuvDQX5ypfiIL9VHodVoPiZp2waU0AC93tdGUS1KpsdB0KFSnJ7DHQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLoNWd7H7FZ1cKbt/wOKHl5wxxjhMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzQ1M2MwMWUwLWMzMzMtNDI4My05ODdjLWJlMmM4YjcxNzk4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4DAMA0GCSqGSIb3DQEBCwUAA4IBAQCmdXVIGAX9FjKRNdIm A92cDz5FxKM/a/J3jzHQGhmC4+cl44hf5NbwjsH07kqwQxNdSfELY8pNTgX9oFDb 2bvyCNsSr8AaIpT84pl8dyWysgKscjuZZ2XOEUx8vhGnxMR1PsCcS5AvHphdMDxU QUg1vx432BvC8MDcpptdDa9m4rW+3jqFxycmsgW0W/8eyxwPk1czbB5APIEWLdMq LA0ehPn1dQkEHQzc9B4y+vsNiDb2reihAoaySVhnefX5KxAxl0MnG0rqc0ZMBWnW fbMP6zc+JspWHTSUwzr1Ct9ZYSFHeJBV2Gk+1F2uvoegIj+vniKX254Hw3j28zcO qizU -----END CERTIFICATE-----Generated at Tue Oct 21 01:34:09 2025 by rpki-client