$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa File: 0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa (raw, json) Hash identifier: 9xj7pvSlo5YS7MrJXrOtYfVdkSOWyIXZHjMojjRBVjw= Subject key identifier: 46:48:46:82:25:23:69:73:ED:C1:50:CD:39:3D:3C:E9:47:D1:CA:2E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 30770B1104C1AAFF36F745D2863B5F828C48EA1F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa Signing time: Sat 18 Oct 2025 00:00:21 +0000 ROA not before: Sat 18 Oct 2025 00:00:21 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:02:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:77:0b:11:04:c1:aa:ff:36:f7:45:d2:86:3b:5f:82:8c:48:ea:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:21 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=b621e100f6bdaea4ca87b22ba7902d8b9a51c7c2637bf7b1853a9d23ff39ae44, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:37:c9:2d:f4:65:2c:e2:f9:e3:87:20:7d:7d: 60:c3:ea:5d:5a:b4:68:80:91:ab:21:26:a4:67:f7: bf:63:5f:98:a0:9c:59:71:94:7b:04:5c:34:56:51: a6:92:4b:4f:20:fb:67:9a:12:f8:3d:f3:41:a0:e1: 2e:d0:8f:74:e0:11:e9:a0:3d:3d:84:c2:b8:56:91: 5f:e5:5f:d3:1c:64:2d:f6:49:03:0e:88:e6:83:d6: 0c:84:b6:ef:a2:7f:77:dc:87:d1:16:98:81:52:e5: 95:ec:01:1f:99:05:76:12:a7:6b:b0:4f:4d:e4:cd: 5b:50:93:3c:0c:dc:81:7f:10:e9:b9:57:58:a2:c4: c1:8d:5a:1f:ff:85:4f:44:53:eb:a7:00:e5:68:9b: b9:78:e6:e1:2d:ac:42:fc:48:90:2f:70:8b:21:aa: b0:38:60:c4:fd:0d:a6:0b:8b:b0:5a:f3:7f:80:8e: 9f:da:74:7e:ae:2f:21:65:e9:82:30:cf:49:04:ec: 9d:fc:f3:4d:bb:62:28:2b:99:c2:d1:af:ac:ae:98: e7:3d:8d:b6:78:62:41:27:75:4e:58:fd:78:ea:22: 6e:64:45:a9:1e:5a:65:92:f5:18:b3:f4:3e:03:12: 4a:bb:d6:69:f5:82:96:9a:de:79:be:ce:c0:62:db: 92:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:48:46:82:25:23:69:73:ED:C1:50:CD:39:3D:3C:E9:47:D1:CA:2E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014::/36 Signature Algorithm: sha256WithRSAEncryption 52:57:ce:06:d4:db:16:c5:3c:29:65:fa:37:11:8e:27:6c:8f: 8d:79:92:75:e3:28:6b:14:c1:ba:61:fe:13:bb:ba:7a:5e:c7: a9:a6:c5:d2:3d:d4:6f:e4:2d:82:c8:c9:6c:df:f3:e2:a2:7d: c7:9a:e1:8e:57:9d:f1:71:e1:72:32:e1:a9:0a:23:08:94:48: f0:ed:d6:6b:a3:0e:ba:b7:21:39:92:ce:13:e2:6a:2d:72:6b: a1:7d:49:48:1f:1b:f3:ea:2a:e5:f0:2b:41:93:a4:ff:4d:bc: 43:3a:63:88:25:34:ee:ad:51:59:1c:95:eb:d0:2b:11:fa:2f: 16:30:2a:bd:60:c9:2d:52:93:bf:95:06:6f:de:16:de:ab:fd: 11:a1:94:f9:21:65:79:68:31:3c:64:97:6c:cd:55:3e:04:49: f9:5a:e1:f8:15:48:87:34:41:3d:58:5a:a2:c8:aa:dc:90:f4: e4:f3:0d:3f:43:7c:91:2b:32:2a:db:de:e9:38:fa:cd:a3:86: fc:d1:ba:0c:07:ea:2d:a5:95:04:50:22:36:07:b4:f8:7f:44: 60:5a:30:c7:c8:ee:0e:90:38:5b:43:39:6a:66:63:8c:7e:99: 01:d4:23:70:70:12:72:96:e1:22:45:e7:e9:a2:3f:d5:18:a7: e3:86:32:56 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMHcLEQTBqv8290XShjtfgoxI6h8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyMVoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAYjYyMWUxMDBmNmJkYWVhNGNhODdi MjJiYTc5MDJkOGI5YTUxYzdjMjYzN2JmN2IxODUzYTlkMjNmZjM5YWU0NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDfJLfRlLOL544cgfX1gw+pdWrRo gJGrISakZ/e/Y1+YoJxZcZR7BFw0VlGmkktPIPtnmhL4PfNBoOEu0I904BHpoD09 hMK4VpFf5V/THGQt9kkDDojmg9YMhLbvon933IfRFpiBUuWV7AEfmQV2EqdrsE9N 5M1bUJM8DNyBfxDpuVdYosTBjVof/4VPRFPrpwDlaJu5eObhLaxC/EiQL3CLIaqw OGDE/Q2mC4uwWvN/gI6f2nR+ri8hZemCMM9JBOyd/PNNu2IoK5nC0a+srpjnPY22 eGJBJ3VOWP146iJuZEWpHlplkvUYs/Q+AxJKu9Zp9YKWmt55vs7AYtuSvQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEZIRoIlI2lz7cFQzTk9POlH0couMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBkNmY1Yzg2LTU3ZDgtNGUwZC04NDQ1LTMwY2IxMjJiYjRkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AFAAwDQYJKoZIhvcNAQELBQADggEBAFJXzgbU2xbFPCll+jcR jidsj415knXjKGsUwbph/hO7unpex6mmxdI91G/kLYLIyWzf8+Kifcea4Y5XnfFx 4XIy4akKIwiUSPDt1mujDrq3ITmSzhPiai1ya6F9SUgfG/PqKuXwK0GTpP9NvEM6 Y4glNO6tUVkclevQKxH6LxYwKr1gyS1Sk7+VBm/eFt6r/RGhlPkhZXloMTxkl2zN VT4ESfla4fgVSIc0QT1YWqLIqtyQ9OTzDT9DfJErMirb3uk4+s2jhvzRugwH6i2l lQRQIjYHtPh/RGBaMMfI7g6QOFtDOWpmY4x+mQHUI3BwEnKW4SJF5+miP9UYp+OG MlY= -----END CERTIFICATE-----Generated at Wed Nov 5 07:43:26 2025 by rpki-client