$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa File: fcc4293c-b24f-4fac-9395-546f748b3b13.roa (raw, json) Hash identifier: FU7bOqADWvqxUdtlrnFeDIu5/yoTc/K6y9tgrYeAG00= Subject key identifier: FC:BE:F4:AA:B4:AD:AA:E8:FD:C1:59:95:77:25:BB:84:27:A0:6B:C5 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 27D7A2ABCB647573FFD52BDA6ECD89813087E2C4 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa Signing time: Sat 18 Oct 2025 00:00:23 +0000 ROA not before: Sat 18 Oct 2025 00:00:23 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:d7:a2:ab:cb:64:75:73:ff:d5:2b:da:6e:cd:89:81:30:87:e2:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:23 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=ee19c3eefa401de4d3670c5ec6f217159ab07ab6c1416ec436c9abc803010b01, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:0b:f6:1b:2c:6a:ab:57:31:50:2c:ae:a9:46: 44:17:f4:a2:39:17:84:20:fd:b2:96:f7:20:a4:7c: 41:05:8b:6a:bd:34:16:21:65:c7:29:31:9a:5f:88: 67:0e:f8:12:17:29:d7:68:5d:5b:d4:a0:63:33:80: 44:ee:15:81:f6:10:69:5d:e6:16:f7:e7:cb:76:cd: a3:8d:62:c4:c1:01:3a:e9:9c:84:6b:e3:a2:41:d4: d7:13:48:57:ee:43:1f:7b:26:ae:48:32:5c:42:42: 9c:bc:2d:74:66:f1:05:0f:9d:bc:c8:92:63:e9:09: 19:a9:a7:3b:98:25:e9:65:37:08:ef:0e:7f:c5:5d: d5:c0:13:cb:ec:68:a6:96:66:21:ea:9f:ca:2f:85: 32:cd:46:0d:7d:b4:cc:65:74:34:82:05:dd:94:32: 28:1a:82:05:ea:8b:74:3c:93:0e:e9:6e:6a:e7:9d: 2b:7f:0c:4f:1b:7e:ce:ae:f1:4b:66:b8:4e:47:af: 39:d4:b9:1b:9e:97:77:24:7a:a1:f9:66:53:e8:a9: 1c:a8:43:9c:f9:a5:2c:74:a7:ff:d1:ad:39:23:06: 0e:be:7d:c7:39:b0:ef:54:b2:d6:ca:a4:53:48:91: 19:3a:79:6c:e6:55:03:06:31:d9:91:47:d3:8e:fb: a0:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:BE:F4:AA:B4:AD:AA:E8:FD:C1:59:95:77:25:BB:84:27:A0:6B:C5 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/38 Signature Algorithm: sha256WithRSAEncryption 79:e9:17:ee:9e:f2:b1:55:5e:cc:97:15:fd:d3:8f:2b:4a:bf: ad:77:00:54:cb:7f:48:05:db:d9:13:13:87:49:59:dd:31:46: 5e:96:40:3c:a7:f1:e9:da:89:bc:14:f7:86:3b:4a:c9:5c:f5: c9:83:b6:b1:57:17:03:db:bf:88:ed:6f:c6:dc:56:89:3b:bf: 1b:86:00:b2:b9:53:b8:a6:76:52:ba:db:d6:54:f6:fb:5d:f6: ff:fc:81:89:b4:3a:dd:aa:29:13:b1:5e:7f:fa:fe:f0:35:e5: 98:41:a8:2f:3a:b4:86:7d:34:68:96:74:1a:d8:94:eb:21:62: 2c:47:ac:53:ae:dc:0f:10:98:e6:7b:55:e6:45:2e:6c:20:61: 34:5f:7c:43:31:1d:63:b2:66:b0:81:29:86:40:04:81:29:bc: 38:00:0b:45:fb:e2:cf:33:0a:92:c7:8c:2b:a2:f2:3f:18:37: fc:31:cb:19:e6:72:3c:f4:8e:25:77:ea:07:81:80:ec:26:2b: 45:24:cc:f5:24:36:7f:4e:35:40:ce:5a:0f:cc:16:2a:56:30: 79:9f:02:d5:bf:d9:d9:d4:13:d3:23:94:e7:aa:c6:90:88:93: 9d:15:c2:0e:9d:5d:c7:6e:ed:26:8d:ae:d5:db:cc:a6:81:ad: 26:14:46:be -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ9eiq8tkdXP/1Svabs2JgTCH4sQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyM1oX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAZWUxOWMzZWVmYTQwMWRlNGQzNjcw YzVlYzZmMjE3MTU5YWIwN2FiNmMxNDE2ZWM0MzZjOWFiYzgwMzAxMGIwMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wv2Gyxqq1cxUCyuqUZEF/SiOReE IP2ylvcgpHxBBYtqvTQWIWXHKTGaX4hnDvgSFynXaF1b1KBjM4BE7hWB9hBpXeYW 9+fLds2jjWLEwQE66ZyEa+OiQdTXE0hX7kMfeyauSDJcQkKcvC10ZvEFD528yJJj 6QkZqac7mCXpZTcI7w5/xV3VwBPL7GimlmYh6p/KL4UyzUYNfbTMZXQ0ggXdlDIo GoIF6ot0PJMO6W5q550rfwxPG37OrvFLZrhOR6851Lkbnpd3JHqh+WZT6KkcqEOc +aUsdKf/0a05IwYOvn3HObDvVLLWyqRTSJEZOnls5lUDBjHZkUfTjvuggwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPy+9Kq0raro/cFZlXclu4QnoGvFMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2ZjYzQyOTNjLWIyNGYtNGZhYy05Mzk1LTU0NmY3NDhiM2IxMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAHnpF+6e8rFVXsyXFf3T jytKv613AFTLf0gF29kTE4dJWd0xRl6WQDyn8enaibwU94Y7Sslc9cmDtrFXFwPb v4jtb8bcVok7vxuGALK5U7imdlK629ZU9vtd9v/8gYm0Ot2qKROxXn/6/vA15ZhB qC86tIZ9NGiWdBrYlOshYixHrFOu3A8QmOZ7VeZFLmwgYTRffEMxHWOyZrCBKYZA BIEpvDgAC0X74s8zCpLHjCui8j8YN/wxyxnmcjz0jiV36geBgOwmK0UkzPUkNn9O NUDOWg/MFipWMHmfAtW/2dnUE9MjlOeqxpCIk50Vwg6dXcdu7SaNrtXbzKaBrSYU Rr4= -----END CERTIFICATE-----Generated at Mon Oct 20 23:07:46 2025 by rpki-client