$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa File: 3537691c-1a10-4699-a8a0-4cec50a35534.roa (raw, json) Hash identifier: Abmvj/dhAaJKtrmU5QjDE67HpkCI7vEuA8xdT0KGqfw= Subject key identifier: 22:A0:7F:A8:20:6D:67:FC:FC:B4:F9:56:4E:6D:91:33:17:CF:B2:5A Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5E73530A4FB9986C14994C3504E9E32807BFFFAF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa Signing time: Tue 11 Nov 2025 00:10:30 +0000 ROA not before: Tue 11 Nov 2025 00:10:30 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Nov 2025 00:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:73:53:0a:4f:b9:98:6c:14:99:4c:35:04:e9:e3:28:07:bf:ff:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 11 00:10:30 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=146a494c61ae329c7cf3229f9f30c202e3a27f9e6612d2d18ca896f0f0a92ceb, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:2c:29:00:dd:af:31:91:a2:b7:d4:e4:4a:99: f2:80:2e:67:ec:52:f5:1f:c8:bd:6c:df:56:ad:9f: 49:d2:99:f2:ed:19:f7:00:6b:33:14:a0:25:12:fe: 47:07:09:d4:3b:65:19:a1:f0:26:ea:76:b0:b1:c2: 08:ad:99:75:23:c4:02:c6:8a:b8:b7:07:7e:76:7d: 99:8b:3b:45:ab:ce:cc:03:be:da:5f:75:a4:a5:38: b4:9d:90:19:8f:b1:58:4d:63:ce:1d:51:0c:17:cd: f8:fd:13:99:49:b8:d2:76:ad:66:f8:c7:d0:4f:4b: 85:38:f5:92:19:86:6f:50:d0:72:eb:3c:a9:ca:cf: 0b:e5:d8:9f:dc:8e:75:b1:00:3f:f9:d7:c0:36:34: 58:c1:d1:36:21:c7:4d:8a:30:74:18:c6:86:c7:75: c3:4b:88:d7:97:d1:82:2f:24:f2:ce:da:dc:82:48: f4:ad:12:a4:08:24:bb:61:65:38:42:fd:7a:bc:82: 9b:9e:fa:b6:07:f6:6e:66:4e:83:7e:39:76:b0:0a: 6f:74:b3:36:9d:9e:67:11:4a:a6:95:a5:9f:91:34: 84:bb:54:87:52:cf:47:0a:46:25:e6:1b:5a:93:45: 83:83:57:56:b7:67:7f:8b:ba:19:68:18:32:eb:4a: 9b:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:A0:7F:A8:20:6D:67:FC:FC:B4:F9:56:4E:6D:91:33:17:CF:B2:5A X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:8000::/40 Signature Algorithm: sha256WithRSAEncryption 73:87:9d:d5:75:32:3a:07:78:7c:fd:95:a5:f7:b3:7a:b5:7a: 3a:b8:9e:f2:e4:60:41:c6:98:80:bf:16:a7:03:a4:ce:bf:3f: 43:fe:24:e3:8b:4c:93:59:c5:95:d1:a1:6f:a4:2a:f2:1b:be: 3c:d0:29:02:82:3f:46:c1:f0:0f:cc:2e:c5:5c:8f:03:16:2f: 54:7f:1f:12:e9:29:13:69:c7:00:73:84:f7:ac:cf:cd:77:2f: b6:6e:9e:bd:ef:8b:8d:10:4e:08:8d:d0:73:3b:52:10:3e:86: 1f:bc:b4:5a:75:fd:5e:75:bd:40:69:39:4e:71:80:a3:e5:54: c9:87:32:13:a7:e5:4f:53:51:4a:fe:28:7d:84:9b:e7:3c:e1: b5:18:de:41:56:ba:cb:1b:6d:c8:da:81:ca:cd:ef:3f:40:63: 55:44:ca:e5:c0:43:d4:41:90:6c:68:13:b1:18:da:a9:a7:13: f3:8d:df:ac:73:52:57:b8:0a:7d:b3:41:18:5b:1f:f9:78:92: 7b:25:cc:28:d2:b6:5f:62:c9:9c:22:e6:71:3b:44:90:dc:18: 74:33:27:20:a9:90:24:07:71:67:bd:72:74:02:dc:91:02:9c: 15:4e:b9:d8:3c:6b:94:55:9a:8a:e9:f7:3b:70:22:ea:a5:c1: 22:0c:aa:5d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXnNTCk+5mGwUmUw1BOnjKAe//68wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMTAwMTAzMFoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAMTQ2YTQ5NGM2MWFlMzI5YzdjZjMy MjlmOWYzMGMyMDJlM2EyN2Y5ZTY2MTJkMmQxOGNhODk2ZjBmMGE5MmNlYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CwpAN2vMZGit9TkSpnygC5n7FL1 H8i9bN9WrZ9J0pny7Rn3AGszFKAlEv5HBwnUO2UZofAm6nawscIIrZl1I8QCxoq4 twd+dn2ZiztFq87MA77aX3WkpTi0nZAZj7FYTWPOHVEMF834/ROZSbjSdq1m+MfQ T0uFOPWSGYZvUNBy6zypys8L5dif3I51sQA/+dfANjRYwdE2IcdNijB0GMaGx3XD S4jXl9GCLyTyztrcgkj0rRKkCCS7YWU4Qv16vIKbnvq2B/ZuZk6Dfjl2sApvdLM2 nZ5nEUqmlaWfkTSEu1SHUs9HCkYl5htak0WDg1dWt2d/i7oZaBgy60qbuQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCKgf6ggbWf8/LT5Vk5tkTMXz7JaMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1Mzc2OTFjLTFhMTAtNDY5OS1hOGEwLTRjZWM1MGEzNTUzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+oAwDQYJKoZIhvcNAQELBQADggEBAHOHndV1MjoHeHz9laX3 s3q1ejq4nvLkYEHGmIC/FqcDpM6/P0P+JOOLTJNZxZXRoW+kKvIbvjzQKQKCP0bB 8A/MLsVcjwMWL1R/HxLpKRNpxwBzhPesz813L7Zunr3vi40QTgiN0HM7UhA+hh+8 tFp1/V51vUBpOU5xgKPlVMmHMhOn5U9TUUr+KH2Em+c84bUY3kFWussbbcjagcrN 7z9AY1VEyuXAQ9RBkGxoE7EY2qmnE/ON36xzUle4Cn2zQRhbH/l4knslzCjStl9i yZwi5nE7RJDcGHQzJyCpkCQHcWe9cnQC3JECnBVOudg8a5RVmorp9ztwIuqlwSIM ql0= -----END CERTIFICATE-----Generated at Fri Nov 14 13:09:58 2025 by rpki-client