$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa File: baa1273d-7883-4b5d-8e1c-23ebac490846.roa (raw, json) Hash identifier: tBHVqBYL21VKzxPEH13wrPhKX1HFySk6cbSSneXOEi8= Subject key identifier: 8A:F5:9B:37:0D:EF:B3:B0:E6:9B:8C:A7:8C:2C:1B:05:9B:FC:81:DE Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7DE91E6C93C5C0EFDF4BAE910C671E039FDCE31B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa Signing time: Sat 18 Oct 2025 00:00:25 +0000 ROA not before: Sat 18 Oct 2025 00:00:25 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:e9:1e:6c:93:c5:c0:ef:df:4b:ae:91:0c:67:1e:03:9f:dc:e3:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:25 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=45e20e2839a979f064defba7e47fb6be9385dfa2e72ebfa70e1dd7e04cd49d67, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5e:fa:2f:be:6b:b2:ad:56:63:5c:47:6f:9b: cf:34:29:4a:91:58:2b:43:d7:5a:96:06:59:e2:7a: 8b:c4:5f:ee:46:e7:f9:b5:f3:18:26:a6:cd:32:0d: eb:5d:86:e5:92:ef:a7:6d:ae:b3:0e:f0:d5:2c:ad: e6:35:25:e1:5a:64:e5:22:2a:6e:4d:8f:7d:67:dc: 98:cc:4d:48:1e:3c:59:cd:17:90:e1:ea:93:5d:d5: 66:dd:a1:16:9a:25:1d:e6:ef:5e:6c:e0:09:bb:42: b0:e3:d3:a1:f6:d6:50:60:ab:a6:7b:d6:b3:1c:e2: 96:7e:ae:da:39:ae:12:4e:ff:3f:fd:bf:82:9e:e2: 8f:a8:01:4b:8e:24:7c:5c:ab:1f:3c:69:75:db:cf: a4:06:0a:11:c6:64:b5:bf:4d:73:26:8b:6c:2a:10: d9:00:ba:2e:14:d8:b3:b8:8e:26:6c:92:f0:8b:eb: 87:99:ef:95:e6:2a:8c:a0:38:f9:f0:64:17:c0:91: 60:9a:ff:d2:8e:96:3c:0f:35:80:62:b6:47:4b:ac: 23:f1:77:95:8f:2f:82:d4:ab:cb:c1:7f:ae:6b:81: 3a:4c:ac:64:fb:28:e1:0d:cb:8c:c4:ac:a7:29:16: 7d:e2:f2:cf:d6:70:03:8b:68:c7:f4:ce:4c:7a:fe: 6d:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:F5:9B:37:0D:EF:B3:B0:E6:9B:8C:A7:8C:2C:1B:05:9B:FC:81:DE X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4040::/48 Signature Algorithm: sha256WithRSAEncryption 93:a5:c3:a1:2b:ed:cc:10:52:71:8a:d0:fd:d0:25:97:79:da: 9d:33:4d:6d:0a:17:2c:c3:ac:37:37:af:a6:70:b4:58:f7:9f: ee:bc:a1:d6:78:c7:a1:87:cc:33:bb:12:21:64:37:74:4d:a8: 71:d6:75:7d:42:f6:4c:e5:df:d4:8d:69:cc:e1:56:06:de:b7: 01:bd:e4:39:d8:e9:e9:26:de:6b:f1:d6:61:b4:09:91:68:d7: fa:a6:5e:59:6a:09:8b:2f:54:35:e5:02:bc:c3:85:83:ee:80: 41:94:b7:b2:ca:57:78:f9:71:22:08:da:06:8a:92:73:ef:bd: 44:36:72:37:75:ba:70:e6:ba:cc:d4:62:97:dc:23:ed:ce:53: 28:77:94:ac:b3:1e:33:84:1c:25:cf:23:1d:ea:6e:59:ee:bd: 39:1c:ee:cc:e7:bc:6b:c3:e8:60:29:19:a9:37:17:22:18:f9: 10:5b:a2:b2:00:5d:8e:af:43:18:d7:33:3f:48:13:b9:4d:ab: 2d:3b:79:b4:d2:8b:e2:5b:e3:a5:b1:95:89:da:62:c1:89:07: 80:0d:f0:ee:60:ff:e3:32:68:51:46:7d:0e:56:77:8a:55:18: 12:5d:2c:1f:56:1a:b3:34:3c:f2:63:70:5a:9d:db:d5:35:c3: 8c:b8:36:72 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfekebJPFwO/fS66RDGceA5/c4xswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyNVoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNANDVlMjBlMjgzOWE5NzlmMDY0ZGVm YmE3ZTQ3ZmI2YmU5Mzg1ZGZhMmU3MmViZmE3MGUxZGQ3ZTA0Y2Q0OWQ2NzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw176L75rsq1WY1xHb5vPNClKkVgr Q9dalgZZ4nqLxF/uRuf5tfMYJqbNMg3rXYblku+nba6zDvDVLK3mNSXhWmTlIipu TY99Z9yYzE1IHjxZzReQ4eqTXdVm3aEWmiUd5u9ebOAJu0Kw49Oh9tZQYKume9az HOKWfq7aOa4STv8//b+CnuKPqAFLjiR8XKsfPGl128+kBgoRxmS1v01zJotsKhDZ ALouFNizuI4mbJLwi+uHme+V5iqMoDj58GQXwJFgmv/SjpY8DzWAYrZHS6wj8XeV jy+C1KvLwX+ua4E6TKxk+yjhDcuMxKynKRZ94vLP1nADi2jH9M5Mev5tTQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIr1mzcN77Ow5puMp4wsGwWb/IHeMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2JhYTEyNzNkLTc4ODMtNGI1ZC04ZTFjLTIzZWJhYzQ5MDg0Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0BAMA0GCSqGSIb3DQEBCwUAA4IBAQCTpcOhK+3MEFJxitD9 0CWXedqdM01tChcsw6w3N6+mcLRY95/uvKHWeMehh8wzuxIhZDd0Tahx1nV9QvZM 5d/UjWnM4VYG3rcBveQ52OnpJt5r8dZhtAmRaNf6pl5ZagmLL1Q15QK8w4WD7oBB lLeyyld4+XEiCNoGipJz771ENnI3dbpw5rrM1GKX3CPtzlMod5Sssx4zhBwlzyMd 6m5Z7r05HO7M57xrw+hgKRmpNxciGPkQW6KyAF2Or0MY1zM/SBO5TastO3m00ovi W+OlsZWJ2mLBiQeADfDuYP/jMmhRRn0OVneKVRgSXSwfVhqzNDzyY3BandvVNcOM uDZy -----END CERTIFICATE-----Generated at Mon Oct 20 18:08:16 2025 by rpki-client