$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: 3uxu+Oqb/PE//Y6i5IePMtoBXGEZxbbq2edeHC/RF00= Subject key identifier: 53:58:8B:1C:FF:63:B5:55:50:13:28:1D:EF:4D:EF:1D:9E:D6:46:6E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 550E6CDCF0F9E83E7BED378E36D35217AF19B854 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Sat 18 Oct 2025 00:00:35 +0000 ROA not before: Sat 18 Oct 2025 00:00:35 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:02:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:0e:6c:dc:f0:f9:e8:3e:7b:ed:37:8e:36:d3:52:17:af:19:b8:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:35 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=07f8b6b09888383e392ef8c90d17ebe7c67a22f3761cd3ed76776c951807e223, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:13:d0:55:94:31:69:d4:48:33:da:6c:63:2c: 76:05:1c:9f:9f:9b:2e:59:02:c1:f1:68:97:51:6d: f7:15:6c:d6:08:07:90:47:a6:b2:8e:28:70:b5:ef: e3:78:4a:db:7b:c9:1d:e6:e7:a9:74:d8:83:7b:0d: 71:fb:5c:db:31:e1:7c:27:fd:59:bf:a2:37:db:17: 4c:03:7c:ec:d6:7b:95:28:10:eb:60:ca:ce:91:f4: 1a:f7:00:f4:03:98:f5:19:eb:09:6b:a8:23:a7:02: 52:3c:bf:06:54:3d:9f:eb:d2:e1:a7:19:3d:49:04: 84:ea:9c:45:ec:c6:d1:c5:5d:01:17:ef:f2:eb:4d: c6:03:0d:d3:7a:45:27:10:6b:bf:26:f3:47:24:ad: 5a:8a:4f:d7:3a:87:a6:94:c3:b8:db:fa:d6:62:c8: 01:15:01:fc:d9:9b:04:0e:d0:1b:fd:17:fd:89:bb: 87:0a:25:10:1e:bd:c6:73:8c:d2:b4:a4:2d:c2:ec: b3:36:e9:40:29:7a:ed:ab:bd:bd:51:e6:e3:6f:c5: 9e:de:5c:cb:bc:5c:b7:20:7f:52:ec:e0:13:5a:3c: 59:da:8d:fa:83:79:46:49:39:8a:4c:91:14:83:56: ca:b3:f1:c2:b6:31:14:f3:cd:44:79:90:13:4c:b4: 23:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:58:8B:1C:FF:63:B5:55:50:13:28:1D:EF:4D:EF:1D:9E:D6:46:6E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption 9c:23:73:4f:3d:31:00:2d:a5:40:5f:3a:46:1f:f5:65:a7:9a: 92:03:a2:e4:90:4e:42:5a:e1:b9:65:17:55:07:8b:02:c4:9d: 6f:aa:65:cd:06:62:b2:7e:a3:6d:97:63:c5:4a:5d:2a:98:42: 05:4a:64:8a:74:aa:4a:63:8a:46:3c:fc:70:55:6a:56:45:97: 35:6f:fa:a4:da:dc:28:52:85:66:2a:8f:97:ad:40:e3:fd:a1: bc:59:f3:12:df:d2:13:41:c4:3e:b5:44:69:d6:0f:ba:17:0a: 52:6e:90:0a:c2:7a:a3:f0:a9:b3:22:7c:df:0c:cb:56:15:c9: fb:10:1c:70:73:7c:60:ad:bc:05:a4:7f:52:34:1f:2c:8d:8e: 3d:2d:2e:17:84:b0:12:f7:0e:3f:b3:55:bb:5b:15:41:26:02: 9e:d4:8d:99:8a:65:7e:61:8f:2a:b9:88:c1:61:31:1f:ac:50: 4d:83:4b:cb:85:c9:e9:6f:59:a2:b7:68:86:75:a9:1c:f2:5f: 76:fa:ff:3d:2d:c7:d2:18:79:b4:0a:e4:0c:f5:db:ee:50:72: 77:79:dd:91:a6:ea:3f:41:8f:41:60:52:bd:eb:c0:aa:9e:3a: 01:1f:e2:30:04:13:49:73:d2:59:24:54:8b:51:c4:6c:80:89: 57:90:f2:85 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUVQ5s3PD56D577TeONtNSF68ZuFQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAzNVoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAMDdmOGI2YjA5ODg4MzgzZTM5MmVm OGM5MGQxN2ViZTdjNjdhMjJmMzc2MWNkM2VkNzY3NzZjOTUxODA3ZTIyMzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xPQVZQxadRIM9psYyx2BRyfn5su WQLB8WiXUW33FWzWCAeQR6ayjihwte/jeErbe8kd5uepdNiDew1x+1zbMeF8J/1Z v6I32xdMA3zs1nuVKBDrYMrOkfQa9wD0A5j1GesJa6gjpwJSPL8GVD2f69Lhpxk9 SQSE6pxF7MbRxV0BF+/y603GAw3TekUnEGu/JvNHJK1aik/XOoemlMO42/rWYsgB FQH82ZsEDtAb/Rf9ibuHCiUQHr3Gc4zStKQtwuyzNulAKXrtq729Uebjb8We3lzL vFy3IH9S7OATWjxZ2o36g3lGSTmKTJEUg1bKs/HCtjEU881EeZATTLQj8wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFFNYixz/Y7VVUBMoHe9N7x2e1kZuMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAnCNzTz0xAC2lQF86Rh/1 ZaeakgOi5JBOQlrhuWUXVQeLAsSdb6plzQZisn6jbZdjxUpdKphCBUpkinSqSmOK Rjz8cFVqVkWXNW/6pNrcKFKFZiqPl61A4/2hvFnzEt/SE0HEPrVEadYPuhcKUm6Q CsJ6o/CpsyJ83wzLVhXJ+xAccHN8YK28BaR/UjQfLI2OPS0uF4SwEvcOP7NVu1sV QSYCntSNmYplfmGPKrmIwWExH6xQTYNLy4XJ6W9ZordohnWpHPJfdvr/PS3H0hh5 tArkDPXb7lByd3ndkabqP0GPQWBSvevAqp46AR/iMAQTSXPSWSRUi1HEbICJV5Dy hQ== -----END CERTIFICATE-----Generated at Wed Nov 5 12:37:20 2025 by rpki-client