$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: fmEu3UMPK10xFALr3YaQy1jVMgnoczez2qDI3YJLqeY= Subject key identifier: AB:E9:12:FE:63:1F:1A:F4:19:A6:FC:DC:0E:AD:3F:F0:DC:A4:5B:E3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1E6770AC915D1A182AF1B9C9E9739843504F5091 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Tue 11 Nov 2025 00:10:32 +0000 ROA not before: Tue 11 Nov 2025 00:10:32 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Nov 2025 00:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:67:70:ac:91:5d:1a:18:2a:f1:b9:c9:e9:73:98:43:50:4f:50:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 11 00:10:32 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=70eb3bba35a866ab95a5cfd9b50ac5e2550718089070cbaf98601301a68d634f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:87:bc:f2:ab:a6:34:fb:99:f4:27:58:b7:14: fe:c8:8c:cb:aa:43:34:39:db:79:a0:ae:a5:16:b3: 9d:75:c4:ca:aa:f1:b7:97:75:2c:34:75:95:b8:d5: f8:07:29:ed:cc:2c:81:1e:b0:93:80:92:82:ae:c9: 0f:d4:bf:c1:f7:6d:b9:4c:23:97:3c:46:b3:a1:10: 46:6d:42:22:25:ee:62:1f:f7:51:1f:9c:e9:7b:14: 8d:60:9f:ff:41:03:65:8d:67:91:81:ae:54:98:e2: b0:b8:42:b6:8e:a8:b0:7e:62:2a:51:59:07:45:dd: a1:ce:14:86:4c:5d:38:9c:69:80:72:b7:e1:af:8b: f9:8c:e6:8d:23:b6:df:d4:ae:99:4b:0f:d3:54:e9: 8a:60:a3:1a:4a:0e:cb:b9:8c:24:2f:0e:3e:e3:99: 16:98:1b:ee:e7:aa:a0:fb:6c:c4:b5:ce:e4:8c:ab: ca:02:ef:53:47:66:76:15:06:dd:b0:6e:cd:e0:a9: 75:8a:a6:89:f0:bc:15:7d:cf:12:07:1b:de:09:65: 8b:a0:15:40:10:cc:8e:b8:90:18:35:f1:51:4b:ad: 98:38:a1:de:7e:f8:4b:b0:34:16:83:e2:3b:63:70: 82:d2:a0:db:70:f5:a8:aa:00:46:3b:bc:99:8d:20: 71:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:E9:12:FE:63:1F:1A:F4:19:A6:FC:DC:0E:AD:3F:F0:DC:A4:5B:E3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 2e:9b:f0:84:8f:0c:6f:57:a0:d9:d6:ec:d5:3f:80:c8:70:5f: 7b:41:e9:8e:77:71:11:37:cb:70:3b:49:30:3d:5c:00:fd:b0: 56:ce:e0:f1:fc:72:5a:71:66:9c:68:7d:50:d3:8b:e2:6d:74: 8f:83:12:89:9e:79:01:fa:27:59:cf:2a:44:05:26:c8:3e:c9: 16:93:38:23:43:ee:f6:43:9f:0e:46:8d:95:5c:db:e0:de:3b: 6f:06:9b:c8:21:01:01:16:cc:91:6f:20:bf:10:e0:5c:01:2e: f1:82:3d:ba:56:85:72:9f:08:2d:2d:92:c6:53:6d:d9:f9:62: fe:4d:b7:50:6e:98:2c:f6:4c:6a:59:77:b1:09:78:be:b6:b1: 5c:cc:85:7e:d1:01:b2:1d:ed:0b:51:44:93:b7:86:d7:3c:7b: 65:a9:13:56:40:bc:1f:46:43:63:6f:43:12:b8:df:24:d1:27: 1a:26:99:73:5a:a8:62:4f:2a:01:d6:cf:e8:1e:c2:41:05:f6: e6:7e:12:d3:b9:54:54:0d:e2:3a:4e:54:2e:40:13:09:02:1d: 8d:77:34:90:af:3e:5f:09:48:48:ea:51:7e:50:02:39:3c:5d: ba:87:38:f6:08:65:74:96:69:21:5c:35:53:39:8f:e6:23:e6: 46:b4:e3:ce -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHmdwrJFdGhgq8bnJ6XOYQ1BPUJEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMTAwMTAzMloX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNANzBlYjNiYmEzNWE4NjZhYjk1YTVj ZmQ5YjUwYWM1ZTI1NTA3MTgwODkwNzBjYmFmOTg2MDEzMDFhNjhkNjM0ZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4e88qumNPuZ9CdYtxT+yIzLqkM0 Odt5oK6lFrOddcTKqvG3l3UsNHWVuNX4ByntzCyBHrCTgJKCrskP1L/B9225TCOX PEazoRBGbUIiJe5iH/dRH5zpexSNYJ//QQNljWeRga5UmOKwuEK2jqiwfmIqUVkH Rd2hzhSGTF04nGmAcrfhr4v5jOaNI7bf1K6ZSw/TVOmKYKMaSg7LuYwkLw4+45kW mBvu56qg+2zEtc7kjKvKAu9TR2Z2FQbdsG7N4Kl1iqaJ8LwVfc8SBxveCWWLoBVA EMyOuJAYNfFRS62YOKHefvhLsDQWg+I7Y3CC0qDbcPWoqgBGO7yZjSBxFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKvpEv5jHxr0Gab83A6tP/DcpFvjMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBAC6b8ISPDG9XoNnW7NU/ gMhwX3tB6Y53cRE3y3A7STA9XAD9sFbO4PH8clpxZpxofVDTi+JtdI+DEomeeQH6 J1nPKkQFJsg+yRaTOCND7vZDnw5GjZVc2+DeO28Gm8ghAQEWzJFvIL8Q4FwBLvGC PbpWhXKfCC0tksZTbdn5Yv5Nt1BumCz2TGpZd7EJeL62sVzMhX7RAbId7QtRRJO3 htc8e2WpE1ZAvB9GQ2NvQxK43yTRJxommXNaqGJPKgHWz+gewkEF9uZ+EtO5VFQN 4jpOVC5AEwkCHY13NJCvPl8JSEjqUX5QAjk8XbqHOPYIZXSWaSFcNVM5j+Yj5ka0 484= -----END CERTIFICATE-----Generated at Fri Nov 14 15:38:07 2025 by rpki-client