$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa File: 33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa (raw, json) Hash identifier: jbNryZ0+Qk97ZrjiJJ92YQIqpXHicDGfeEOZWd9ZlQI= Subject key identifier: 14:1D:81:F4:8D:E9:2A:D9:C3:FD:F5:8E:73:10:8F:FA:65:96:DD:FD Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 11A79B3EFAB7F5BE3E5A3D45CF986104F1E13527 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa Signing time: Sat 18 Oct 2025 00:00:37 +0000 ROA not before: Sat 18 Oct 2025 00:00:37 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:02:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:a7:9b:3e:fa:b7:f5:be:3e:5a:3d:45:cf:98:61:04:f1:e1:35:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:37 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=47d222861c67717762bccfae29e6f587bf80b84ba31217fb440b881174ad69ea, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:37:99:c9:f7:0f:76:e6:e9:dd:87:40:92:29: dc:88:22:9a:39:d1:9e:50:49:0b:eb:a0:90:ac:de: 31:a8:c9:d8:4d:0c:6f:4e:57:fa:1e:64:7d:c7:bd: 4b:47:0e:53:c9:4a:f4:03:5a:96:60:e4:a1:df:52: fb:f0:c7:c0:00:42:63:58:09:03:88:c6:e2:5b:35: 21:3e:92:29:9c:f6:5f:e5:6a:88:4b:55:c6:4f:f4: d9:4e:c5:13:f0:db:66:9c:c1:7d:4b:61:7d:cb:4c: 52:76:26:87:6b:47:f4:85:2a:46:b0:45:2b:0f:01: d5:fc:60:a3:2a:1d:76:56:f7:d9:15:72:4b:8e:1d: bc:5d:c0:41:de:f5:65:63:66:9a:7d:2e:04:39:26: 80:4a:fe:37:ae:0c:9a:03:3c:5b:28:7d:4a:ff:94: d8:b7:a2:1d:ed:ba:8d:42:3c:82:e2:01:a8:38:72: 51:84:5e:1f:b0:b9:70:4a:d9:0e:7e:cf:b3:73:aa: 46:9a:7f:9d:9e:81:84:fe:f2:71:a9:f8:da:41:24: 0d:77:3f:a7:40:0a:3f:75:2c:5e:92:9b:9c:8a:69: 12:09:92:5d:d8:65:43:81:f0:e4:bd:43:56:4e:c3: 73:48:17:1c:a4:83:ff:f6:2b:76:76:c0:2f:58:de: 7f:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:1D:81:F4:8D:E9:2A:D9:C3:FD:F5:8E:73:10:8F:FA:65:96:DD:FD X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 84:3a:eb:36:04:19:f0:6c:1a:c7:84:31:42:09:cc:2d:bf:8e: 39:a3:c6:33:df:df:3c:3b:61:61:77:91:97:89:de:02:b5:4a: c9:1f:b7:88:7b:45:69:7d:63:f6:da:eb:34:6b:5a:9c:b9:11: 49:f2:93:b9:36:5d:89:b3:68:fb:54:46:9f:22:15:fe:69:af: f0:e1:9d:39:71:ee:4c:6d:d6:f0:5b:2c:d9:71:6c:28:04:5e: 88:13:31:3f:6e:c2:3a:2e:dd:17:00:bb:2a:69:51:3f:a6:d6: cc:4f:95:5a:d7:36:0a:e8:92:6d:0d:46:63:d9:d1:61:91:f6: b0:b4:c9:6d:b8:7d:8f:e5:28:4e:68:55:2d:97:80:61:c2:5f: bc:f2:33:47:95:0e:7a:6a:41:49:ae:ee:03:f2:1f:71:06:a9: 69:80:db:a1:62:2f:56:3f:c9:9c:4f:d4:8d:73:ba:25:26:9f: 7d:d5:c6:9f:c8:0f:7b:73:75:0a:a7:70:d5:7e:14:20:2e:2d: 4e:cf:13:b8:ed:c0:2f:ed:60:cc:dc:24:0a:a6:c6:db:89:91: ec:e1:a1:f1:48:96:65:02:bf:9f:9b:44:99:d3:e2:ca:37:52: fa:d2:34:00:40:6b:31:77:d4:43:0d:a0:35:4e:f5:48:19:bf: f6:42:e0:8c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEaebPvq39b4+Wj1Fz5hhBPHhNScwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAzN1oX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNANDdkMjIyODYxYzY3NzE3NzYyYmNj ZmFlMjllNmY1ODdiZjgwYjg0YmEzMTIxN2ZiNDQwYjg4MTE3NGFkNjllYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+DeZyfcPdubp3YdAkinciCKaOdGe UEkL66CQrN4xqMnYTQxvTlf6HmR9x71LRw5TyUr0A1qWYOSh31L78MfAAEJjWAkD iMbiWzUhPpIpnPZf5WqIS1XGT/TZTsUT8NtmnMF9S2F9y0xSdiaHa0f0hSpGsEUr DwHV/GCjKh12VvfZFXJLjh28XcBB3vVlY2aafS4EOSaASv43rgyaAzxbKH1K/5TY t6Id7bqNQjyC4gGoOHJRhF4fsLlwStkOfs+zc6pGmn+dnoGE/vJxqfjaQSQNdz+n QAo/dSxekpucimkSCZJd2GVDgfDkvUNWTsNzSBccpIP/9it2dsAvWN5/dwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBQdgfSN6SrZw/31jnMQj/pllt39MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMzZGQzMWUwLTcwMzktNGZmOC1hYWZlLTk3ZjdiOTViMDdkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQCEOus2BBnwbBrHhDFC Ccwtv445o8Yz3988O2Fhd5GXid4CtUrJH7eIe0VpfWP22us0a1qcuRFJ8pO5Nl2J s2j7VEafIhX+aa/w4Z05ce5MbdbwWyzZcWwoBF6IEzE/bsI6Lt0XALsqaVE/ptbM T5Va1zYK6JJtDUZj2dFhkfawtMltuH2P5ShOaFUtl4Bhwl+88jNHlQ56akFJru4D 8h9xBqlpgNuhYi9WP8mcT9SNc7olJp991cafyA97c3UKp3DVfhQgLi1OzxO47cAv 7WDM3CQKpsbbiZHs4aHxSJZlAr+fm0SZ0+LKN1L60jQAQGsxd9RDDaA1TvVIGb/2 QuCM -----END CERTIFICATE-----Generated at Wed Nov 5 14:51:56 2025 by rpki-client