$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa File: 64aa0337-4cf9-42c7-b236-4cd36e69005e.roa (raw, json) Hash identifier: 3NAR42GPRZRONrVpfDVAwmr7HLsQV9vCTIXugxE55qo= Subject key identifier: 41:EC:41:B2:AB:2A:96:D0:25:63:4B:B6:06:33:FA:A9:A9:0B:82:70 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 75183F71341964EE8D2363911A808AA95BC20E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa Signing time: Sat 18 Oct 2025 00:00:36 +0000 ROA not before: Sat 18 Oct 2025 00:00:36 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:18:3f:71:34:19:64:ee:8d:23:63:91:1a:80:8a:a9:5b:c2:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:36 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=2853cafe029e8d3c7e372fc24d324d2da53cce0b10eff4a6846ecf74fc50f15c, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:01:ac:37:16:f9:70:39:dc:2a:e0:68:44:3a: f1:f1:ce:15:8b:f0:25:b7:f2:7f:93:1e:6d:ed:cd: 0d:30:6b:db:bf:48:f2:8e:1f:c1:5e:74:01:6d:bd: 7b:a2:8c:bf:58:8e:61:14:1c:18:a8:88:51:6e:f4: 39:8a:5e:24:44:ae:1a:4a:73:b9:44:13:36:17:79: 1d:4c:44:9e:9a:c0:1e:6d:ed:59:39:a7:cc:85:36: f2:12:95:73:0f:3d:0b:4f:99:48:d5:1a:d6:44:12: ad:f3:e9:88:67:9b:f0:54:53:60:6e:e3:10:69:bf: 8e:f9:b3:b5:06:80:2b:ed:ba:c0:8a:ce:9e:5f:91: 16:33:35:e4:a1:f2:3a:89:23:a9:5e:25:bf:75:98: 23:56:23:4f:fa:f4:5c:16:d7:0d:50:d8:1a:19:63: 63:25:b6:99:40:40:66:8e:cd:78:1e:8b:cc:f0:d0: 8e:f7:13:91:1a:f9:26:9c:3b:1e:e8:6c:6b:e4:15: 03:4d:5e:4c:2b:38:ec:7a:77:72:b9:24:df:2f:ea: 84:e4:74:0a:f5:63:c4:d6:bf:dc:50:11:0c:34:b7: f8:4a:11:07:42:16:2f:85:e2:4e:bb:58:3b:d1:7a: 0f:da:e8:ca:af:a9:6c:26:22:eb:3e:35:49:6e:54: 68:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:EC:41:B2:AB:2A:96:D0:25:63:4B:B6:06:33:FA:A9:A9:0B:82:70 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f1::/32 Signature Algorithm: sha256WithRSAEncryption af:fd:b9:90:7d:89:cf:6e:f5:9a:95:ed:f6:7b:6c:1a:3e:10: 62:27:9a:e5:cf:b2:4f:84:cd:71:43:01:68:9c:08:b1:57:64: e1:82:da:c2:80:40:b2:c5:58:1c:33:af:c4:75:62:5a:d0:b8: 92:41:08:92:03:a6:b1:ec:39:9b:30:93:28:dc:66:3d:c5:51: 7e:17:46:1c:85:a1:76:d7:df:c4:27:1a:32:bc:28:12:99:28: 2a:ff:d6:0c:67:ca:2f:1e:79:ef:b0:1c:b5:80:65:e4:99:e0: 81:dd:9e:86:32:92:90:ee:a4:35:d1:2e:cc:96:2d:0a:0e:f0: 4e:dd:16:75:6e:25:4f:c3:2f:c7:fe:1a:25:22:f6:06:14:5d: 36:01:e1:a0:e7:07:b1:0d:2b:ff:bc:2b:54:5b:53:02:7a:40: 94:75:08:72:18:17:4c:ed:c8:08:5d:9d:69:e1:d4:b5:6f:7f: 73:d3:85:e9:61:6f:fc:8b:dd:b2:d0:d4:40:a9:13:f1:52:1d: 39:74:48:4a:2c:73:3e:7c:c1:c8:70:85:0c:68:98:15:43:e7: 92:2b:35:da:6f:0d:f2:d2:2e:2a:b9:f1:85:77:e7:0e:27:d6: aa:17:d6:35:fb:2d:98:1f:93:ff:52:d4:8c:0d:b8:8f:75:a7: 1f:a8:f5:94 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgITdRg/cTQZZO6NI2ORGoCKqVvCDjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFDRDI4QTAwMDAxMTAvBgNVBAUTKDk3RUJGMzQ4RjM3 NkI4NjdGQzc2QjJCMkI5MTA3OEMzREQ0OTQ4ODMwHhcNMjUxMDE4MDAwMDM2WhcN MjUxMTIyMjM1OTU5WjB6MUkwRwYDVQQFE0AyODUzY2FmZTAyOWU4ZDNjN2UzNzJm YzI0ZDMyNGQyZGE1M2NjZTBiMTBlZmY0YTY4NDZlY2Y3NGZjNTBmMTVjMS0wKwYD VQQDEyQ0MjU3ZTkyNS03MTVmLTQ3YTItODkzZS0wZTNmOTdlYzdlMjIwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrAaw3FvlwOdwq4GhEOvHxzhWL8CW3 8n+THm3tzQ0wa9u/SPKOH8FedAFtvXuijL9YjmEUHBioiFFu9DmKXiRErhpKc7lE EzYXeR1MRJ6awB5t7Vk5p8yFNvISlXMPPQtPmUjVGtZEEq3z6Yhnm/BUU2Bu4xBp v475s7UGgCvtusCKzp5fkRYzNeSh8jqJI6leJb91mCNWI0/69FwW1w1Q2BoZY2Ml tplAQGaOzXgei8zw0I73E5Ea+SacOx7obGvkFQNNXkwrOOx6d3K5JN8v6oTkdAr1 Y8TWv9xQEQw0t/hKEQdCFi+F4k67WDvReg/a6MqvqWwmIus+NUluVGiJAgMBAAGj ggJJMIICRTAdBgNVHQ4EFgQUQexBsqsqltAlY0u2BjP6qakLgnAwHwYDVR0jBBgw FoAUl+vzSPN2uGf8drKyuRB4w91JSIMwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL2wtdnpTUE4y dUdmOGRyS3l1UkI0dzkxSlNJTS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJiY2JiODVhZTYv NjRhYTAzMzctNGNmOS00MmM3LWIyMzYtNGNkMzZlNjkwMDVlLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lL2MzY2Q3YzI0LTEyY2ItNGFiYy04ZmQyLTVlMmJj YmI4NWFlNi85MGNhOTBhOS1hMTBhLTQ0ZTctODJiOS0xMzY1NzQ2YmE1NWUuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0E AgACMAcDBQAkD4DxMA0GCSqGSIb3DQEBCwUAA4IBAQCv/bmQfYnPbvWale32e2wa PhBiJ5rlz7JPhM1xQwFonAixV2ThgtrCgECyxVgcM6/EdWJa0LiSQQiSA6ax7Dmb MJMo3GY9xVF+F0YchaF219/EJxoyvCgSmSgq/9YMZ8ovHnnvsBy1gGXkmeCB3Z6G MpKQ7qQ10S7Mli0KDvBO3RZ1biVPwy/H/holIvYGFF02AeGg5wexDSv/vCtUW1MC ekCUdQhyGBdM7cgIXZ1p4dS1b39z04XpYW/8i92y0NRAqRPxUh05dEhKLHM+fMHI cIUMaJgVQ+eSKzXabw3y0i4qufGFd+cOJ9aqF9Y1+y2YH5P/UtSMDbiPdacfqPWU -----END CERTIFICATE-----Generated at Mon Oct 20 12:51:31 2025 by rpki-client