$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: iZndZsy8Nh7XGf58JkbyLkggGz4qxloDAKOTfT7mO7E= Subject key identifier: 3D:09:AB:B6:5E:4D:B6:9F:88:0A:51:D1:31:1F:B3:B0:4B:19:3A:2F Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 06DD0A5934CFF046E2044C44F0C52DF3BE4DCBD0 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Tue 11 Nov 2025 00:10:28 +0000 ROA not before: Tue 11 Nov 2025 00:10:28 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Nov 2025 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:dd:0a:59:34:cf:f0:46:e2:04:4c:44:f0:c5:2d:f3:be:4d:cb:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 11 00:10:28 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=6b8b87ef779aede68a54d113ceb7a41e474b9c08c3676dea8b5c6eb5fb900fd4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:2e:bc:b5:50:2d:35:d1:50:a0:71:97:1d:05: 82:f4:5c:22:fa:d7:73:f9:cd:d4:cb:fe:6e:83:6a: 95:4b:10:23:13:5e:60:cc:77:c9:00:c0:46:5d:de: e4:09:96:a5:85:63:1d:c6:a8:63:b8:a7:cc:c4:d5: 33:66:5f:c6:ce:0f:5c:93:8d:0b:f8:5d:b4:1a:23: 83:30:27:1a:9e:83:b3:95:7d:7c:51:fa:b0:e7:03: 04:f2:8b:aa:1f:01:ad:36:17:08:97:6c:8f:f6:27: 3e:52:83:1c:74:3f:f9:92:05:89:f1:0c:fb:32:7f: d5:d0:25:59:3d:c8:d1:2f:53:83:b2:45:3a:0d:5e: 72:20:8d:ba:be:bd:bd:83:33:c1:96:13:81:10:0c: f7:c9:62:06:2c:d5:15:1d:4f:b2:e7:8a:f0:81:09: 4d:25:19:5e:07:9c:d4:d2:86:07:61:60:eb:c8:a3: 70:f1:6d:99:99:04:69:04:de:db:d2:34:57:7e:b6: fc:89:13:15:43:50:84:91:75:aa:16:d2:dc:47:d7: 8a:6d:14:a7:0f:b2:49:25:08:50:fd:3a:2a:46:77: 1f:c8:6e:bf:3e:9b:47:39:4e:69:3b:46:7d:bd:69: 06:82:9e:4c:07:0e:f0:95:13:03:14:4a:4a:6e:02: 4f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:09:AB:B6:5E:4D:B6:9F:88:0A:51:D1:31:1F:B3:B0:4B:19:3A:2F X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 16:71:4f:ba:6d:c6:df:d9:69:b4:b5:8c:16:02:a4:f5:04:70: 58:fc:13:4a:22:2e:32:ac:54:ad:c9:da:0c:31:a5:5c:67:09: f8:95:ba:56:be:8c:6d:2e:a7:93:04:8c:04:ef:21:00:c7:40: 5d:25:23:31:89:e9:1a:71:b2:0f:f5:af:39:f1:f8:6a:be:08: df:e1:f5:75:a8:2e:4c:d1:36:09:67:a9:f7:a6:62:e4:6c:f0: 03:28:e6:75:6d:14:46:c9:51:bf:88:44:e3:fe:fc:1f:36:d8: b1:5c:ca:bc:f3:8b:18:34:94:44:fb:df:da:57:0b:a2:69:34: a9:7b:b9:c0:48:96:66:39:1f:b1:f3:b3:b3:2e:48:9d:72:3b: 01:b5:d4:09:ee:3a:5b:53:fa:05:34:4b:b4:07:57:b1:cc:f7: f9:13:e0:8c:0f:6f:1b:38:3d:e9:e0:34:ef:9c:ea:37:d0:66: 47:fb:3d:80:8f:d0:66:6b:da:51:6a:15:3a:dd:13:48:3b:cd: 31:78:cb:a4:87:b1:28:be:a2:7a:68:dd:84:5f:39:7e:4e:16: 84:21:07:84:1e:a6:e4:3b:35:4e:72:d7:89:45:d1:b5:67:71: cb:5a:27:a5:fe:99:e4:58:66:6a:af:ee:62:d9:14:4d:df:7c: 4a:19:f4:3b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBt0KWTTP8EbiBExE8MUt875Ny9AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMTAwMTAyOFoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNANmI4Yjg3ZWY3NzlhZWRlNjhhNTRk MTEzY2ViN2E0MWU0NzRiOWMwOGMzNjc2ZGVhOGI1YzZlYjVmYjkwMGZkNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1C68tVAtNdFQoHGXHQWC9Fwi+tdz +c3Uy/5ug2qVSxAjE15gzHfJAMBGXd7kCZalhWMdxqhjuKfMxNUzZl/Gzg9ck40L +F20GiODMCcanoOzlX18Ufqw5wME8ouqHwGtNhcIl2yP9ic+UoMcdD/5kgWJ8Qz7 Mn/V0CVZPcjRL1ODskU6DV5yII26vr29gzPBlhOBEAz3yWIGLNUVHU+y54rwgQlN JRleB5zU0oYHYWDryKNw8W2ZmQRpBN7b0jRXfrb8iRMVQ1CEkXWqFtLcR9eKbRSn D7JJJQhQ/ToqRncfyG6/PptHOU5pO0Z9vWkGgp5MBw7wlRMDFEpKbgJPawIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD0Jq7ZeTbafiApR0TEfs7BLGTovMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBABZxT7ptxt/ZabS1jBYC pPUEcFj8E0oiLjKsVK3J2gwxpVxnCfiVula+jG0up5MEjATvIQDHQF0lIzGJ6Rpx sg/1rznx+Gq+CN/h9XWoLkzRNglnqfemYuRs8AMo5nVtFEbJUb+IROP+/B822LFc yrzzixg0lET739pXC6JpNKl7ucBIlmY5H7Hzs7MuSJ1yOwG11AnuOltT+gU0S7QH V7HM9/kT4IwPbxs4PengNO+c6jfQZkf7PYCP0GZr2lFqFTrdE0g7zTF4y6SHsSi+ onpo3YRfOX5OFoQhB4QepuQ7NU5y14lF0bVncctaJ6X+meRYZmqv7mLZFE3ffEoZ 9Ds= -----END CERTIFICATE-----Generated at Wed Nov 12 09:23:11 2025 by rpki-client