$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa File: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (raw, json) Hash identifier: qpRU+oKLfGKMAho3sukY7muDlyvS976mSkqo0maIzFA= Subject key identifier: 4C:63:94:2A:89:41:53:AF:9F:4B:E7:8C:A1:A2:9F:8F:44:2D:49:B0 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 276A95006E6AFA0650E795E849F7F5E396B08470 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa Signing time: Tue 11 Nov 2025 00:10:33 +0000 ROA not before: Tue 11 Nov 2025 00:10:33 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 15 Nov 2025 00:10:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:6a:95:00:6e:6a:fa:06:50:e7:95:e8:49:f7:f5:e3:96:b0:84:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 11 00:10:33 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=9fa0e807f7d86eb5ac14ce76c9c3f136c79413258f9a0080a34d63652a90f5e1, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:e2:c2:d7:bc:17:2c:d7:16:79:bd:73:3f:93: 6e:98:e9:73:ef:55:9c:87:85:66:b2:05:4d:15:cd: d5:37:f8:fa:6c:be:3f:ab:16:9d:50:c3:0c:08:01: 36:50:a3:df:2f:ba:83:16:a1:1b:23:1f:66:59:5d: 09:74:25:48:ec:d0:ea:4c:c5:5c:24:22:9e:81:8c: 41:00:7e:75:b8:14:e0:07:50:7e:fe:22:73:bc:0e: 93:d3:26:f5:bc:15:f4:6b:2c:49:6a:3c:37:9a:ef: 39:06:be:5e:3c:6c:16:c6:ae:e8:94:d7:08:28:c1: 9d:93:1c:cc:80:99:fe:2a:57:15:10:6d:1b:fa:38: 87:9f:68:e5:29:6c:86:17:60:0d:1c:6e:c8:27:57: 6e:ef:96:80:c9:1c:7d:72:65:22:38:04:65:dd:dc: c8:58:40:27:43:60:bc:f2:2f:ae:3f:8b:1a:14:c8: e4:b8:26:b1:2d:0f:e5:45:3c:47:92:d2:e9:1e:68: 60:8e:be:16:5e:a7:26:27:b2:85:d6:5b:2a:01:c9: 70:e6:f4:75:aa:de:53:0f:8e:c3:97:59:96:b3:ac: 9f:9b:bd:47:9c:61:d1:4b:e4:2d:6e:31:22:d0:47: 0a:94:67:42:6d:a9:40:4c:01:83:2f:1e:2d:ff:df: 76:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:63:94:2A:89:41:53:AF:9F:4B:E7:8C:A1:A2:9F:8F:44:2D:49:B0 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:8000::/40 Signature Algorithm: sha256WithRSAEncryption 52:44:9f:d6:cb:97:3b:2d:0e:10:9d:91:3e:5d:b5:f1:a5:2f: d4:41:6d:17:2e:41:f5:24:34:7c:48:56:f1:67:68:52:eb:0c: 52:f6:b6:c9:1d:d2:d6:cc:75:af:c4:f6:ed:92:c3:83:66:17: db:c5:c5:0d:27:4d:88:16:0a:38:6b:c1:37:97:59:eb:21:90: 5b:28:92:47:1b:7a:9d:72:f8:c4:c8:91:8f:e5:d3:05:e8:e2: ce:48:75:2b:55:68:f3:bc:83:0f:31:8d:c0:94:7b:e5:d0:03: 73:e5:82:86:b9:c0:6a:3c:3d:22:6f:6d:5b:a6:1b:eb:f9:0f: ae:b6:b2:8e:04:59:12:27:d6:5f:8c:fc:48:e3:f2:23:c9:a6: 90:23:6d:3a:93:d8:0a:5a:84:b8:c4:5a:59:51:64:e2:3c:50: b8:f7:f5:3b:3a:01:93:79:c9:a6:af:98:6c:cc:ec:a9:35:69: 40:24:8b:6f:c5:28:b2:dc:6a:50:45:b0:63:45:c9:f5:3c:b9: f4:7b:20:d5:21:9c:34:68:4a:6f:53:cc:15:a4:c7:cf:59:26: 09:bd:d2:a9:40:e6:73:f8:e4:45:b8:91:39:b0:ed:6e:62:cc: 8a:65:1e:27:db:6c:5a:02:1e:ab:05:43:28:bc:c2:d1:e9:22: ee:b3:da:3f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ2qVAG5q+gZQ55XoSff145awhHAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMTAwMTAzM1oX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAOWZhMGU4MDdmN2Q4NmViNWFjMTRj ZTc2YzljM2YxMzZjNzk0MTMyNThmOWEwMDgwYTM0ZDYzNjUyYTkwZjVlMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOLC17wXLNcWeb1zP5NumOlz71Wc h4VmsgVNFc3VN/j6bL4/qxadUMMMCAE2UKPfL7qDFqEbIx9mWV0JdCVI7NDqTMVc JCKegYxBAH51uBTgB1B+/iJzvA6T0yb1vBX0ayxJajw3mu85Br5ePGwWxq7olNcI KMGdkxzMgJn+KlcVEG0b+jiHn2jlKWyGF2ANHG7IJ1du75aAyRx9cmUiOARl3dzI WEAnQ2C88i+uP4saFMjkuCaxLQ/lRTxHktLpHmhgjr4WXqcmJ7KF1lsqAclw5vR1 qt5TD47Dl1mWs6yfm71HnGHRS+QtbjEi0EcKlGdCbalATAGDLx4t/992pQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFExjlCqJQVOvn0vnjKGin49ELUmwMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU3Zjg0MzNjLWYxNjItNGIxMC04NTI3LWZiZjdjZGJiNmFhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+IAwDQYJKoZIhvcNAQELBQADggEBAFJEn9bLlzstDhCdkT5d tfGlL9RBbRcuQfUkNHxIVvFnaFLrDFL2tskd0tbMda/E9u2Sw4NmF9vFxQ0nTYgW CjhrwTeXWeshkFsokkcbep1y+MTIkY/l0wXo4s5IdStVaPO8gw8xjcCUe+XQA3Pl goa5wGo8PSJvbVumG+v5D662so4EWRIn1l+M/Ejj8iPJppAjbTqT2ApahLjEWllR ZOI8ULj39Ts6AZN5yaavmGzM7Kk1aUAki2/FKLLcalBFsGNFyfU8ufR7INUhnDRo Sm9TzBWkx89ZJgm90qlA5nP45EW4kTmw7W5izIplHifbbFoCHqsFQyi8wtHpIu6z 2j8= -----END CERTIFICATE-----Generated at Tue Nov 11 10:40:18 2025 by rpki-client