$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: QdKl5UjzjMJ3V5uvGX8Aocw0N3jSpKNvJuGZby5gijs= Subject key identifier: 16:D9:D4:C2:98:B0:A1:64:E1:59:23:3F:EB:B6:D5:B5:A9:3D:AE:E8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 431E481D10B9B2D783C5B239BBFBA7DD2992340F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Sat 18 Oct 2025 00:00:19 +0000 ROA not before: Sat 18 Oct 2025 00:00:19 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:1e:48:1d:10:b9:b2:d7:83:c5:b2:39:bb:fb:a7:dd:29:92:34:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:19 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=38df27626dd613bf3eb19191ae03715ebda98e19c2f4e6706bda8f815a237932, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:e6:b7:e5:53:93:71:51:68:e0:b3:d0:84:b9: 41:e4:f5:5b:7d:b9:71:62:db:ec:17:98:1f:02:19: 97:13:e8:67:d8:35:62:2d:0a:9e:c7:1a:17:4e:eb: 5b:0a:8e:7f:ed:18:8f:4b:b3:fd:a5:77:b7:df:2f: 03:38:e1:fd:c5:b7:61:10:cb:f0:d7:b5:7e:03:ab: 40:34:36:6d:43:1e:05:bd:00:c4:85:d8:18:b5:6d: 34:58:bb:c3:76:e2:ca:28:57:79:bd:4b:30:3d:6a: d8:10:04:53:5a:61:c6:3b:e9:2c:06:68:6e:a2:6e: c9:5d:8f:c9:ce:f9:ca:31:fd:11:09:cd:ca:c8:09: c6:86:b1:61:5f:d7:41:2a:3e:5e:6a:d0:ad:21:7c: 87:3e:a4:a6:c2:a1:f9:1b:07:7f:c0:9a:82:4c:24: 0b:b7:9a:c3:e9:87:35:b3:fc:ae:44:3e:93:31:22: ba:9a:c9:5f:1e:7f:f3:da:b4:80:e7:9e:26:9e:6a: 1e:23:24:b4:f9:19:44:84:98:b6:7e:81:50:de:34: e3:47:20:52:eb:be:2e:82:66:c1:4b:3d:4b:79:97: 28:18:52:47:3d:5f:e2:91:65:1d:b3:89:f1:38:ba: 81:39:ff:3d:32:ec:e4:4d:63:dc:b3:40:f9:63:7b: 71:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:D9:D4:C2:98:B0:A1:64:E1:59:23:3F:EB:B6:D5:B5:A9:3D:AE:E8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption 76:33:72:c8:0e:09:71:c3:fb:e6:da:29:15:5e:91:1f:2b:10: 8f:49:a1:14:b7:5d:72:9d:9a:ab:d1:f7:d2:57:ea:85:1f:74: 3e:35:75:00:b4:c7:f6:40:ab:17:80:0c:5d:e3:8e:59:c6:b9: cd:22:79:85:7e:fe:a9:d7:3a:f3:c2:17:7c:a5:1d:48:41:79: 64:b8:24:95:d0:14:85:cb:4d:fd:c6:84:62:0b:a8:7d:b6:7d: b3:5f:dd:d4:7a:de:cb:c2:0c:b3:ec:9b:68:8c:5d:52:75:2e: 9d:43:0d:41:e8:0a:be:78:c8:71:af:5e:bd:46:e3:8f:8a:fe: e5:a6:63:91:0a:5b:ac:57:97:60:81:55:94:28:7f:da:33:4f: 6b:09:d8:3f:e4:b4:d2:0d:d0:9b:38:bf:67:c2:bf:86:f7:84: 7a:52:b2:17:82:82:da:a8:af:36:43:9f:88:a2:6a:2c:34:f3: ae:06:44:99:2a:94:56:8b:73:0f:b6:b3:a4:7b:4e:a5:8f:5c: 77:a2:a2:62:0b:ca:8a:59:1a:33:7b:cb:20:8b:36:31:77:29: c4:86:0f:1f:30:04:76:92:c9:e1:27:12:9e:45:09:1a:eb:fc: 4a:b2:8c:e9:74:a9:64:eb:6f:54:62:0d:e0:9c:89:b5:09:8f: ef:86:d5:9e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQx5IHRC5steDxbI5u/un3SmSNA8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAxOVoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAMzhkZjI3NjI2ZGQ2MTNiZjNlYjE5 MTkxYWUwMzcxNWViZGE5OGUxOWMyZjRlNjcwNmJkYThmODE1YTIzNzkzMjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+a35VOTcVFo4LPQhLlB5PVbfblx YtvsF5gfAhmXE+hn2DViLQqexxoXTutbCo5/7RiPS7P9pXe33y8DOOH9xbdhEMvw 17V+A6tANDZtQx4FvQDEhdgYtW00WLvDduLKKFd5vUswPWrYEARTWmHGO+ksBmhu om7JXY/JzvnKMf0RCc3KyAnGhrFhX9dBKj5eatCtIXyHPqSmwqH5Gwd/wJqCTCQL t5rD6Yc1s/yuRD6TMSK6mslfHn/z2rSA554mnmoeIyS0+RlEhJi2foFQ3jTjRyBS 674ugmbBSz1LeZcoGFJHPV/ikWUds4nxOLqBOf89MuzkTWPcs0D5Y3txIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBbZ1MKYsKFk4VkjP+u21bWpPa7oMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBAHYzcsgOCXHD++baKRVe kR8rEI9JoRS3XXKdmqvR99JX6oUfdD41dQC0x/ZAqxeADF3jjlnGuc0ieYV+/qnX OvPCF3ylHUhBeWS4JJXQFIXLTf3GhGILqH22fbNf3dR63svCDLPsm2iMXVJ1Lp1D DUHoCr54yHGvXr1G44+K/uWmY5EKW6xXl2CBVZQof9ozT2sJ2D/ktNIN0Js4v2fC v4b3hHpSsheCgtqorzZDn4iiaiw0864GRJkqlFaLcw+2s6R7TqWPXHeiomILyopZ GjN7yyCLNjF3KcSGDx8wBHaSyeEnEp5FCRrr/EqyjOl0qWTrb1RiDeCcibUJj++G 1Z4= -----END CERTIFICATE-----Generated at Mon Oct 20 18:08:32 2025 by rpki-client