$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa File: 8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa (raw, json) Hash identifier: MxPEY4gARKxwwLmRV8bEgR/T1pgf+LBVTddum2cd/Pc= Subject key identifier: 8D:ED:51:EA:BF:64:D7:7B:F9:F7:59:D8:D6:47:CD:51:B7:69:F5:CA Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3141B7030BB3B8FE96F2D8680C1FDDCE89E92DEC Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa Signing time: Sat 18 Oct 2025 00:00:20 +0000 ROA not before: Sat 18 Oct 2025 00:00:20 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:41:b7:03:0b:b3:b8:fe:96:f2:d8:68:0c:1f:dd:ce:89:e9:2d:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:20 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=42f83b43eb118c38473bc1b1a45f1815efa0cffc43f4315d99aa7e88b238355d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c2:6a:dd:e6:98:64:70:46:b0:a0:36:4b:36: f9:4d:39:60:82:c9:38:df:f1:49:ec:a7:ad:c8:c8: fb:9e:58:c4:4a:42:e1:96:32:ca:3b:a1:4b:5d:3d: 09:18:43:da:06:25:e7:c4:40:50:24:fd:69:f0:79: 34:0c:4a:0f:8e:cf:9d:4b:91:b2:6c:05:34:64:0a: 8d:63:c7:78:4f:e0:16:24:76:39:a1:a7:3e:91:0c: dc:21:a8:fb:57:45:99:86:28:8f:3d:16:57:49:8a: 47:57:9d:c0:e4:e4:0b:b1:cd:ec:e3:59:de:1a:dd: 7b:f5:6b:46:e5:77:c7:93:00:c0:45:df:04:90:94: 24:d8:9d:d7:f5:66:4e:02:28:bc:55:52:4c:af:16: ba:27:0d:bc:be:64:f0:db:00:da:2f:fe:91:07:99: 30:d0:f1:dd:eb:da:8a:e9:c1:02:f4:ed:f1:dd:51: 4e:63:20:f9:3e:73:c9:ba:9a:2e:03:e3:21:7c:10: e0:1c:3a:fc:a2:c3:1c:f0:01:03:3d:e7:52:39:4e: d3:5f:76:af:a5:21:22:a6:ba:95:d0:90:cc:c5:5f: ef:aa:44:65:67:64:a7:fe:27:43:d7:b5:ba:82:d3: 02:b7:5b:95:3d:c6:a2:ae:1e:c2:12:36:17:50:c9: 48:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:ED:51:EA:BF:64:D7:7B:F9:F7:59:D8:D6:47:CD:51:B7:69:F5:CA X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:400::/38 Signature Algorithm: sha256WithRSAEncryption b0:46:86:67:e6:32:30:a5:6e:e2:e5:1a:dd:99:d5:03:a4:c3: e2:b1:c0:f1:87:fc:fb:58:07:47:5c:8b:df:59:2f:14:2a:f2: d0:69:46:2c:f6:ce:c7:33:87:9f:35:3f:67:6f:2c:b7:5d:12: a8:a4:e8:3e:3d:a5:04:98:2f:2b:c9:cf:29:ad:83:41:cf:1e: b5:fc:1a:94:11:cc:c3:0f:26:c0:b3:75:02:a3:1a:f2:62:5d: 11:08:50:c9:47:18:c2:e0:8b:16:be:ae:a8:45:6d:c1:1b:5d: c2:e8:66:64:13:74:b2:41:93:87:a7:11:ed:dc:bf:95:16:0a: 85:27:54:ea:1f:ff:92:91:bf:e1:a9:2d:34:34:5d:8d:8d:89: ff:dc:6a:e9:32:fc:8f:21:d4:74:2d:6a:a9:f6:c2:dd:75:46: 99:d1:4c:06:55:d3:2e:af:30:42:02:47:e4:9f:a6:0e:82:0a: fe:57:08:4a:27:49:26:00:dd:1f:5f:b2:0d:6a:8a:da:83:d5: 7a:58:5c:44:b4:41:c9:88:5c:a6:e2:c7:25:82:b9:8b:a7:d5: b7:ea:a2:80:8a:e9:09:69:31:a5:d9:bf:46:9a:65:01:ce:9d: e3:e4:0f:d7:91:0f:63:fe:79:6e:07:76:50:21:b0:cc:9a:aa: f5:95:b7:fa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMUG3AwuzuP6W8thoDB/dzonpLewwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyMFoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNANDJmODNiNDNlYjExOGMzODQ3M2Jj MWIxYTQ1ZjE4MTVlZmEwY2ZmYzQzZjQzMTVkOTlhYTdlODhiMjM4MzU1ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcJq3eaYZHBGsKA2Szb5TTlggsk4 3/FJ7KetyMj7nljESkLhljLKO6FLXT0JGEPaBiXnxEBQJP1p8Hk0DEoPjs+dS5Gy bAU0ZAqNY8d4T+AWJHY5oac+kQzcIaj7V0WZhiiPPRZXSYpHV53A5OQLsc3s41ne Gt179WtG5XfHkwDARd8EkJQk2J3X9WZOAii8VVJMrxa6Jw28vmTw2wDaL/6RB5kw 0PHd69qK6cEC9O3x3VFOYyD5PnPJupouA+MhfBDgHDr8osMc8AEDPedSOU7TX3av pSEiprqV0JDMxV/vqkRlZ2Sn/idD17W6gtMCt1uVPcairh7CEjYXUMlIbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI3tUeq/ZNd7+fdZ2NZHzVG3afXKMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzhiZjMxMWU5LWQyN2YtNDZmYS04ZjA1LTJlZDZiMTc2YjViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAQwDQYJKoZIhvcNAQELBQADggEBALBGhmfmMjClbuLlGt2Z 1QOkw+KxwPGH/PtYB0dci99ZLxQq8tBpRiz2zsczh581P2dvLLddEqik6D49pQSY LyvJzymtg0HPHrX8GpQRzMMPJsCzdQKjGvJiXREIUMlHGMLgixa+rqhFbcEbXcLo ZmQTdLJBk4enEe3cv5UWCoUnVOof/5KRv+GpLTQ0XY2Nif/cauky/I8h1HQtaqn2 wt11RpnRTAZV0y6vMEICR+Sfpg6CCv5XCEonSSYA3R9fsg1qitqD1XpYXES0QcmI XKbixyWCuYun1bfqooCK6QlpMaXZv0aaZQHOnePkD9eRD2P+eW4HdlAhsMyaqvWV t/o= -----END CERTIFICATE-----Generated at Mon Oct 20 12:51:46 2025 by rpki-client