$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json) Hash identifier: T8eKRxGMCZmFmN1BBYrem41Pwp1SzBBzric2X5dCric= Subject key identifier: C3:B7:96:CC:E1:0E:90:7B:8F:8D:4E:AA:44:A2:D1:22:E0:32:F9:08 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1B58818CDA55107758B026F1B592413F38514C4E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa Signing time: Wed 09 Jul 2025 00:00:50 +0000 ROA not before: Wed 09 Jul 2025 00:00:50 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:58:81:8c:da:55:10:77:58:b0:26:f1:b5:92:41:3f:38:51:4c:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:50 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=fc094e4baa9898c0ab09cb4c3b6b58150f69e815d2bdf61419250c7e9439d429, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:53:59:c6:41:f6:59:f6:e1:5e:64:ab:fa:bb: ab:ed:2b:6d:94:77:2c:04:8a:9f:e4:ba:e4:51:c1: f7:fe:03:d8:77:d5:48:0a:e8:9b:a2:56:1f:27:06: 65:01:6a:6d:96:97:dc:c0:d1:9c:c9:3d:15:15:ef: f3:c9:9a:2e:99:a8:de:80:b2:42:ce:09:5b:46:79: 1a:3a:6e:4a:7b:77:d7:8f:22:76:e8:4e:27:fd:83: 3c:43:53:97:92:54:f7:fb:63:c9:d4:57:6b:00:7f: 16:a9:4f:c6:5c:21:c4:00:c8:7e:c4:1f:61:69:b5: 2a:1f:1f:e6:3f:f1:99:40:20:7f:92:48:bb:5c:43: 41:c2:5d:20:18:40:d1:22:5a:43:f6:d7:c9:ed:e1: 0b:0e:17:a7:6c:7a:c3:fa:1e:e9:4c:ba:4a:0b:04: 01:3c:90:05:19:53:2b:c5:dc:a0:af:71:66:43:36: 2d:5c:b6:3b:a1:c1:25:ac:86:a7:da:36:66:d4:c3: e0:89:af:39:d9:85:9d:23:08:ba:ff:6f:c1:f0:73: 43:aa:f1:0c:81:cc:a6:68:b8:03:ba:09:07:a4:2e: 54:47:f7:2a:51:71:c1:75:ba:70:ee:c2:0b:53:1a: f6:3c:ec:c4:44:40:c9:6d:4b:f4:a1:23:72:72:6d: 53:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:B7:96:CC:E1:0E:90:7B:8F:8D:4E:AA:44:A2:D1:22:E0:32:F9:08 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fc::/32 Signature Algorithm: sha256WithRSAEncryption 1d:82:a8:59:db:38:2d:09:a8:17:c9:10:4f:a9:63:a1:3d:f7: 91:b1:8d:a7:a2:f6:d8:b7:14:49:2c:33:9a:db:22:01:91:28: a6:c7:51:96:8e:43:be:f0:32:ec:56:8f:b3:1f:a1:2c:96:a4: 26:96:0d:f2:c7:5a:90:b8:a8:06:54:8a:b2:6c:ac:c6:f7:37: 11:f7:eb:51:b9:38:46:76:54:56:83:f7:42:d2:e5:af:29:55: 8c:8e:7b:15:51:ff:63:03:07:ae:b9:26:23:c5:53:df:f5:90: 23:3d:76:e0:78:bf:7b:bf:ae:01:d7:38:d4:3d:87:93:5d:84: e1:2e:d6:2a:e5:0d:34:09:35:e0:4e:b6:df:dd:1b:2e:89:e5: c4:dd:01:4d:0c:46:d7:fb:9d:5e:3b:fe:8e:a1:96:3b:4b:82: d0:aa:49:76:f1:0f:85:f5:2b:73:89:6c:14:e6:fe:ea:c7:e3: 88:f8:6c:e0:27:86:fd:26:8a:5f:03:c0:2f:26:92:e7:27:29: dc:dc:fc:d7:2e:f8:04:3f:7f:56:f2:1e:21:e4:60:fb:4a:43: 7d:60:ab:b2:b1:86:f3:41:4a:3b:6c:c7:9b:e9:6d:82:44:fb: 80:7e:82:0e:3b:4e:6f:23:ed:6f:23:8c:c4:5d:53:94:68:5a: a6:ed:84:ef -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUG1iBjNpVEHdYsCbxtZJBPzhRTE4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDA1MFoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAZmMwOTRlNGJhYTk4OThjMGFiMDlj YjRjM2I2YjU4MTUwZjY5ZTgxNWQyYmRmNjE0MTkyNTBjN2U5NDM5ZDQyOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51NZxkH2WfbhXmSr+rur7SttlHcs BIqf5LrkUcH3/gPYd9VICuibolYfJwZlAWptlpfcwNGcyT0VFe/zyZoumajegLJC zglbRnkaOm5Ke3fXjyJ26E4n/YM8Q1OXklT3+2PJ1FdrAH8WqU/GXCHEAMh+xB9h abUqHx/mP/GZQCB/kki7XENBwl0gGEDRIlpD9tfJ7eELDhenbHrD+h7pTLpKCwQB PJAFGVMrxdygr3FmQzYtXLY7ocElrIan2jZm1MPgia852YWdIwi6/2/B8HNDqvEM gcymaLgDugkHpC5UR/cqUXHBdbpw7sILUxr2POzEREDJbUv0oSNycm1TbQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFMO3lszhDpB7j41OqkSi0SLgMvkIMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAHYKoWds4LQmoF8kQT6lj oT33kbGNp6L22LcUSSwzmtsiAZEopsdRlo5DvvAy7FaPsx+hLJakJpYN8sdakLio BlSKsmysxvc3EffrUbk4RnZUVoP3QtLlrylVjI57FVH/YwMHrrkmI8VT3/WQIz12 4Hi/e7+uAdc41D2Hk12E4S7WKuUNNAk14E62390bLonlxN0BTQxG1/udXjv+jqGW O0uC0KpJdvEPhfUrc4lsFOb+6sfjiPhs4CeG/SaKXwPALyaS5ycp3Nz81y74BD9/ VvIeIeRg+0pDfWCrsrGG80FKO2zHm+ltgkT7gH6CDjtObyPtbyOMxF1TlGhapu2E 7w== -----END CERTIFICATE-----Generated at Tue Jul 22 19:29:33 2025 by rpki-client