$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: Ieafx30p0/fXrDtcU4AhFc0K48RpMZCkS1aPEouzR/o= Subject key identifier: 7F:A2:1F:71:03:D1:3A:05:0A:79:AC:2A:61:11:AE:4B:A3:E3:80:07 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6564D6C3FF30209C565F8C1F5D2D31634FFC0EC6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Wed 09 Jul 2025 00:00:51 +0000 ROA not before: Wed 09 Jul 2025 00:00:51 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:64:d6:c3:ff:30:20:9c:56:5f:8c:1f:5d:2d:31:63:4f:fc:0e:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:51 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=211c1330ec3c1b9394df9615ebde9aa99278696ea3d02480a4e0b8352a49af79, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e8:3d:62:f0:8f:2e:f3:31:a9:cd:cd:65:c4: d7:52:a0:c4:b1:ca:72:45:cd:da:f3:d6:79:d6:09: 09:a2:a3:24:e3:85:0b:38:4b:70:d0:c7:cc:e2:b7: 6d:7a:ee:a3:b9:ea:02:24:a8:55:0c:20:3e:35:d4: 7d:0b:ee:69:59:24:13:6e:f0:f4:c7:0d:03:b6:b7: 44:88:31:b6:87:79:e6:36:e1:cd:ff:e4:72:56:89: 21:2c:e3:d9:df:ba:3f:60:8b:77:17:4f:1d:f2:df: 52:9a:31:e1:2c:34:e6:57:34:e2:15:6a:4b:fe:61: b7:52:b2:c6:4e:23:ee:05:03:68:35:24:58:45:2a: 6e:13:c0:80:58:a1:57:5d:b9:6c:4b:25:ef:11:60: df:69:a4:06:b8:a0:5d:85:67:ad:fd:7a:5b:57:35: fa:96:2d:b9:bc:c3:4c:3c:41:e7:80:66:64:65:37: c3:cf:39:bc:e5:00:84:b3:b6:58:af:b7:55:06:01: ca:e9:49:93:06:5a:72:19:0f:28:eb:3b:ed:b5:58: 0b:0d:0a:08:d4:56:8c:0f:63:c7:6c:dc:b0:61:14: a1:29:b9:ef:81:22:61:9d:14:7e:ba:0d:82:25:26: f6:97:26:77:2f:e9:b6:83:e7:28:21:fc:e4:07:c9: 29:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:A2:1F:71:03:D1:3A:05:0A:79:AC:2A:61:11:AE:4B:A3:E3:80:07 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption 6c:bf:d2:b6:b7:6a:86:71:3a:0b:7a:b1:08:ca:28:5f:d8:91: 55:cd:77:13:3f:42:0b:a8:67:da:64:96:bf:db:b1:00:0f:18: c2:1b:56:b1:37:32:a7:99:4f:0e:4c:05:dd:2c:8a:c2:71:41: 7e:83:0d:d2:46:be:8b:92:66:d3:ca:a4:7c:4e:06:72:83:85: e2:e4:e8:77:be:d3:b1:bf:6e:7f:ba:82:55:a4:38:8e:ba:fb: 17:54:9c:8a:8e:7b:9e:20:53:c8:e6:a5:e0:57:38:52:d4:8a: 75:82:b0:6d:c5:f5:0b:58:3d:90:39:fc:54:55:e6:94:00:fb: b2:55:d8:13:22:18:01:da:a6:2c:a3:17:c1:ca:08:5b:b0:9f: 96:21:c9:e1:bd:95:24:23:7b:1b:34:a3:c0:f3:ae:79:2d:d1: 36:a1:7a:65:05:0d:a6:f9:0e:e2:f1:eb:df:69:28:62:dd:9f: 75:b0:ce:a3:03:d3:6d:10:3d:31:7d:97:b0:70:6b:2a:14:e6: ca:79:1b:a5:ed:2c:d0:7c:8d:8d:c3:b0:8a:ed:e4:e7:7a:4e: 30:fa:03:0d:80:ad:ee:ca:19:a9:03:a7:9d:84:de:c6:66:27: ed:c1:d1:90:8b:1e:2b:dc:d9:15:8f:00:0b:cf:b6:89:53:48: a5:38:05:73 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUZWTWw/8wIJxWX4wfXS0xY0/8DsYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDA1MVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAMjExYzEzMzBlYzNjMWI5Mzk0ZGY5 NjE1ZWJkZTlhYTk5Mjc4Njk2ZWEzZDAyNDgwYTRlMGI4MzUyYTQ5YWY3OTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOg9YvCPLvMxqc3NZcTXUqDEscpy Rc3a89Z51gkJoqMk44ULOEtw0MfM4rdteu6jueoCJKhVDCA+NdR9C+5pWSQTbvD0 xw0DtrdEiDG2h3nmNuHN/+RyVokhLOPZ37o/YIt3F08d8t9SmjHhLDTmVzTiFWpL /mG3UrLGTiPuBQNoNSRYRSpuE8CAWKFXXblsSyXvEWDfaaQGuKBdhWet/XpbVzX6 li25vMNMPEHngGZkZTfDzzm85QCEs7ZYr7dVBgHK6UmTBlpyGQ8o6zvttVgLDQoI 1FaMD2PHbNywYRShKbnvgSJhnRR+ug2CJSb2lyZ3L+m2g+coIfzkB8kpEQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFH+iH3ED0ToFCnmsKmERrkuj44AHMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAbL/StrdqhnE6C3qxCMoo X9iRVc13Ez9CC6hn2mSWv9uxAA8YwhtWsTcyp5lPDkwF3SyKwnFBfoMN0ka+i5Jm 08qkfE4GcoOF4uTod77Tsb9uf7qCVaQ4jrr7F1Scio57niBTyOal4Fc4UtSKdYKw bcX1C1g9kDn8VFXmlAD7slXYEyIYAdqmLKMXwcoIW7CfliHJ4b2VJCN7GzSjwPOu eS3RNqF6ZQUNpvkO4vHr32koYt2fdbDOowPTbRA9MX2XsHBrKhTmynkbpe0s0HyN jcOwiu3k53pOMPoDDYCt7soZqQOnnYTexmYn7cHRkIseK9zZFY8AC8+2iVNIpTgF cw== -----END CERTIFICATE-----Generated at Tue Jul 22 11:48:58 2025 by rpki-client