$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa File: 33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa (raw, json) Hash identifier: +wbWknbewnWlH/Qnren5AiFhQQKtOjI+4t8urOwgTzA= Subject key identifier: 75:F7:B3:B2:F8:6A:A7:F7:8F:0F:CB:51:75:DA:18:D0:66:52:99:A1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6BF11396E4D87DF0B04D8EE5FA720C9CD5CE5C1A Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa Signing time: Wed 09 Jul 2025 00:00:25 +0000 ROA not before: Wed 09 Jul 2025 00:00:25 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:f1:13:96:e4:d8:7d:f0:b0:4d:8e:e5:fa:72:0c:9c:d5:ce:5c:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:25 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=06bddb6824cad829def60dc72f4c672bfafb4119fd43148d7de2fe7fc49a77b4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:aa:95:47:15:9e:7f:a7:a0:46:5e:97:4d:c3: 85:b9:33:f5:3b:89:aa:2f:03:46:d2:ad:37:e4:3d: 98:bc:b1:eb:f1:f6:ea:2c:1f:52:0a:71:ea:a0:15: a3:0c:d3:ea:3b:de:27:4a:93:0a:67:5b:7f:ee:98: 9d:4e:27:ba:b9:64:42:d9:93:c3:f1:8d:75:c3:17: ed:94:b3:24:53:a8:a5:18:4d:60:83:95:04:27:51: 73:ea:11:be:40:87:e0:55:db:c5:f2:3b:98:83:1a: d0:48:2a:bd:57:b1:4f:e5:c9:20:ec:b3:ab:25:c7: 5c:da:b1:bd:41:9e:bb:aa:d8:8f:ab:58:d9:98:cc: b8:a9:a5:74:0e:a2:e2:fe:8c:f1:ab:7f:d8:e7:18: 33:98:47:c6:b7:d6:2b:d5:da:54:a3:7e:24:1f:08: 62:ef:03:49:12:76:39:59:1a:ce:9b:8a:9f:74:d6: 6a:fd:21:97:81:66:1a:a3:58:5a:29:6d:6c:92:f6: c7:52:47:e5:be:01:f0:c4:1f:b4:46:7b:c4:13:9a: d0:27:cb:a8:6d:2e:bb:16:08:9f:a9:5b:e7:d5:a4: a3:35:9c:d2:8f:fb:9b:2f:30:df:50:69:26:ac:84: f1:6c:51:89:59:58:34:9a:c2:79:66:33:8f:d5:51: e9:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:F7:B3:B2:F8:6A:A7:F7:8F:0F:CB:51:75:DA:18:D0:66:52:99:A1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 78:74:84:0e:cb:8d:38:8d:46:5d:48:f5:c5:3f:74:ae:27:76: 7f:c5:0f:0a:aa:b0:a1:ab:7b:ad:34:b9:f0:e7:9f:11:53:78: 62:d5:23:0e:36:b5:71:19:4c:e2:61:36:31:66:77:e4:28:3c: a2:7b:9f:20:0f:6e:98:82:df:c5:58:d7:a4:e6:88:82:6c:4f: 48:b6:08:3c:ae:26:ae:24:b2:bf:fd:f9:3a:6b:19:a7:e4:b9: d0:8d:ea:6a:c0:08:f0:65:3b:95:4e:c5:15:d3:a5:58:cb:c8: d9:a4:fc:f9:16:95:03:7a:91:b2:97:39:d4:9e:42:5f:2b:be: a9:76:51:43:46:5c:22:4b:5b:49:02:8a:eb:de:3f:c9:34:f2: 10:31:97:d8:20:d6:8d:b2:c9:63:5c:63:15:61:d4:f7:70:eb: d4:91:d9:05:ae:25:a8:ef:3e:7e:2e:4c:93:52:3a:f3:4f:3b: a0:e7:4c:4e:9f:a0:59:af:d8:58:ed:a1:5c:65:3a:6b:3d:62: 07:ca:60:54:73:c9:6c:8f:8d:81:36:b1:dd:b5:bb:7d:02:86: ad:82:d9:dc:b8:a7:07:6a:19:20:b9:f5:29:5a:bc:85:9b:a4: 7d:c2:15:d9:58:78:97:90:cf:69:72:6e:e0:27:40:e6:55:fc: 47:ad:07:15 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUa/ETluTYffCwTY7l+nIMnNXOXBowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAyNVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAMDZiZGRiNjgyNGNhZDgyOWRlZjYw ZGM3MmY0YzY3MmJmYWZiNDExOWZkNDMxNDhkN2RlMmZlN2ZjNDlhNzdiNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qqVRxWef6egRl6XTcOFuTP1O4mq LwNG0q035D2YvLHr8fbqLB9SCnHqoBWjDNPqO94nSpMKZ1t/7pidTie6uWRC2ZPD 8Y11wxftlLMkU6ilGE1gg5UEJ1Fz6hG+QIfgVdvF8juYgxrQSCq9V7FP5ckg7LOr Jcdc2rG9QZ67qtiPq1jZmMy4qaV0DqLi/ozxq3/Y5xgzmEfGt9Yr1dpUo34kHwhi 7wNJEnY5WRrOm4qfdNZq/SGXgWYao1haKW1skvbHUkflvgHwxB+0RnvEE5rQJ8uo bS67FgifqVvn1aSjNZzSj/ubLzDfUGkmrITxbFGJWVg0msJ5ZjOP1VHpVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHX3s7L4aqf3jw/LUXXaGNBmUpmhMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMzZGQzMWUwLTcwMzktNGZmOC1hYWZlLTk3ZjdiOTViMDdkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQB4dIQOy404jUZdSPXF P3SuJ3Z/xQ8KqrChq3utNLnw558RU3hi1SMONrVxGUziYTYxZnfkKDyie58gD26Y gt/FWNek5oiCbE9Itgg8riauJLK//fk6axmn5LnQjepqwAjwZTuVTsUV06VYy8jZ pPz5FpUDepGylznUnkJfK76pdlFDRlwiS1tJAorr3j/JNPIQMZfYINaNssljXGMV YdT3cOvUkdkFriWo7z5+LkyTUjrzTzug50xOn6BZr9hY7aFcZTprPWIHymBUc8ls j42BNrHdtbt9AoatgtncuKcHahkgufUpWryFm6R9whXZWHiXkM9pcm7gJ0DmVfxH rQcV -----END CERTIFICATE-----Generated at Tue Jul 22 19:29:18 2025 by rpki-client