$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa File: 977f90e2-d257-4dde-9740-b0391458d8ed.roa (raw, json) Hash identifier: hf/Wpcdptr7OwmTZp1ljs2WpX4JTiR+MgBEqeRfyUds= Subject key identifier: 90:92:A1:4A:42:B4:08:89:1A:43:F2:FF:54:3F:0E:E2:C3:52:0E:5E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 434BD06BF66FC791A7CB9BA3713A42B9D4ED345D Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa Signing time: Fri 17 Oct 2025 00:10:02 +0000 ROA not before: Fri 17 Oct 2025 00:10:02 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000::/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:4b:d0:6b:f6:6f:c7:91:a7:cb:9b:a3:71:3a:42:b9:d4:ed:34:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 17 00:10:02 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=e5c974ac122dd49b1ea49ae94d8885f6a14a18830d732d77ab2074c3dc8d2e04, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fc:37:63:10:2b:05:eb:93:e1:fc:bd:30:02:e4: 18:b5:aa:72:aa:6b:67:1e:bd:ec:b2:4f:86:5f:e2: 1a:e6:b8:b5:ef:f5:0b:b2:0e:3c:ce:03:08:04:ab: 51:3f:e9:d7:06:b4:49:ef:43:d5:d3:df:3f:fc:00: 66:6a:22:6d:d5:cf:c0:39:74:fc:56:c4:69:a4:80: c0:54:04:42:49:3c:f6:9c:6f:48:d0:70:2e:6b:aa: b4:1e:0f:43:64:80:7d:d4:39:4d:09:84:83:9e:11: b5:b4:27:0d:1d:bb:22:e2:1c:e5:02:86:a9:88:f4: d6:ae:5e:ce:29:29:76:2d:fe:ed:97:36:81:ed:46: 67:47:f3:89:d3:e2:3d:02:3a:2c:b9:07:fe:5c:8e: 8a:9c:a3:cd:4d:ca:fa:0d:e6:c7:ff:13:fb:b0:15: b7:05:b8:1e:91:49:68:3d:35:b8:77:70:7d:70:43: fb:53:1a:a1:da:9b:ef:e8:9a:b3:91:a4:c7:b6:23: a1:27:fc:f3:ce:21:20:0e:d7:5f:7b:7c:aa:c6:8f: bb:0a:58:be:e0:3b:74:20:1b:44:58:36:f6:d4:0f: f5:01:77:37:c5:91:77:90:d6:b2:bd:95:a3:7e:3f: d9:a6:dd:26:5b:8b:a5:10:c0:bb:8f:32:b3:9e:c4: 11:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:92:A1:4A:42:B4:08:89:1A:43:F2:FF:54:3F:0E:E2:C3:52:0E:5E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000::/24 Signature Algorithm: sha256WithRSAEncryption 6d:ef:04:7b:c6:fd:4a:de:32:99:a4:1f:b5:39:fd:92:33:13: 6a:34:e3:0a:98:21:a7:5a:84:10:d8:f7:8c:5d:38:7b:7b:9e: aa:fd:b2:f1:a8:ac:8d:f9:13:53:36:d0:8f:ae:8d:84:4b:5e: 2d:70:9a:0e:1f:86:46:b6:98:d6:79:f5:32:ae:1d:b9:bd:aa: b5:c3:62:b9:5f:1c:b7:5b:88:f5:61:46:f1:0f:a9:55:a0:32: 03:c8:60:22:b5:fc:ce:9b:ce:a2:c1:91:65:d5:a3:ef:e2:69: 17:6f:d1:55:72:d2:76:e4:5b:ac:0b:71:e7:f0:47:b1:a4:3a: ab:25:60:95:34:47:01:25:9a:cc:94:a8:80:ef:64:db:4d:b5: d5:b8:32:68:e5:5e:36:82:25:52:af:ca:bf:05:de:22:4a:f8: 96:10:85:85:02:13:8a:73:ea:7a:77:3c:fc:6d:1f:e4:8b:99: 50:92:63:fa:dc:af:d9:ec:a9:29:1e:37:04:d1:55:e3:3c:b6: b1:78:2a:d5:91:9e:f8:05:cf:78:10:f2:9c:7b:75:76:09:a1: a4:c7:aa:7c:a8:40:cb:9c:c1:7c:a9:f6:05:0c:9d:93:77:9e: 13:e6:9c:42:a9:db:f6:7b:ad:d3:04:01:10:fe:61:ea:bf:9a: 75:ed:f4:5a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQ0vQa/Zvx5Gny5ujcTpCudTtNF0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxNzAwMTAwMloX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAZTVjOTc0YWMxMjJkZDQ5YjFlYTQ5 YWU5NGQ4ODg1ZjZhMTRhMTg4MzBkNzMyZDc3YWIyMDc0YzNkYzhkMmUwNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/DdjECsF65Ph/L0wAuQYtapyqmtn Hr3ssk+GX+Ia5ri17/ULsg48zgMIBKtRP+nXBrRJ70PV098//ABmaiJt1c/AOXT8 VsRppIDAVARCSTz2nG9I0HAua6q0Hg9DZIB91DlNCYSDnhG1tCcNHbsi4hzlAoap iPTWrl7OKSl2Lf7tlzaB7UZnR/OJ0+I9AjosuQf+XI6KnKPNTcr6DebH/xP7sBW3 BbgekUloPTW4d3B9cEP7Uxqh2pvv6JqzkaTHtiOhJ/zzziEgDtdfe3yqxo+7Cli+ 4Dt0IBtEWDb21A/1AXc3xZF3kNayvZWjfj/Zpt0mW4ulEMC7jzKznsQRuQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJCSoUpCtAiJGkPy/1Q/DuLDUg5eMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 Lzk3N2Y5MGUyLWQyNTctNGRkZS05NzQwLWIwMzkxNDU4ZDhlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAAjAGAwQAJA+AMA0GCSqGSIb3DQEBCwUAA4IBAQBt7wR7xv1K3jKZpB+1Of2S MxNqNOMKmCGnWoQQ2PeMXTh7e56q/bLxqKyN+RNTNtCPro2ES14tcJoOH4ZGtpjW efUyrh25vaq1w2K5Xxy3W4j1YUbxD6lVoDIDyGAitfzOm86iwZFl1aPv4mkXb9FV ctJ25FusC3Hn8EexpDqrJWCVNEcBJZrMlKiA72TbTbXVuDJo5V42giVSr8q/Bd4i SviWEIWFAhOKc+p6dzz8bR/ki5lQkmP63K/Z7KkpHjcE0VXjPLaxeCrVkZ74Bc94 EPKce3V2CaGkx6p8qEDLnMF8qfYFDJ2Td54T5pxCqdv2e63TBAEQ/mHqv5p17fRa -----END CERTIFICATE-----Generated at Tue Oct 21 01:36:32 2025 by rpki-client