$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: 9cD6taXOQy5/z3MWUrrdIvKij6YdGr+uJJwIsUUQu8U= Subject key identifier: 73:70:7B:61:31:F9:CF:FB:C6:07:13:35:95:F9:C5:DB:20:C4:BF:D5 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3D7643292D0AF52FCF6DCCB26A82B64C28D954A6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Sat 18 Oct 2025 00:00:34 +0000 ROA not before: Sat 18 Oct 2025 00:00:34 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:76:43:29:2d:0a:f5:2f:cf:6d:cc:b2:6a:82:b6:4c:28:d9:54:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:34 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=c72b790b0f23e0efc6240b030957600912b42676a53e2cd35aaab1bb18855681, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:1b:41:df:94:d1:eb:1c:f4:04:52:03:1c:65: b3:3d:1e:c9:40:f5:6a:81:5e:26:e6:94:90:0c:02: ce:2f:a0:cd:6c:ea:c5:a9:52:35:4d:fd:db:56:3d: 4e:fe:fa:1f:52:12:7d:7f:d3:60:80:cc:87:d3:30: f5:7a:6b:6e:b3:10:1e:3d:35:8c:1a:31:8d:7d:8a: 42:3e:37:10:48:8f:0b:e2:cd:33:39:1f:69:fa:35: 57:44:b2:97:b1:44:d9:eb:e9:70:bd:84:43:b0:cd: 50:17:ea:01:79:ea:c2:0c:d3:7d:ef:33:90:7e:c2: cf:67:07:5e:cb:c8:4c:0d:a0:64:4c:31:97:e5:3e: 45:cd:4c:66:dd:fa:8c:de:c1:aa:e8:89:1f:e2:89: 4c:c3:09:72:b0:98:80:72:4d:58:f3:1f:66:5e:f4: 10:53:b3:8b:b0:d4:fe:bb:c5:7e:39:db:c7:bf:8a: a8:e9:ad:41:01:2f:67:fd:08:3e:2b:cd:13:85:a7: d2:91:ab:9e:a4:5b:5e:15:80:e6:e5:14:aa:8d:cc: 6a:9a:eb:b1:91:08:db:b8:2f:2c:e8:90:28:63:8e: b2:e6:2b:bd:15:ba:c7:35:f5:f2:83:6b:5d:84:49: 43:e7:cc:53:f6:29:32:83:90:ee:6b:a4:14:35:a8: fd:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:70:7B:61:31:F9:CF:FB:C6:07:13:35:95:F9:C5:DB:20:C4:BF:D5 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 58:8d:f5:f3:96:c4:b8:e1:70:77:46:ec:8a:01:92:f8:50:d1: 23:cb:a3:75:99:fb:e8:8c:5b:a8:b5:af:71:e7:44:4e:1a:fa: c8:68:25:01:2d:4a:1a:12:b7:92:65:d2:64:c8:d7:0a:e6:30: 38:e3:1f:41:6c:18:e9:f3:98:9a:e0:eb:c8:bb:aa:98:94:b2: 76:e2:e6:f3:55:e8:b7:ec:5a:50:51:59:96:c4:96:d5:73:c2: 95:cc:7c:f3:ae:80:53:60:e8:34:4e:89:54:2b:21:4f:95:79: 6f:4c:f3:a7:37:a4:de:cd:1a:3b:63:76:d7:12:3a:ef:35:a1: 5a:7e:00:75:cb:44:cd:d2:a2:32:9b:04:ed:5f:89:f0:25:7d: 15:dc:7d:b5:c0:b1:8d:89:94:7d:1d:ab:d9:b2:d3:fd:0d:f1: c8:07:54:7d:c9:d9:a9:f8:d2:14:4a:f5:c1:c7:a9:74:7f:d9: 29:62:f8:d7:0b:43:4b:20:12:59:b3:c9:f1:1f:1d:e6:f7:fa: 1b:4f:b5:25:68:d7:fd:89:6d:29:5f:89:22:92:fa:d7:dc:31: 03:b3:62:93:6f:ee:9e:84:d3:cd:58:44:5a:73:07:72:c3:66: 19:20:dd:df:ae:ef:52:c3:6c:0d:07:dc:54:7a:83:8c:7d:5b: 18:e2:ca:17 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPXZDKS0K9S/PbcyyaoK2TCjZVKYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAzNFoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAYzcyYjc5MGIwZjIzZTBlZmM2MjQw YjAzMDk1NzYwMDkxMmI0MjY3NmE1M2UyY2QzNWFhYWIxYmIxODg1NTY4MTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRtB35TR6xz0BFIDHGWzPR7JQPVq gV4m5pSQDALOL6DNbOrFqVI1Tf3bVj1O/vofUhJ9f9NggMyH0zD1emtusxAePTWM GjGNfYpCPjcQSI8L4s0zOR9p+jVXRLKXsUTZ6+lwvYRDsM1QF+oBeerCDNN97zOQ fsLPZwdey8hMDaBkTDGX5T5FzUxm3fqM3sGq6Ikf4olMwwlysJiAck1Y8x9mXvQQ U7OLsNT+u8V+OdvHv4qo6a1BAS9n/Qg+K80ThafSkauepFteFYDm5RSqjcxqmuux kQjbuC8s6JAoY46y5iu9FbrHNfXyg2tdhElD58xT9ikyg5Dua6QUNaj9FQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHNwe2Ex+c/7xgcTNZX5xdsgxL/VMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAFiN9fOWxLjhcHdG7IoB kvhQ0SPLo3WZ++iMW6i1r3HnRE4a+shoJQEtShoSt5Jl0mTI1wrmMDjjH0FsGOnz mJrg68i7qpiUsnbi5vNV6LfsWlBRWZbEltVzwpXMfPOugFNg6DROiVQrIU+VeW9M 86c3pN7NGjtjdtcSOu81oVp+AHXLRM3SojKbBO1fifAlfRXcfbXAsY2JlH0dq9my 0/0N8cgHVH3J2an40hRK9cHHqXR/2Sli+NcLQ0sgElmzyfEfHeb3+htPtSVo1/2J bSlfiSKS+tfcMQOzYpNv7p6E081YRFpzB3LDZhkg3d+u71LDbA0H3FR6g4x9Wxji yhc= -----END CERTIFICATE-----Generated at Mon Oct 20 12:51:49 2025 by rpki-client