$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa File: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (raw, json) Hash identifier: gi+qYv5X3J/oBTbwQMncRVHjonv1zBD+j4YfbPGaogU= Subject key identifier: 3E:2F:00:CA:36:9E:33:47:50:D8:CE:DF:8C:77:00:36:E9:42:7F:50 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 48DD9B6BD28E37AD260527BFAD0579D69E8BD9C3 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa Signing time: Tue 11 Nov 2025 00:10:31 +0000 ROA not before: Tue 11 Nov 2025 00:10:31 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Nov 2025 00:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:dd:9b:6b:d2:8e:37:ad:26:05:27:bf:ad:05:79:d6:9e:8b:d9:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 11 00:10:31 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=9cae76c9a9385cd49a160f647af1f2beb57f17bdb7026694934499132059e592, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d1:85:db:1e:0d:db:cf:c1:34:68:14:3d:8e: 46:9c:ad:88:ff:dc:cb:5a:2c:6d:54:cd:1a:d2:b3: 37:4e:97:cd:da:49:a4:8f:80:91:38:db:8c:ab:e4: 94:97:6b:f4:ac:aa:11:0f:29:92:1c:b7:29:28:5f: ed:bf:e6:2a:7a:0d:10:42:e9:50:0c:a3:d2:d5:48: ea:1a:ab:fe:df:d4:af:2b:36:ac:61:04:43:7d:b6: 63:bb:f7:3e:67:fa:9a:9a:df:54:5c:2c:0c:c9:c9: 51:d9:f9:3a:b7:e4:82:59:dd:d7:3a:cb:34:fb:5f: a0:40:d5:06:07:42:a2:36:1c:c4:99:4d:1d:c8:75: e3:a2:7e:b8:f8:f2:99:fb:f0:ca:f8:da:0e:46:0e: 1a:c2:93:4f:7a:c3:9d:45:60:c4:c5:a2:7a:9d:00: bc:d7:a4:03:bd:06:77:b3:27:ca:d2:a8:a2:81:f3: ff:c2:a5:71:c3:6f:9f:12:cf:6f:3f:bb:1e:c3:d2: 64:01:58:fb:28:df:23:34:2c:ba:12:a9:ad:75:0d: cc:49:17:17:28:3e:68:d0:92:a5:d8:71:b7:d0:63: 98:e2:34:a5:ae:ef:40:fb:99:a0:dd:d2:fe:2c:13: c5:7e:48:5b:77:c2:21:c0:46:ad:7a:3e:b8:0f:de: db:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:2F:00:CA:36:9E:33:47:50:D8:CE:DF:8C:77:00:36:E9:42:7F:50 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:4000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:5b:60:99:af:2f:04:5b:4c:d5:c9:98:45:90:7f:ce:dd:e5: 9a:60:ff:0a:dd:6a:31:b4:29:bf:b5:f6:20:3d:e1:e2:3a:2f: 49:95:ac:b0:10:0c:2f:e7:ee:e6:d7:78:00:5f:33:8c:42:12: d6:06:90:5e:1b:02:a9:1b:81:2f:16:4d:c3:8c:5c:e0:9e:76: f5:83:51:71:2d:fa:8c:67:22:ee:a5:98:a0:17:f6:a1:4a:8b: 66:08:cc:3f:08:9d:90:7e:4e:d0:54:8e:94:3e:e1:7c:cb:71: 48:2c:2c:07:3e:6f:62:50:bc:ae:0e:6a:53:11:69:01:10:05: c0:3e:bf:b1:4e:46:d8:19:26:5c:f1:61:93:92:c6:c1:da:c6: 5e:f0:5e:8e:7f:f7:66:6a:a2:3d:5e:33:6b:7f:c5:4a:e4:8b: e2:a9:0a:e0:47:73:78:fa:c0:51:d9:7f:f3:25:c9:e0:30:54: 23:75:03:54:dc:bc:cd:5c:f2:41:d6:4b:ff:1d:55:c5:03:f4: 4f:be:41:6d:6c:f6:ce:52:e0:dc:a5:36:df:7a:55:df:33:2d: a0:81:f1:b1:c9:9c:f3:c8:fd:be:9d:38:d8:c7:99:42:f1:80: 8b:8f:08:56:a3:21:52:8f:95:6c:d7:99:c4:42:a2:cc:93:3e: b6:cc:f8:fb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSN2ba9KON60mBSe/rQV51p6L2cMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMTAwMTAzMVoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAOWNhZTc2YzlhOTM4NWNkNDlhMTYw ZjY0N2FmMWYyYmViNTdmMTdiZGI3MDI2Njk0OTM0NDk5MTMyMDU5ZTU5MjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNGF2x4N28/BNGgUPY5GnK2I/9zL WixtVM0a0rM3TpfN2kmkj4CRONuMq+SUl2v0rKoRDymSHLcpKF/tv+Yqeg0QQulQ DKPS1UjqGqv+39SvKzasYQRDfbZju/c+Z/qamt9UXCwMyclR2fk6t+SCWd3XOss0 +1+gQNUGB0KiNhzEmU0dyHXjon64+PKZ+/DK+NoORg4awpNPesOdRWDExaJ6nQC8 16QDvQZ3syfK0qiigfP/wqVxw2+fEs9vP7sew9JkAVj7KN8jNCy6EqmtdQ3MSRcX KD5o0JKl2HG30GOY4jSlru9A+5mg3dL+LBPFfkhbd8IhwEatej64D97bYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD4vAMo2njNHUNjO34x3ADbpQn9QMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBhZTA1ODg5LWViNmQtNDE0Yy04OGU5LWJjMjkzMTcxZjUzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+UAwDQYJKoZIhvcNAQELBQADggEBACxbYJmvLwRbTNXJmEWQ f87d5Zpg/wrdajG0Kb+19iA94eI6L0mVrLAQDC/n7ubXeABfM4xCEtYGkF4bAqkb gS8WTcOMXOCedvWDUXEt+oxnIu6lmKAX9qFKi2YIzD8InZB+TtBUjpQ+4XzLcUgs LAc+b2JQvK4OalMRaQEQBcA+v7FORtgZJlzxYZOSxsHaxl7wXo5/92Zqoj1eM2t/ xUrki+KpCuBHc3j6wFHZf/MlyeAwVCN1A1TcvM1c8kHWS/8dVcUD9E++QW1s9s5S 4NylNt96Vd8zLaCB8bHJnPPI/b6dONjHmULxgIuPCFajIVKPlWzXmcRCosyTPrbM +Ps= -----END CERTIFICATE-----Generated at Sat Nov 15 23:38:02 2025 by rpki-client