$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa File: 2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa (raw, json) Hash identifier: 8Pr8IkXmO4Ez1yqbm4z3CXa/YkblktKexunCtOSasbE= Subject key identifier: CA:50:30:42:05:0D:7E:8B:DB:9C:79:0E:F5:94:0B:F2:FE:60:B1:E8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0C7F74BBB0239CCACB8B469C5774A9477A8F4E20 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa Signing time: Mon 07 Jul 2025 16:00:06 +0000 ROA not before: Mon 07 Jul 2025 16:00:06 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:7f:74:bb:b0:23:9c:ca:cb:8b:46:9c:57:74:a9:47:7a:8f:4e:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 7 16:00:06 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=2a464b16595d112818945552aee70c9225b81ebec81dfce8b43d6b9239c24dc4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:d6:df:d0:e7:ce:ee:29:88:b6:18:f7:32:83: cd:33:02:2e:5c:c2:e4:4e:c0:5f:45:0f:4b:69:7c: 89:78:23:c5:3a:c1:cf:35:c9:6e:43:ac:04:94:b4: 5e:52:46:07:2c:1b:10:3f:ef:46:fb:88:54:77:ec: 27:3a:24:18:6b:db:44:af:7d:76:02:73:22:14:71: 67:4d:99:6f:b8:39:7d:c4:7a:34:c3:b8:76:32:7c: f8:0b:72:a6:76:29:61:4d:cd:0a:cb:96:e7:cd:34: dc:e4:c1:77:ea:2a:da:31:3a:e6:fc:b0:eb:e8:99: fd:ca:99:1e:a4:93:0b:bb:92:8d:b8:9a:2c:81:44: 14:59:0b:d7:93:24:ca:69:1c:cd:df:ba:7f:bf:2d: 9b:8b:47:1f:76:64:0b:32:55:de:b1:33:70:78:40: 96:a4:b1:0e:65:de:d6:3b:1b:d2:45:d9:12:1e:91: b8:16:eb:90:58:3f:7b:4e:d7:85:2a:c4:29:2c:ac: 7f:b3:9d:01:ee:c6:d1:76:76:8d:e1:f3:7c:32:4a: 9f:22:a2:36:ba:84:87:c5:00:a8:30:33:67:d7:56: 45:36:0c:74:31:d5:0c:4c:7e:e1:e3:dc:8a:0d:f5: 92:5d:46:55:de:c1:4d:fa:66:df:1e:1a:69:34:65: 35:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:50:30:42:05:0D:7E:8B:DB:9C:79:0E:F5:94:0B:F2:FE:60:B1:E8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:8000::/40 Signature Algorithm: sha256WithRSAEncryption 64:e9:c7:18:1b:b1:79:2d:e9:3a:9b:c7:c0:bc:fc:4f:bb:12: fa:82:8b:3b:17:06:c4:33:fa:bf:98:f0:e4:2c:87:93:ed:63: f7:91:2b:ad:5f:b1:74:56:d6:c3:91:05:c4:d0:5e:6c:af:96: a7:91:b4:85:62:0b:02:bd:5d:76:ae:9c:ba:6d:cb:4e:63:7f: 61:0b:a5:4f:5e:61:b1:34:33:63:0d:10:35:cd:55:f2:e7:2a: 5a:6a:d4:8f:3a:78:70:d4:75:29:6b:51:7e:af:6f:b8:0f:28: ce:4b:32:1f:4e:ab:e2:64:9d:ba:7f:51:eb:2f:ce:1c:9a:e8: d9:11:9b:85:89:0a:3e:11:f7:d1:c7:13:a2:24:32:10:07:b2: 2c:8a:3e:25:ae:2c:4f:18:4f:e0:14:0d:cb:64:0b:34:b1:3a: 38:92:09:cc:80:f3:18:24:c2:34:80:f8:a3:cf:da:38:57:26: 10:3d:9d:a4:90:88:a7:8a:e2:90:61:e5:d5:c4:84:02:3a:96: 31:41:f4:f6:a3:d6:43:6e:b0:d0:dc:00:61:8e:32:b6:46:9a: 1b:29:66:90:c3:ac:92:33:dc:4c:81:e1:5d:db:04:cf:39:34: bb:00:d8:91:f7:2b:93:2b:44:e8:f5:77:28:f0:fd:3e:80:ff: 02:55:dd:7a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDH90u7AjnMrLi0acV3SpR3qPTiAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwNzE2MDAwNloX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMmE0NjRiMTY1OTVkMTEyODE4OTQ1 NTUyYWVlNzBjOTIyNWI4MWViZWM4MWRmY2U4YjQzZDZiOTIzOWMyNGRjNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdbf0OfO7imIthj3MoPNMwIuXMLk TsBfRQ9LaXyJeCPFOsHPNcluQ6wElLReUkYHLBsQP+9G+4hUd+wnOiQYa9tEr312 AnMiFHFnTZlvuDl9xHo0w7h2Mnz4C3KmdilhTc0Ky5bnzTTc5MF36iraMTrm/LDr 6Jn9ypkepJMLu5KNuJosgUQUWQvXkyTKaRzN37p/vy2bi0cfdmQLMlXesTNweECW pLEOZd7WOxvSRdkSHpG4FuuQWD97TteFKsQpLKx/s50B7sbRdnaN4fN8MkqfIqI2 uoSHxQCoMDNn11ZFNgx0MdUMTH7h49yKDfWSXUZV3sFN+mbfHhppNGU1MwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMpQMEIFDX6L25x5DvWUC/L+YLHoMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIyNDdmMzRmLWU1YjEtNDIzYy1hYzBmLTcxNDJhZDg2YmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+YAwDQYJKoZIhvcNAQELBQADggEBAGTpxxgbsXkt6Tqbx8C8 /E+7EvqCizsXBsQz+r+Y8OQsh5PtY/eRK61fsXRW1sORBcTQXmyvlqeRtIViCwK9 XXaunLpty05jf2ELpU9eYbE0M2MNEDXNVfLnKlpq1I86eHDUdSlrUX6vb7gPKM5L Mh9Oq+Jknbp/Uesvzhya6NkRm4WJCj4R99HHE6IkMhAHsiyKPiWuLE8YT+AUDctk CzSxOjiSCcyA8xgkwjSA+KPP2jhXJhA9naSQiKeK4pBh5dXEhAI6ljFB9Paj1kNu sNDcAGGOMrZGmhspZpDDrJIz3EyB4V3bBM85NLsA2JH3K5MrROj1dyjw/T6A/wJV 3Xo= -----END CERTIFICATE-----Generated at Tue Jul 22 19:29:32 2025 by rpki-client