$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json) Hash identifier: 8314UpUu9fFaAIBL7IvImZQvki9uH1oCtXd62rHgrbg= Subject key identifier: 11:8B:3C:F7:A8:2F:7F:84:15:4B:74:25:20:90:CC:C6:9E:98:86:78 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 729CC22D575AA67632A4CFBE0DF9479E180D3D6F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa Signing time: Sat 18 Oct 2025 00:00:38 +0000 ROA not before: Sat 18 Oct 2025 00:00:38 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:9c:c2:2d:57:5a:a6:76:32:a4:cf:be:0d:f9:47:9e:18:0d:3d:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:38 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=b1bddf12230352a96bbad5474f0b4666a8fb68258ff97c7cdb999ab968c61d95, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:3b:70:3f:33:a9:90:59:13:42:db:7f:92:8e: f8:d4:cc:1f:01:7f:8e:f6:b2:44:89:34:15:06:fa: 7d:86:8c:b3:a3:57:b9:4d:55:9d:0a:bd:24:d0:b6: 24:f3:eb:d0:72:28:bb:7b:25:e4:13:7e:e1:a6:4c: 39:dd:e0:69:07:2c:bf:d7:8c:49:94:54:95:34:eb: 3e:d5:1c:84:35:ae:7e:fe:07:6b:9e:82:b1:d6:70: ce:ca:10:d9:77:9f:fa:a4:c0:32:80:cc:83:75:95: 72:38:3b:bd:63:aa:1a:21:c1:67:52:90:dc:aa:a0: cb:37:1b:e9:78:84:4d:79:f1:38:27:e2:e0:f9:47: ba:87:d0:1c:6d:95:03:e3:98:43:58:6a:3e:80:1e: 83:3c:23:ab:9d:de:f3:e1:71:42:93:89:4f:8c:d3: 7e:43:1c:ad:e7:c5:cb:56:35:21:85:8a:7a:a7:ea: db:89:2a:58:ba:06:cd:be:3f:37:c3:60:9e:c2:73: 13:ca:cf:27:25:be:b8:00:e8:98:74:db:60:13:2e: b6:a1:db:1f:7c:5c:c1:f2:68:70:1c:0c:c2:0a:6f: c5:21:36:78:6d:fd:58:76:1f:af:29:9d:cd:07:40: f8:33:6d:82:fb:04:9d:e9:3d:39:30:42:b3:59:d6: 2c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:8B:3C:F7:A8:2F:7F:84:15:4B:74:25:20:90:CC:C6:9E:98:86:78 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 5c:da:ee:16:ed:33:6e:63:99:5c:16:8f:a9:42:be:74:60:0d: 9d:cc:42:d9:ef:e0:02:62:d3:33:c6:15:76:17:e4:59:86:8d: 5b:b8:09:50:44:8b:44:93:06:4c:6a:0a:8c:3d:cd:98:99:b7: df:b8:19:85:84:3d:ae:0a:3f:5d:d8:06:92:68:b9:ba:8d:e3: 65:df:1d:69:09:7d:7b:46:b3:ff:6e:1f:6f:33:f8:e0:a5:bc: d4:c7:a7:1f:37:62:51:99:20:f1:45:1f:91:c8:fc:06:9e:52: d8:3b:d0:56:4e:67:22:4d:d7:16:4a:be:5c:ce:1a:c5:82:20: 9a:9f:eb:b7:a9:3d:df:02:85:b6:03:34:bd:42:dd:9e:de:c8: c8:b2:ff:1f:f1:d3:ed:36:07:ad:2d:5d:ca:9b:29:bd:c1:ba: ee:07:79:7c:9d:ee:09:73:1c:59:3e:60:d0:6a:20:8e:65:51: 0c:db:eb:ec:d2:40:34:56:0d:3b:83:ee:62:2c:d0:8f:9b:e8: 07:d6:8c:b1:5d:c3:2c:43:a3:47:a9:38:8d:cd:65:70:d0:4a: 7e:99:c4:ef:f8:22:c9:23:a0:d6:be:88:a8:c1:78:a0:29:b2: fb:e0:8e:49:aa:0b:e9:a8:63:f7:20:79:de:1e:48:25:e3:f0: ea:65:cf:ee -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcpzCLVdapnYypM++DflHnhgNPW8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAzOFoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAYjFiZGRmMTIyMzAzNTJhOTZiYmFk NTQ3NGYwYjQ2NjZhOGZiNjgyNThmZjk3YzdjZGI5OTlhYjk2OGM2MWQ5NTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ztwPzOpkFkTQtt/ko741MwfAX+O 9rJEiTQVBvp9hoyzo1e5TVWdCr0k0LYk8+vQcii7eyXkE37hpkw53eBpByy/14xJ lFSVNOs+1RyENa5+/gdrnoKx1nDOyhDZd5/6pMAygMyDdZVyODu9Y6oaIcFnUpDc qqDLNxvpeIRNefE4J+Lg+Ue6h9AcbZUD45hDWGo+gB6DPCOrnd7z4XFCk4lPjNN+ Qxyt58XLVjUhhYp6p+rbiSpYugbNvj83w2CewnMTys8nJb64AOiYdNtgEy62odsf fFzB8mhwHAzCCm/FITZ4bf1Ydh+vKZ3NB0D4M22C+wSd6T05MEKzWdYsoQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBGLPPeoL3+EFUt0JSCQzMaemIZ4MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBAFza7hbtM25jmVwWj6lC vnRgDZ3MQtnv4AJi0zPGFXYX5FmGjVu4CVBEi0STBkxqCow9zZiZt9+4GYWEPa4K P13YBpJoubqN42XfHWkJfXtGs/9uH28z+OClvNTHpx83YlGZIPFFH5HI/AaeUtg7 0FZOZyJN1xZKvlzOGsWCIJqf67epPd8ChbYDNL1C3Z7eyMiy/x/x0+02B60tXcqb Kb3Buu4HeXyd7glzHFk+YNBqII5lUQzb6+zSQDRWDTuD7mIs0I+b6AfWjLFdwyxD o0epOI3NZXDQSn6ZxO/4IskjoNa+iKjBeKApsvvgjkmqC+moY/cged4eSCXj8Opl z+4= -----END CERTIFICATE-----Generated at Tue Oct 21 01:36:21 2025 by rpki-client