$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json) Hash identifier: TCqFsNrU+Jvbz+wET5QUXDpeVbx8dBDuZ3/tvUi3RU8= Subject key identifier: D5:3B:9C:32:23:B1:A1:0F:06:30:C4:5D:B4:A8:7B:68:E2:D6:C2:33 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6B7D585B64704A5E1082DD8E8B4FE9D7367D9145 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa Signing time: Tue 11 Nov 2025 00:10:32 +0000 ROA not before: Tue 11 Nov 2025 00:10:32 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Nov 2025 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:7d:58:5b:64:70:4a:5e:10:82:dd:8e:8b:4f:e9:d7:36:7d:91:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 11 00:10:32 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=84c4bb6e2e4dc854cffadf6fd2519b432e9d542e6dda0cc0f0e3d19001f3f1c7, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:00:97:f5:ff:1b:d0:d3:8f:ab:e3:9f:2b:87: 51:c7:8f:f2:77:bb:1c:94:7f:80:16:a3:48:c8:c8: cd:f8:6a:f9:0f:55:13:7e:79:26:a1:7d:1c:c0:95: 89:cc:8a:61:c7:11:42:b9:ab:0e:d2:e4:d3:c6:c8: cb:9b:01:6c:06:d2:a5:39:51:16:4f:36:82:54:a3: 10:57:0a:27:4c:c0:99:59:5a:47:75:88:f4:93:e7: 6f:e1:a1:6c:c7:51:19:7c:78:68:ca:70:b2:75:7e: 1d:a2:b0:6f:1f:ba:3e:1d:9e:31:46:41:72:af:02: 6d:57:f7:6a:ea:34:33:b2:eb:f4:bd:57:8e:58:af: e8:17:0d:42:9e:ae:a6:61:3e:5b:20:f8:d3:e8:a2: 23:65:7a:b1:17:40:fd:8e:87:60:e4:a5:20:d4:a6: 41:97:91:40:3e:5a:39:dd:c4:a5:05:3f:16:25:0d: 4a:27:f4:87:68:dc:03:4c:de:75:8b:17:fd:6c:ba: 90:7a:a8:5a:b2:64:72:34:35:d2:5d:17:5c:21:92: 84:7c:9f:af:1b:07:ea:0a:03:41:0f:81:a2:b6:a8: 58:74:21:0d:be:ae:7c:34:f4:d9:af:91:ef:6c:ef: 19:41:ae:6b:29:04:41:31:62:01:33:14:ed:b3:1e: 63:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:3B:9C:32:23:B1:A1:0F:06:30:C4:5D:B4:A8:7B:68:E2:D6:C2:33 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 44:46:2d:41:b5:80:2c:2b:b3:b5:fc:8f:8e:36:21:82:1b:9d: 6a:bf:7f:9a:68:5b:87:54:c6:d4:4e:73:ea:6d:ac:44:0c:aa: 80:ce:25:dc:20:55:3e:15:a9:e0:a7:16:10:41:f3:9e:e3:e4: b9:40:de:91:74:94:11:6e:3e:55:c7:83:81:f6:63:6c:58:7d: d8:dd:25:67:cb:7b:a3:49:dc:08:5e:56:df:c4:00:9b:3f:c5: 7c:20:5e:5b:14:12:df:8c:d1:82:46:36:30:88:5d:21:d5:76: 4c:61:95:74:2d:50:30:eb:72:ab:15:20:89:3d:8e:25:3b:dc: 29:f2:5b:5e:3a:62:ab:a5:43:d6:73:cd:90:54:8d:c9:61:d1: 9f:00:2b:05:55:24:e2:cf:17:a8:e0:da:2b:bb:9d:5d:d8:6f: d4:f9:5d:dd:d3:13:ca:76:9b:c8:ce:a9:86:e0:82:dd:79:b6: 15:62:a8:94:58:b1:30:3e:71:ee:d1:a0:68:7a:89:02:0e:25: 7b:3d:02:e2:9a:06:ea:7a:d6:e9:d4:17:ec:2a:a9:c3:b1:cc: 68:dd:69:e2:94:c1:8c:40:02:08:bf:5d:fc:6a:ac:2b:e2:85: d8:14:40:aa:84:0d:bf:19:e1:34:21:75:cf:32:31:07:ed:dd: c9:57:0e:78 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUa31YW2RwSl4Qgt2Oi0/p1zZ9kUUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMTAwMTAzMloX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAODRjNGJiNmUyZTRkYzg1NGNmZmFk ZjZmZDI1MTliNDMyZTlkNTQyZTZkZGEwY2MwZjBlM2QxOTAwMWYzZjFjNzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgCX9f8b0NOPq+OfK4dRx4/yd7sc lH+AFqNIyMjN+Gr5D1UTfnkmoX0cwJWJzIphxxFCuasO0uTTxsjLmwFsBtKlOVEW TzaCVKMQVwonTMCZWVpHdYj0k+dv4aFsx1EZfHhoynCydX4dorBvH7o+HZ4xRkFy rwJtV/dq6jQzsuv0vVeOWK/oFw1Cnq6mYT5bIPjT6KIjZXqxF0D9jodg5KUg1KZB l5FAPlo53cSlBT8WJQ1KJ/SHaNwDTN51ixf9bLqQeqhasmRyNDXSXRdcIZKEfJ+v GwfqCgNBD4GitqhYdCENvq58NPTZr5HvbO8ZQa5rKQRBMWIBMxTtsx5jhwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNU7nDIjsaEPBjDEXbSoe2ji1sIzMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBAERGLUG1gCwrs7X8j442 IYIbnWq/f5poW4dUxtROc+ptrEQMqoDOJdwgVT4VqeCnFhBB857j5LlA3pF0lBFu PlXHg4H2Y2xYfdjdJWfLe6NJ3AheVt/EAJs/xXwgXlsUEt+M0YJGNjCIXSHVdkxh lXQtUDDrcqsVIIk9jiU73CnyW146YqulQ9ZzzZBUjclh0Z8AKwVVJOLPF6jg2iu7 nV3Yb9T5Xd3TE8p2m8jOqYbggt15thViqJRYsTA+ce7RoGh6iQIOJXs9AuKaBup6 1unUF+wqqcOxzGjdaeKUwYxAAgi/XfxqrCvihdgUQKqEDb8Z4TQhdc8yMQft3clX Dng= -----END CERTIFICATE-----Generated at Wed Nov 12 16:46:28 2025 by rpki-client