$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa File: c7b491e4-76ae-4305-8132-a670b41c66fd.roa (raw, json) Hash identifier: E2lJ3g4kYXIN8kohVXeDrlAwBYDBIxPs+3O3uUTPJzo= Subject key identifier: F1:F6:0E:68:83:2D:48:C6:ED:93:4E:32:75:B1:DB:F1:7C:A5:FD:4C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 74342B8FD84990B3233BE35EA1FB055C988F464C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa Signing time: Sat 18 Oct 2025 00:00:24 +0000 ROA not before: Sat 18 Oct 2025 00:00:24 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:02:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:34:2b:8f:d8:49:90:b3:23:3b:e3:5e:a1:fb:05:5c:98:8f:46:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 18 00:00:24 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=a94f977cf81d164177941c8d6e5301699859bb84e455a7805dc6b47b231435f9, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:a7:36:a1:a2:76:f7:2f:74:90:7e:4f:76:85: 49:09:27:1b:c8:1c:b1:7b:76:92:6f:2a:1e:5e:fb: d2:75:1e:4c:81:44:5e:ec:90:f0:fa:fd:92:8b:80: 08:5f:b7:2b:e7:e6:2d:3b:a3:ee:69:56:d0:e7:94: 08:d5:08:e3:77:84:ac:cd:e4:4a:60:a4:09:64:c4: 75:7a:1f:3b:e1:2e:e0:72:e5:f7:88:98:9e:29:c2: 4d:e7:2b:0a:d2:3b:18:48:a0:c5:96:b4:92:f8:a9: a3:f9:73:60:f9:db:44:c1:99:21:3b:c4:cf:8e:7b: 18:bd:3d:b9:51:d6:af:95:b8:f7:04:be:a7:3a:d4: cc:ab:db:36:e9:61:53:c7:e8:0e:be:6f:ee:65:bf: 13:b1:ac:b8:18:c3:33:97:fb:b5:46:39:68:00:ca: 12:f3:71:1d:80:e5:40:74:39:8b:db:82:80:a7:9b: 1a:f6:a3:61:8b:7a:8b:ef:42:a7:b5:ad:dd:91:fe: 82:6c:c2:77:cd:1e:19:72:e8:da:0f:72:0a:3f:ad: a6:b3:21:82:f4:19:b2:65:e4:97:e0:28:d8:68:d8: 74:5b:9a:8e:8a:ee:79:08:30:fd:e1:cb:12:8c:55: 93:e3:69:98:cb:2a:e8:22:94:cc:67:5b:1a:22:5c: 39:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:F6:0E:68:83:2D:48:C6:ED:93:4E:32:75:B1:DB:F1:7C:A5:FD:4C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4000::/40 Signature Algorithm: sha256WithRSAEncryption 7b:c6:18:f4:10:e7:ff:bb:79:7d:85:2b:69:42:48:82:0a:5e: 4f:3e:5a:66:64:ab:a8:2d:91:7a:15:c5:3c:ae:19:62:52:bc: 22:a8:ac:b4:86:21:ef:a6:d9:81:ed:0b:1c:bb:a1:8c:c9:08: 80:3a:7e:79:3b:6d:18:67:52:10:93:ed:e9:97:8d:f3:b9:bf: 77:2d:17:8e:40:7f:f3:72:b4:f8:df:03:39:11:66:17:9b:d5: 32:1a:74:ea:32:bf:94:73:f8:59:60:e0:d3:46:d8:7f:d0:cd: 62:e1:73:a7:ff:13:5c:5b:f0:28:c7:56:08:13:97:8f:71:f1: bc:0b:7e:de:84:8c:74:a8:31:59:d7:94:58:13:17:ce:2b:70: 44:0f:68:e0:9d:08:8e:4d:1d:e8:4f:ac:79:39:2e:41:01:a9: ec:01:c1:31:b9:99:cf:b9:33:80:19:d5:e1:af:bb:c4:f4:ab: e1:8d:01:bf:ca:1b:18:d8:6f:1a:5d:b5:8d:f8:96:eb:45:1f: 6c:45:36:d2:09:52:db:b6:8c:2a:6b:69:b6:44:a5:21:ab:27: 22:b7:ee:5c:97:99:18:c3:26:3d:f3:a6:b8:df:79:bb:b2:37: d5:0f:60:1e:aa:07:b9:18:7a:98:7b:86:39:39:a9:fb:6d:2d: bf:d6:f3:09 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdDQrj9hJkLMjO+NeofsFXJiPRkwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxODAwMDAyNFoX DTI1MTEyMjIzNTk1OVowejFJMEcGA1UEBRNAYTk0Zjk3N2NmODFkMTY0MTc3OTQx YzhkNmU1MzAxNjk5ODU5YmI4NGU0NTVhNzgwNWRjNmI0N2IyMzE0MzVmOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKc2oaJ29y90kH5PdoVJCScbyByx e3aSbyoeXvvSdR5MgURe7JDw+v2Si4AIX7cr5+YtO6PuaVbQ55QI1Qjjd4SszeRK YKQJZMR1eh874S7gcuX3iJieKcJN5ysK0jsYSKDFlrSS+Kmj+XNg+dtEwZkhO8TP jnsYvT25Udavlbj3BL6nOtTMq9s26WFTx+gOvm/uZb8Tsay4GMMzl/u1RjloAMoS 83EdgOVAdDmL24KAp5sa9qNhi3qL70Knta3dkf6CbMJ3zR4ZcujaD3IKP62msyGC 9BmyZeSX4CjYaNh0W5qOiu55CDD94csSjFWT42mYyyroIpTMZ1saIlw5OwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPH2DmiDLUjG7ZNOMnWx2/F8pf1MMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3YjQ5MWU0LTc2YWUtNDMwNS04MTMyLWE2NzBiNDFjNjZmZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBAHvGGPQQ5/+7eX2FK2lC SIIKXk8+WmZkq6gtkXoVxTyuGWJSvCKorLSGIe+m2YHtCxy7oYzJCIA6fnk7bRhn UhCT7emXjfO5v3ctF45Af/NytPjfAzkRZheb1TIadOoyv5Rz+Flg4NNG2H/QzWLh c6f/E1xb8CjHVggTl49x8bwLft6EjHSoMVnXlFgTF84rcEQPaOCdCI5NHehPrHk5 LkEBqewBwTG5mc+5M4AZ1eGvu8T0q+GNAb/KGxjYbxpdtY34lutFH2xFNtIJUtu2 jCprabZEpSGrJyK37lyXmRjDJj3zprjfebuyN9UPYB6qB7kYeph7hjk5qfttLb/W 8wk= -----END CERTIFICATE-----Generated at Wed Nov 5 11:04:38 2025 by rpki-client