$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa File: a3080b31-8684-4ce8-b4e6-33db63d13627.roa (raw, json) Hash identifier: qPew9fFY9YzuPgKZovuGG6x3dIN6JM6Xe1ACyyKavPY= Subject key identifier: C7:B6:8E:7B:13:D8:AD:6A:18:5F:8B:33:37:A6:A4:62:46:B0:C4:98 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3FCABFCD8CF3E122F145A31DCF7B141C08318CE1 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa Signing time: Sat 18 Oct 2025 00:00:24 +0000 ROA not before: Sat 18 Oct 2025 00:00:24 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8060::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:ca:bf:cd:8c:f3:e1:22:f1:45:a3:1d:cf:7b:14:1c:08:31:8c:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:24 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=c1acb4772235ac259587892d635eb5bc4b1bdc81110598d0b19267322cdbc318, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:62:8f:c8:94:82:7d:70:c0:2f:d8:5f:28:bf: 6b:d2:fe:6f:92:cb:bf:68:89:7a:2a:36:9a:d4:68: a5:a5:a2:3d:34:72:4e:a6:6f:24:74:83:4b:17:0c: c9:7d:c5:68:32:91:7d:c4:8b:84:f5:fb:02:6f:33: 8b:28:28:24:75:a5:8d:ab:68:04:0e:2a:e1:3d:53: 4c:8a:31:61:5e:69:48:42:98:23:21:7b:52:15:af: a1:c8:e9:5f:8f:0a:d0:ac:1c:f7:8d:6e:93:c4:d8: 00:53:24:d2:9e:f4:4c:e5:d2:ab:d9:69:52:2a:d1: b0:b8:f7:54:97:0f:d3:b2:b5:b1:38:47:2f:f0:6f: cc:71:4b:bf:bd:8f:47:b2:f0:26:ce:68:05:13:ed: 7f:27:ac:88:7b:6d:ba:fa:c6:69:68:bf:0c:88:cc: e8:cf:b0:23:b8:f8:92:f6:75:9e:fa:01:a9:47:ce: 87:f6:ed:24:37:5e:7c:b3:15:f9:23:7d:07:de:6d: 0b:c9:70:91:c7:c4:17:db:4d:9e:2c:de:fb:1b:e4: 85:d5:1d:03:4d:17:df:26:74:9c:b9:09:0b:33:1d: 8b:4f:49:b9:a5:a1:dd:01:f1:ab:3c:0a:b7:79:b4: 07:d9:17:9d:a7:ac:fa:ae:cd:24:08:51:cd:29:ff: c3:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:B6:8E:7B:13:D8:AD:6A:18:5F:8B:33:37:A6:A4:62:46:B0:C4:98 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8060::/32 Signature Algorithm: sha256WithRSAEncryption 0f:20:7e:47:ff:d0:64:9e:26:f6:8a:9f:13:e6:c8:86:f3:ee: db:49:0e:f4:5b:b0:93:6f:c2:f7:6f:2c:a1:42:46:01:ac:79: aa:3a:7b:f6:83:31:2f:a7:c4:ed:4e:c4:b4:67:ac:38:25:48: 60:f1:d9:80:3f:bb:17:e5:2a:63:96:32:84:ec:a3:10:7e:97: ac:be:a9:b9:9e:a7:04:49:04:88:fe:20:0c:db:dc:ad:cb:62: 78:0d:d2:0c:fd:ce:69:c0:76:ba:3b:27:cb:7e:22:34:44:df: 7b:b5:d7:90:e6:dd:37:b2:8f:10:1f:aa:88:d9:a4:9a:12:5d: 38:9b:e7:cc:a5:22:28:15:b0:88:0d:da:ba:a4:36:64:4c:b7: 9c:67:05:58:d4:0f:a3:21:fa:03:57:40:8c:7a:66:dd:8c:6d: 9b:65:70:6c:64:5b:e8:16:89:26:29:6e:67:0a:02:e7:fe:91: d7:cd:1b:a5:cf:c4:a8:0c:70:ac:a5:f9:76:d2:9c:29:5e:2d: 4f:d8:f0:00:cf:c7:21:ae:eb:aa:e6:22:db:fc:60:f5:28:9e: 3b:26:14:aa:dd:4a:2d:9f:fe:d9:90:5d:9d:f5:64:40:60:5a: 08:1d:44:a6:24:8f:d3:8e:3e:a9:d4:93:9f:ec:e7:45:f5:1c: 29:60:6d:79 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUP8q/zYzz4SLxRaMdz3sUHAgxjOEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyNFoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAYzFhY2I0NzcyMjM1YWMyNTk1ODc4 OTJkNjM1ZWI1YmM0YjFiZGM4MTExMDU5OGQwYjE5MjY3MzIyY2RiYzMxODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWKPyJSCfXDAL9hfKL9r0v5vksu/ aIl6Kjaa1GilpaI9NHJOpm8kdINLFwzJfcVoMpF9xIuE9fsCbzOLKCgkdaWNq2gE DirhPVNMijFhXmlIQpgjIXtSFa+hyOlfjwrQrBz3jW6TxNgAUyTSnvRM5dKr2WlS KtGwuPdUlw/TsrWxOEcv8G/McUu/vY9HsvAmzmgFE+1/J6yIe226+sZpaL8MiMzo z7AjuPiS9nWe+gGpR86H9u0kN158sxX5I30H3m0LyXCRx8QX202eLN77G+SF1R0D TRffJnScuQkLMx2LT0m5paHdAfGrPAq3ebQH2Redp6z6rs0kCFHNKf/DcwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFMe2jnsT2K1qGF+LMzempGJGsMSYMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzMDgwYjMxLTg2ODQtNGNlOC1iNGU2LTMzZGI2M2QxMzYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+AYDANBgkqhkiG9w0BAQsFAAOCAQEADyB+R//QZJ4m9oqfE+bI hvPu20kO9Fuwk2/C928soUJGAax5qjp79oMxL6fE7U7EtGesOCVIYPHZgD+7F+Uq Y5YyhOyjEH6XrL6puZ6nBEkEiP4gDNvcrctieA3SDP3OacB2ujsny34iNETfe7XX kObdN7KPEB+qiNmkmhJdOJvnzKUiKBWwiA3auqQ2ZEy3nGcFWNQPoyH6A1dAjHpm 3Yxtm2VwbGRb6BaJJiluZwoC5/6R180bpc/EqAxwrKX5dtKcKV4tT9jwAM/HIa7r quYi2/xg9SieOyYUqt1KLZ/+2ZBdnfVkQGBaCB1EpiSP044+qdSTn+znRfUcKWBt eQ== -----END CERTIFICATE-----Generated at Mon Oct 20 18:02:44 2025 by rpki-client