$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: ld2OxngSNrhaN2fdLugau4V7WF5Ffd6X/6kLpTnFgKo= Subject key identifier: 72:F3:13:EA:68:41:1C:80:E9:18:CA:50:AD:D9:D8:49:D0:62:86:C5 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 10644E01966324FD80893F180D34D41F52E52957 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Fri 17 Oct 2025 00:10:02 +0000 ROA not before: Fri 17 Oct 2025 00:10:02 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:64:4e:01:96:63:24:fd:80:89:3f:18:0d:34:d4:1f:52:e5:29:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 17 00:10:02 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=6b8ce6dc0b29267e6b5bcbb10dd15050fddfc25b3d7899682c78ca1ca7c9abe5, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:45:31:75:a9:7c:f5:f4:1f:4b:c1:4f:d8:67: 71:bd:12:0d:f6:c9:07:5d:46:ef:22:5b:bb:8d:a1: 3e:49:a4:15:5d:20:39:31:05:04:e8:c3:72:78:e1: 9b:7b:c9:66:45:10:89:3e:ed:69:cc:3d:9d:ad:fb: a4:71:ad:d4:10:6a:66:b9:47:8c:fe:f6:eb:92:fe: 6d:9e:04:47:67:b6:a5:74:a8:09:0c:ee:5c:02:3d: c7:6f:b1:e4:7c:ba:9d:1a:f3:7c:a0:38:8f:3f:c4: d0:22:88:c4:04:23:55:5e:73:07:71:f0:87:1f:89: d4:04:0b:e0:aa:10:5f:33:69:dc:60:d8:a3:27:02: 5d:8d:64:fa:73:90:07:46:dd:ab:0f:92:ab:4a:9e: 5d:93:c1:5a:3b:d7:21:f8:64:a2:b0:89:c1:b8:99: d3:8f:db:83:27:09:0d:e0:06:c0:78:02:e3:bc:41: 30:8f:f5:eb:61:79:69:ef:48:6a:bb:a0:f1:74:e9: 26:74:62:bc:70:27:ba:b5:da:89:d0:21:c0:03:2d: a2:90:52:22:50:c1:12:10:cc:56:34:29:dc:1e:b8: a0:53:e2:bf:67:58:6c:64:1e:10:37:33:29:7c:db: 34:69:a7:c2:f8:cb:ff:71:cc:14:d4:b1:04:44:02: cb:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:F3:13:EA:68:41:1C:80:E9:18:CA:50:AD:D9:D8:49:D0:62:86:C5 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 3b:b4:79:bf:1a:95:ba:38:b6:98:43:a8:be:be:3d:92:43:e0: 9a:98:bc:a0:a6:8d:e7:c0:76:4b:78:8f:61:f8:69:95:f5:6a: 5a:77:a8:72:1e:cc:29:49:b0:da:90:68:d8:dd:e5:02:9c:aa: 7a:d4:01:1f:3a:93:a4:8a:72:9f:89:1a:1e:24:48:15:bb:3c: 3d:55:a0:4f:c9:5e:24:4e:00:93:76:02:14:fb:ad:b3:3a:37: c4:d8:f1:b7:4f:c5:ef:56:ff:27:de:a5:23:2f:ed:a5:dd:c6: 56:59:5c:66:d5:1f:b6:cd:a8:84:14:e6:87:bc:65:c2:9f:7f: 77:9a:41:5c:6d:1c:36:88:69:ad:b2:4d:3e:79:0d:d2:36:a4: a7:5b:6f:2a:db:b3:98:74:32:99:ae:77:df:ba:3c:d1:16:29: 53:85:8c:77:5f:f3:4b:da:00:35:dd:ae:d3:f9:bc:49:64:a2: f7:eb:3f:7c:d3:b4:48:a3:d6:6b:68:93:1c:42:b8:8d:15:57: 37:90:5f:98:46:ff:47:b3:d3:f0:3c:ce:0a:8c:29:74:38:7b: d7:72:f8:3c:eb:13:82:80:ae:56:df:87:c0:b0:1e:82:36:47: 76:45:ae:74:4b:00:b8:7c:ea:eb:48:48:dd:2c:21:ec:23:3b: 5e:50:27:dd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEGROAZZjJP2AiT8YDTTUH1LlKVcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxNzAwMTAwMloX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANmI4Y2U2ZGMwYjI5MjY3ZTZiNWJj YmIxMGRkMTUwNTBmZGRmYzI1YjNkNzg5OTY4MmM3OGNhMWNhN2M5YWJlNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEUxdal89fQfS8FP2GdxvRIN9skH XUbvIlu7jaE+SaQVXSA5MQUE6MNyeOGbe8lmRRCJPu1pzD2drfukca3UEGpmuUeM /vbrkv5tngRHZ7aldKgJDO5cAj3Hb7HkfLqdGvN8oDiPP8TQIojEBCNVXnMHcfCH H4nUBAvgqhBfM2ncYNijJwJdjWT6c5AHRt2rD5KrSp5dk8FaO9ch+GSisInBuJnT j9uDJwkN4AbAeALjvEEwj/XrYXlp70hqu6DxdOkmdGK8cCe6tdqJ0CHAAy2ikFIi UMESEMxWNCncHrigU+K/Z1hsZB4QNzMpfNs0aafC+Mv/ccwU1LEERALLwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHLzE+poQRyA6RjKUK3Z2EnQYobFMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBADu0eb8albo4tphDqL6+ PZJD4JqYvKCmjefAdkt4j2H4aZX1alp3qHIezClJsNqQaNjd5QKcqnrUAR86k6SK cp+JGh4kSBW7PD1VoE/JXiROAJN2AhT7rbM6N8TY8bdPxe9W/yfepSMv7aXdxlZZ XGbVH7bNqIQU5oe8ZcKff3eaQVxtHDaIaa2yTT55DdI2pKdbbyrbs5h0Mpmud9+6 PNEWKVOFjHdf80vaADXdrtP5vElkovfrP3zTtEij1mtokxxCuI0VVzeQX5hG/0ez 0/A8zgqMKXQ4e9dy+DzrE4KArlbfh8CwHoI2R3ZFrnRLALh86utISN0sIewjO15Q J90= -----END CERTIFICATE-----Generated at Mon Oct 20 18:00:20 2025 by rpki-client