$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa File: 2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa (raw, json) Hash identifier: XZf/hgkLXyWkRaTxki8oCWpkPKKCgDqRb9S4rJXB2Mo= Subject key identifier: 65:98:66:76:71:DF:A9:06:DB:EC:03:45:B0:77:F8:45:B5:0F:10:53 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 160C4EBC1A80F9274948A68ABE5657B6D72B808F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa Signing time: Fri 17 Oct 2025 00:10:03 +0000 ROA not before: Fri 17 Oct 2025 00:10:03 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:0c:4e:bc:1a:80:f9:27:49:48:a6:8a:be:56:57:b6:d7:2b:80:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 17 00:10:03 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=7c5e62b21953a865eb6833a56df074ac0af47f54f560e271b9875d24f22db05b, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:87:b0:94:ff:98:3f:05:c9:2a:c7:be:3d:00: 78:2c:70:39:97:40:d6:92:bb:c0:64:b3:e6:ee:07: 68:d7:a9:ee:ab:b7:1f:3e:83:53:a6:e7:ad:c6:91: 6d:aa:b1:47:36:f7:a3:42:7c:75:db:21:aa:9c:54: 41:8b:f4:55:c6:7c:00:31:e5:14:45:31:9f:0e:04: 30:ec:41:9e:75:67:a0:e3:3f:98:66:bf:8a:1f:27: d1:37:fd:dd:f1:cd:96:80:90:a1:df:50:2e:5a:58: a7:8e:09:1d:e1:61:6c:b2:5d:3a:6e:15:e6:b2:cf: 1e:15:c4:44:67:fc:ec:29:e4:96:de:4d:c5:bd:bd: 51:d3:a9:75:c3:3f:56:02:47:1e:b3:66:e4:e9:e5: 33:19:31:9d:fa:40:55:86:fa:cd:89:87:0a:0a:51: b6:52:44:65:ae:e7:27:cf:5d:90:fd:a4:18:7b:7e: 16:ed:e0:87:de:6c:9b:87:4d:41:6e:94:fe:57:8c: f3:3a:52:b7:56:39:6e:e7:55:94:c6:40:7a:88:a7: fa:aa:7f:c7:e9:9e:77:b1:50:41:9b:2b:df:21:48: 98:ea:25:08:10:b9:e5:9e:74:30:16:f7:a7:55:20: 66:02:91:6f:e7:5a:90:2d:dd:8a:c8:ef:12:50:68: 9b:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:98:66:76:71:DF:A9:06:DB:EC:03:45:B0:77:F8:45:B5:0F:10:53 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:4000::/40 Signature Algorithm: sha256WithRSAEncryption 70:b1:fc:4f:b7:8a:a8:0a:15:42:74:d3:17:3b:c5:3d:0d:7d: 05:6e:f6:39:74:0e:39:32:e6:b7:99:b3:40:f5:52:99:27:c8: 9c:27:ad:d0:44:54:16:98:71:8c:a3:34:91:70:49:a8:a6:67: a8:f6:f3:d9:df:e4:d0:74:9a:86:a8:8b:70:66:71:d3:8b:64: 90:54:b2:a8:b7:45:33:12:5a:15:34:6a:88:fd:39:ea:1f:71: 5d:39:ee:72:ca:d5:ad:e3:73:13:9f:69:37:9a:9b:b1:b2:e2: 5a:cf:e3:f1:49:7e:cb:5d:55:b2:95:a7:ff:d2:ae:3c:c1:2f: 01:1d:16:c7:54:7b:31:56:67:3d:7e:2a:fb:3b:37:a1:9a:5a: 54:6e:d2:cb:e2:1a:3a:03:d4:83:1f:c2:cb:c2:63:fa:0b:f8: e2:8a:6a:73:68:93:39:2f:53:61:c5:8e:e1:2f:b2:4a:e5:89: de:0f:92:2f:27:4e:7d:1b:df:1a:d6:91:81:b3:94:29:68:77: 05:cc:6b:07:6a:cc:ed:3e:26:63:f5:36:b6:4b:e3:d1:b6:58: a3:65:d0:df:d3:17:58:ad:a9:5b:3c:35:14:23:88:a3:d1:f5: 34:95:e0:db:ed:05:25:79:6f:68:48:d8:b5:fb:69:0b:9a:59: 3a:f2:6b:cf -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFgxOvBqA+SdJSKaKvlZXttcrgI8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxNzAwMTAwM1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAN2M1ZTYyYjIxOTUzYTg2NWViNjgz M2E1NmRmMDc0YWMwYWY0N2Y1NGY1NjBlMjcxYjk4NzVkMjRmMjJkYjA1YjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYewlP+YPwXJKse+PQB4LHA5l0DW krvAZLPm7gdo16nuq7cfPoNTpuetxpFtqrFHNvejQnx12yGqnFRBi/RVxnwAMeUU RTGfDgQw7EGedWeg4z+YZr+KHyfRN/3d8c2WgJCh31AuWlinjgkd4WFssl06bhXm ss8eFcREZ/zsKeSW3k3Fvb1R06l1wz9WAkces2bk6eUzGTGd+kBVhvrNiYcKClG2 UkRlrucnz12Q/aQYe34W7eCH3mybh01BbpT+V4zzOlK3Vjlu51WUxkB6iKf6qn/H 6Z53sVBBmyvfIUiY6iUIELnlnnQwFvenVSBmApFv51qQLd2KyO8SUGibpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGWYZnZx36kG2+wDRbB3+EW1DxBTMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzJjN2RjOTllLTE2YzUtNDMxMi1iNjEzLWFjNDJlOGI1MmYxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+EAwDQYJKoZIhvcNAQELBQADggEBAHCx/E+3iqgKFUJ00xc7 xT0NfQVu9jl0Djky5reZs0D1UpknyJwnrdBEVBaYcYyjNJFwSaimZ6j289nf5NB0 moaoi3BmcdOLZJBUsqi3RTMSWhU0aoj9OeofcV057nLK1a3jcxOfaTeam7Gy4lrP 4/FJfstdVbKVp//SrjzBLwEdFsdUezFWZz1+Kvs7N6GaWlRu0sviGjoD1IMfwsvC Y/oL+OKKanNokzkvU2HFjuEvskrlid4Pki8nTn0b3xrWkYGzlClodwXMawdqzO0+ JmP1NrZL49G2WKNl0N/TF1itqVs8NRQjiKPR9TSV4NvtBSV5b2hI2LX7aQuaWTry a88= -----END CERTIFICATE-----Generated at Mon Oct 20 13:44:17 2025 by rpki-client