$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa File: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (raw, json) Hash identifier: XKmHvfvoiNLSq3v35nbLA9NO6p6rBW+J6bzGa0LCki8= Subject key identifier: A2:8C:83:6A:A8:07:0F:1E:41:A1:01:87:1E:B6:45:04:90:37:2D:68 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 28F64D59EF343B890CF92C3BFAF35BFF2F3157A1 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa Signing time: Fri 17 Oct 2025 00:10:07 +0000 ROA not before: Fri 17 Oct 2025 00:10:07 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:f6:4d:59:ef:34:3b:89:0c:f9:2c:3b:fa:f3:5b:ff:2f:31:57:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 17 00:10:07 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=6dafbc64037d1b30326da8eea017e4c45813033cfc595867aa621d49c7deb9f3, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:dc:fa:16:10:e3:53:c8:f0:12:85:bc:75:d2: 67:2d:78:b6:7f:39:ba:ee:47:2c:b9:c4:a9:c7:f9: d1:68:a1:8b:82:db:80:3d:22:91:20:2b:99:ed:8e: 86:18:bf:ee:b5:33:ea:bb:6d:b7:3d:7c:8c:ce:93: 5d:d2:fc:b4:5b:94:b7:e4:c4:f8:64:70:66:88:e9: fa:63:7e:a1:31:c0:ca:97:f0:49:6a:a1:5c:57:40: 1b:60:96:9b:29:ea:24:20:a3:0e:ee:ee:de:95:9c: f5:d9:66:2f:66:04:b9:01:75:ed:bd:c4:75:bb:a9: 89:b8:53:cc:c1:b2:ae:27:a1:d0:c1:46:92:0c:c2: 5a:77:ba:d0:9f:32:35:6c:bd:2c:07:2c:25:31:1e: 36:c0:f9:71:3d:48:61:b7:0a:bf:84:6d:ff:59:63: d1:56:32:ad:d6:1d:b5:fa:df:11:f9:6e:7d:48:12: 8b:29:38:07:37:37:ad:ef:dd:7f:d2:ed:47:33:5e: 12:92:53:9a:43:d2:24:b0:34:56:00:d2:3d:3d:d6: 39:8d:cc:30:ad:1d:d8:1b:3f:42:bd:81:58:46:3c: e9:d8:a7:ec:97:84:86:73:fc:8c:6e:15:9d:d0:a5: 64:8a:56:f9:e0:08:ce:00:a7:67:b3:9f:fa:b8:12: 9d:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:8C:83:6A:A8:07:0F:1E:41:A1:01:87:1E:B6:45:04:90:37:2D:68 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:8000::/40 Signature Algorithm: sha256WithRSAEncryption 18:d1:5e:ea:76:f2:bb:40:0f:76:4b:9c:36:54:80:9b:5e:21: ae:d1:3b:b3:9b:48:ad:6e:6e:ac:99:2c:15:82:ad:7b:48:3e: 92:05:a0:d7:81:ca:6a:b7:71:83:2c:ba:9e:f4:68:c5:b7:de: 54:57:aa:76:38:b5:88:cd:9f:96:fd:1e:50:34:ec:09:3e:45: 18:94:18:4a:42:58:3d:ed:ab:29:64:42:69:f4:b9:59:25:da: 41:33:1e:9e:e8:e5:87:08:ef:be:40:8a:44:d1:f8:b3:1e:a2: cd:17:c2:7f:81:8a:2b:32:31:63:8b:b4:ab:8a:55:69:fd:b4: af:9b:b1:b6:91:48:27:f1:89:6f:7b:ec:d8:9f:24:ca:f6:52: 4e:9a:2d:c1:8e:51:6d:d5:bb:f5:51:5d:fa:f7:42:f6:90:53: 43:67:46:ee:fc:42:18:c8:fe:47:d0:f8:97:9e:10:fa:42:5d: 39:c1:b5:b9:53:5c:ec:21:22:dc:58:0b:b1:c6:6a:ba:a9:79: 61:44:3b:a3:e0:62:26:57:28:cf:21:b7:27:b4:f8:d1:8d:59: 3c:34:00:4e:bf:c2:96:f8:a9:0b:d8:40:b1:d7:cb:81:0c:46: 07:93:a2:d2:cd:19:13:8b:40:e0:6d:e9:51:c7:5d:93:bd:34: ae:a0:3d:52 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKPZNWe80O4kM+Sw7+vNb/y8xV6EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxNzAwMTAwN1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANmRhZmJjNjQwMzdkMWIzMDMyNmRh OGVlYTAxN2U0YzQ1ODEzMDMzY2ZjNTk1ODY3YWE2MjFkNDljN2RlYjlmMzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtz6FhDjU8jwEoW8ddJnLXi2fzm6 7kcsucSpx/nRaKGLgtuAPSKRICuZ7Y6GGL/utTPqu223PXyMzpNd0vy0W5S35MT4 ZHBmiOn6Y36hMcDKl/BJaqFcV0AbYJabKeokIKMO7u7elZz12WYvZgS5AXXtvcR1 u6mJuFPMwbKuJ6HQwUaSDMJad7rQnzI1bL0sBywlMR42wPlxPUhhtwq/hG3/WWPR VjKt1h21+t8R+W59SBKLKTgHNzet791/0u1HM14SklOaQ9IksDRWANI9PdY5jcww rR3YGz9CvYFYRjzp2Kfsl4SGc/yMbhWd0KVkilb54AjOAKdns5/6uBKdbQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKKMg2qoBw8eQaEBhx62RQSQNy1oMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU3Zjg0MzNjLWYxNjItNGIxMC04NTI3LWZiZjdjZGJiNmFhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+IAwDQYJKoZIhvcNAQELBQADggEBABjRXup28rtAD3ZLnDZU gJteIa7RO7ObSK1ubqyZLBWCrXtIPpIFoNeBymq3cYMsup70aMW33lRXqnY4tYjN n5b9HlA07Ak+RRiUGEpCWD3tqylkQmn0uVkl2kEzHp7o5YcI775AikTR+LMeos0X wn+BiisyMWOLtKuKVWn9tK+bsbaRSCfxiW977NifJMr2Uk6aLcGOUW3Vu/VRXfr3 QvaQU0NnRu78QhjI/kfQ+JeeEPpCXTnBtblTXOwhItxYC7HGarqpeWFEO6PgYiZX KM8htye0+NGNWTw0AE6/wpb4qQvYQLHXy4EMRgeTotLNGROLQOBt6VHHXZO9NK6g PVI= -----END CERTIFICATE-----Generated at Mon Oct 20 12:52:00 2025 by rpki-client