$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json) Hash identifier: YK0IzYp6fzO/6WRGrCkIB35ybLCp1lYodDkcBZkD1Zk= Subject key identifier: 0D:E2:CA:E8:0E:1B:3B:8F:CF:FF:B8:91:11:A7:23:CE:2B:98:65:25 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6DBFCBC762E6225C82C66653A0BB239B7C58B3CF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa Signing time: Sat 18 Oct 2025 00:00:26 +0000 ROA not before: Sat 18 Oct 2025 00:00:26 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:bf:cb:c7:62:e6:22:5c:82:c6:66:53:a0:bb:23:9b:7c:58:b3:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:26 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=4437d432935d108ee483953c2a51039117a7ba8e0ec9ed6cf28d21bae5915d82, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e9:e1:7b:8b:af:5b:fe:2b:9e:9c:33:90:16: 01:27:d1:37:f7:91:f4:06:e6:f1:88:ad:35:f5:31: 7b:fc:99:9b:96:6b:b6:6e:5f:6d:53:5a:11:32:83: ef:cd:2e:8c:20:da:95:ed:c2:b0:76:86:83:4a:e5: 8e:b7:2c:bd:65:43:4e:78:45:95:e9:3d:4b:f7:5f: 65:e5:1a:64:73:8a:ea:d7:26:c8:4e:0e:33:d1:da: 72:43:a8:3a:88:ec:5b:3f:b3:dd:98:48:ae:5c:d8: 47:00:7f:35:6a:57:ab:33:df:a8:47:f2:59:44:9d: 68:d4:75:c6:d4:46:f5:f4:cd:8a:c6:c3:0c:16:6b: 11:e3:d9:cb:13:40:84:fe:e7:9e:a8:28:30:78:ab: 44:56:da:68:ef:d4:5e:20:f2:86:f5:1c:7e:7d:56: ce:46:51:9c:38:cd:ff:d8:b5:58:97:33:5c:67:a2: 39:60:0e:29:bf:97:1c:34:b7:0d:c6:86:5e:61:52: 7e:62:c0:ea:3d:dd:ea:6c:d9:8d:0c:40:f1:9e:1c: 94:0a:ba:b1:c2:dd:89:9d:44:4f:4f:81:d0:bc:9a: c2:80:28:05:f1:38:7e:57:9e:49:f1:1b:ab:52:d8: ed:69:52:d7:00:d8:9f:22:a4:94:da:1a:6d:2c:46: e2:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:E2:CA:E8:0E:1B:3B:8F:CF:FF:B8:91:11:A7:23:CE:2B:98:65:25 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 9f:27:5c:7f:2f:c2:2b:79:07:f8:5c:b6:36:73:92:ab:36:0c: 74:79:2b:15:c0:43:3b:d8:58:17:27:ec:30:d7:0f:de:52:2e: 30:fe:5b:f6:ee:65:f0:87:df:5b:4b:77:9b:fc:5f:d0:34:a6: 55:90:77:dd:8a:84:fa:3c:90:3c:99:15:78:41:b0:dd:22:0b: 61:7e:58:1c:9b:08:52:e1:18:64:f0:53:b9:db:40:94:78:52: c2:32:79:db:2c:90:df:9d:b6:77:57:11:a9:e9:22:9a:7b:01: be:c9:b5:7f:c8:d2:c4:a4:aa:f4:b1:e4:cd:81:85:23:94:93: 95:ea:9f:f9:8a:fe:34:84:d5:f5:98:21:02:b9:ea:80:47:a5: 64:82:a1:29:67:39:7a:23:3d:15:a1:3a:56:a5:8a:15:b3:e4: 43:d0:7e:21:d0:b4:d9:4f:2c:66:23:dc:38:36:c3:1d:6e:d9: 8e:d6:3b:97:54:c3:92:00:ac:2e:d7:dc:8a:ad:e0:51:46:ba: 5f:4e:31:ec:40:d6:78:78:bd:43:03:df:56:a5:37:75:9c:43: e0:53:04:35:40:9a:f7:c5:81:11:f2:d6:79:00:2f:37:22:eb: 85:d8:67:2e:c5:b8:7f:37:6d:7a:76:34:a7:1d:e0:98:ff:e2: 11:fa:03:4d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbb/Lx2LmIlyCxmZToLsjm3xYs88wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyNloX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNANDQzN2Q0MzI5MzVkMTA4ZWU0ODM5 NTNjMmE1MTAzOTExN2E3YmE4ZTBlYzllZDZjZjI4ZDIxYmFlNTkxNWQ4MjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOnhe4uvW/4rnpwzkBYBJ9E395H0 BubxiK019TF7/Jmblmu2bl9tU1oRMoPvzS6MINqV7cKwdoaDSuWOtyy9ZUNOeEWV 6T1L919l5Rpkc4rq1ybITg4z0dpyQ6g6iOxbP7PdmEiuXNhHAH81alerM9+oR/JZ RJ1o1HXG1Eb19M2KxsMMFmsR49nLE0CE/ueeqCgweKtEVtpo79ReIPKG9Rx+fVbO RlGcOM3/2LVYlzNcZ6I5YA4pv5ccNLcNxoZeYVJ+YsDqPd3qbNmNDEDxnhyUCrqx wt2JnURPT4HQvJrCgCgF8Th+V55J8RurUtjtaVLXANifIqSU2hptLEbiywIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFA3iyugOGzuPz/+4kRGnI84rmGUlMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQCfJ1x/L8IreQf4XLY2 c5KrNgx0eSsVwEM72FgXJ+ww1w/eUi4w/lv27mXwh99bS3eb/F/QNKZVkHfdioT6 PJA8mRV4QbDdIgthflgcmwhS4Rhk8FO520CUeFLCMnnbLJDfnbZ3VxGp6SKaewG+ ybV/yNLEpKr0seTNgYUjlJOV6p/5iv40hNX1mCECueqAR6VkgqEpZzl6Iz0VoTpW pYoVs+RD0H4h0LTZTyxmI9w4NsMdbtmO1juXVMOSAKwu19yKreBRRrpfTjHsQNZ4 eL1DA99WpTd1nEPgUwQ1QJr3xYER8tZ5AC83IuuF2Gcuxbh/N216djSnHeCY/+IR +gNN -----END CERTIFICATE-----Generated at Mon Oct 20 12:52:24 2025 by rpki-client