$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json) Hash identifier: 5jNdDrRPSs2bFQNZLjj65NCbiE/XngL7DL0U8c+6LV4= Subject key identifier: 49:16:EC:89:23:1B:13:53:CD:67:35:E0:E9:00:5B:9A:B7:42:BC:A2 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5CB275B2C8369EE96B87C02D37CA8F585FF1DA22 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa Signing time: Fri 17 Oct 2025 00:10:04 +0000 ROA not before: Fri 17 Oct 2025 00:10:04 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:b2:75:b2:c8:36:9e:e9:6b:87:c0:2d:37:ca:8f:58:5f:f1:da:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 17 00:10:04 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=125d66719070df96d32f5e0c2296c397f3ddbd7b01219fcabaaf989a95eca0ab, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:62:3c:0e:fc:d3:0f:d6:6c:48:7e:d4:06:0b: ad:7f:b8:06:ed:bc:f0:b2:9f:fd:89:95:39:9e:09: d8:8a:4d:e7:f3:c7:0a:17:6d:f1:15:8a:55:53:9d: 8f:16:85:fb:81:a9:e8:1d:77:c3:be:22:83:56:30: f7:cd:99:89:be:13:37:0b:f7:b1:12:d9:98:8b:bf: 7e:7e:b0:66:45:5b:87:40:45:76:7c:24:cb:4e:ed: d3:dc:e1:3e:0e:ce:93:f5:f5:fe:19:f0:0c:4c:21: 12:a7:03:a1:50:bf:eb:c9:3b:13:38:bb:af:24:c5: 3e:7c:1d:5f:de:9c:c9:82:71:ac:a5:c9:d7:78:90: b5:6e:ca:1c:4c:ef:91:6b:ac:8b:e4:b4:d3:21:45: da:77:50:df:97:b2:14:34:46:54:34:6a:5f:54:97: 42:b3:a8:11:b2:de:04:cc:c4:18:4e:8e:6b:60:c4: 20:c8:35:0a:89:6c:6f:87:8c:9e:47:81:77:ed:ab: b0:09:fb:4a:f4:65:72:ee:48:a9:a9:75:a8:1d:6a: d6:e0:8e:b9:5e:26:6e:86:be:22:c2:12:44:89:7a: dd:de:97:56:04:87:63:36:c6:4d:a0:47:88:79:b7: ad:a2:fa:0c:f3:88:10:1f:61:b0:f7:b2:01:3a:bc: 90:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:16:EC:89:23:1B:13:53:CD:67:35:E0:E9:00:5B:9A:B7:42:BC:A2 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fe:4000::/40 Signature Algorithm: sha256WithRSAEncryption 5b:9f:ac:81:65:9b:ac:c7:4f:34:de:f4:3d:6c:f2:cf:fc:a9: b8:81:fa:72:2d:00:85:46:bd:bd:5a:67:56:16:f7:e6:80:e0: 52:2b:f5:8b:0b:5c:c9:c6:fe:f7:b4:0e:29:52:d8:c4:5b:90: 58:f9:6a:48:24:5f:d0:cd:d0:b6:d9:7c:e8:d9:45:15:df:b2: 51:49:0d:5b:de:18:55:3a:7b:79:d7:5e:36:31:67:19:e7:fd: c5:6f:0f:1e:1e:96:f5:a4:1a:3f:30:67:a6:2a:b5:33:b9:02: e6:35:bd:ff:fd:cf:59:63:4e:69:69:12:e9:8a:52:6e:df:d5: 07:10:6f:97:90:2b:d0:16:13:af:cb:cd:da:9a:bf:ec:50:2a: 54:ad:c6:99:ee:98:98:b9:9e:49:ff:e8:38:39:d6:0d:15:bc: 86:5c:4d:dc:ef:3d:c5:ce:e7:b9:57:88:1d:af:80:4b:b4:a2: a1:2d:4b:d5:74:7a:ad:7a:6f:e9:b8:cc:0b:99:bb:30:c0:fa: 35:e0:a3:9e:52:6c:a3:6f:dc:ed:7a:06:71:1f:fe:7f:a7:9f: 5e:17:9d:51:86:68:02:f0:8b:7e:f1:11:f7:fa:90:e6:8c:47: c5:0d:a4:ce:6e:2a:28:73:65:f4:3f:b5:05:74:74:6a:a4:49: 67:dc:80:67 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXLJ1ssg2nulrh8AtN8qPWF/x2iIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxNzAwMTAwNFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAMTI1ZDY2NzE5MDcwZGY5NmQzMmY1 ZTBjMjI5NmMzOTdmM2RkYmQ3YjAxMjE5ZmNhYmFhZjk4OWE5NWVjYTBhYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2I8DvzTD9ZsSH7UBgutf7gG7bzw sp/9iZU5ngnYik3n88cKF23xFYpVU52PFoX7ganoHXfDviKDVjD3zZmJvhM3C/ex EtmYi79+frBmRVuHQEV2fCTLTu3T3OE+Ds6T9fX+GfAMTCESpwOhUL/ryTsTOLuv JMU+fB1f3pzJgnGspcnXeJC1bsocTO+Ra6yL5LTTIUXad1Dfl7IUNEZUNGpfVJdC s6gRst4EzMQYTo5rYMQgyDUKiWxvh4yeR4F37auwCftK9GVy7kipqXWoHWrW4I65 XiZuhr4iwhJEiXrd3pdWBIdjNsZNoEeIebetovoM84gQH2Gw97IBOryQBwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEkW7IkjGxNTzWc14OkAW5q3QryiMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBAFufrIFlm6zHTzTe9D1s 8s/8qbiB+nItAIVGvb1aZ1YW9+aA4FIr9YsLXMnG/ve0DilS2MRbkFj5akgkX9DN 0LbZfOjZRRXfslFJDVveGFU6e3nXXjYxZxnn/cVvDx4elvWkGj8wZ6YqtTO5AuY1 vf/9z1ljTmlpEumKUm7f1QcQb5eQK9AWE6/Lzdqav+xQKlStxpnumJi5nkn/6Dg5 1g0VvIZcTdzvPcXO57lXiB2vgEu0oqEtS9V0eq16b+m4zAuZuzDA+jXgo55SbKNv 3O16BnEf/n+nn14XnVGGaALwi37xEff6kOaMR8UNpM5uKihzZfQ/tQV0dGqkSWfc gGc= -----END CERTIFICATE-----Generated at Mon Oct 20 18:00:02 2025 by rpki-client