$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa File: 453c01e0-c333-4283-987c-be2c8b71798c.roa (raw, json) Hash identifier: lWUkBYodNIcDfXuNXuMEACZ2BKU9emF8LllxrgFWM6s= Subject key identifier: 32:5E:49:B0:27:F7:69:EA:F2:06:FF:C7:EF:6A:75:25:A2:74:D8:60 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2DBC5CAA546BA758524C9F58336969B6A17CBFC1 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa Signing time: Wed 09 Jul 2025 00:00:16 +0000 ROA not before: Wed 09 Jul 2025 00:00:16 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:bc:5c:aa:54:6b:a7:58:52:4c:9f:58:33:69:69:b6:a1:7c:bf:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:16 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=24e2c37cb36d6a07c610d386e1b364a3b9cc53714ff1962ba2bd993766617b4d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:21:11:20:c5:d4:5a:ec:5f:f6:5d:ac:1f:04: 93:08:2b:62:88:06:ec:3f:c2:6c:68:0d:c7:e7:6d: 3e:f3:ae:b9:81:95:bb:64:d4:13:5f:7f:df:f5:dd: 35:72:7c:93:45:71:d7:6c:1d:dc:3f:5c:39:9b:c8: 7e:23:13:d2:66:f2:19:d3:84:07:6d:2f:ef:fc:82: f0:f3:61:09:20:c4:a5:62:8a:ae:3b:f5:a1:3d:41: 85:03:b1:1b:d2:e7:ac:8b:60:a8:b5:22:b9:10:70: 64:c0:d5:c3:39:ba:c5:2d:cf:04:21:7d:69:3b:74: 57:fd:19:ec:dd:a5:88:b8:a9:c2:51:b0:c4:20:aa: 82:c7:5b:31:42:e0:db:c2:15:8d:39:ce:cc:b7:ec: 2f:04:72:b0:90:a0:8a:88:18:32:8f:e2:23:6f:eb: c8:60:d1:3d:1d:09:f3:8b:0a:65:ae:49:72:52:7f: d8:32:ac:4e:41:a8:14:f2:d2:4c:95:c6:0b:6e:af: ad:bf:fe:ed:da:fa:fa:d4:2d:30:72:42:f8:1e:dc: bd:fa:8d:7d:8f:bd:45:89:fe:78:16:b4:8f:d0:72: df:6b:4f:ce:dd:bf:2b:0c:7c:46:dd:62:fe:0a:fa: de:8b:ce:75:bb:05:1f:4f:ed:cb:7b:5c:74:3f:49: fd:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:5E:49:B0:27:F7:69:EA:F2:06:FF:C7:EF:6A:75:25:A2:74:D8:60 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:80c0::/48 Signature Algorithm: sha256WithRSAEncryption a7:06:5f:2e:8c:e3:b0:14:5b:b0:d9:b1:7f:c1:4f:3b:31:5d: ab:d1:24:9d:b0:27:a2:fb:2d:a7:24:65:60:07:7d:24:16:94: ab:f6:ae:5b:91:64:38:e4:ee:9a:54:21:c7:f9:1e:9d:29:4a: b6:9a:aa:e0:91:90:d0:2b:71:b9:71:6c:d6:2f:06:22:22:47: 57:3f:26:5f:ab:53:f1:5c:b0:e0:e7:3f:a1:68:c6:1c:28:8b: b9:9d:a5:86:bc:20:9e:ea:eb:3b:7e:04:c0:9c:eb:a6:4b:f3: 41:ca:30:9b:b0:56:0f:6a:0c:7c:9f:42:1d:72:23:cc:db:74: db:a8:a3:e3:8d:4c:0a:27:60:4c:f5:79:71:2d:8f:60:7d:81: 5e:6a:4d:34:6d:48:92:8d:4b:93:08:87:7f:25:e7:5c:6e:f3: 2b:aa:0a:ed:ea:da:43:b9:15:67:dd:05:4a:8c:88:81:71:2c: 2c:61:b3:8e:e0:ca:9d:8e:05:6f:25:76:2a:fd:3f:f8:f0:b5: 95:78:0f:e6:42:81:b8:1b:a3:f1:c4:70:d6:4f:a8:67:0f:88: f6:f6:6b:35:94:90:84:e2:ae:aa:d5:b0:35:0a:68:24:8f:2d: 94:73:db:32:31:c0:b9:7f:56:ac:a3:ec:41:65:17:48:16:bd: b2:20:d5:1f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULbxcqlRrp1hSTJ9YM2lptqF8v8EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAxNloX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAMjRlMmMzN2NiMzZkNmEwN2M2MTBk Mzg2ZTFiMzY0YTNiOWNjNTM3MTRmZjE5NjJiYTJiZDk5Mzc2NjYxN2I0ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCERIMXUWuxf9l2sHwSTCCtiiAbs P8JsaA3H520+8665gZW7ZNQTX3/f9d01cnyTRXHXbB3cP1w5m8h+IxPSZvIZ04QH bS/v/ILw82EJIMSlYoquO/WhPUGFA7Eb0uesi2CotSK5EHBkwNXDObrFLc8EIX1p O3RX/Rns3aWIuKnCUbDEIKqCx1sxQuDbwhWNOc7Mt+wvBHKwkKCKiBgyj+Ijb+vI YNE9HQnziwplrklyUn/YMqxOQagU8tJMlcYLbq+tv/7t2vr61C0wckL4Hty9+o19 j71Fif54FrSP0HLfa0/O3b8rDHxG3WL+Cvrei851uwUfT+3Le1x0P0n9jwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDJeSbAn92nq8gb/x+9qdSWidNhgMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzQ1M2MwMWUwLWMzMzMtNDI4My05ODdjLWJlMmM4YjcxNzk4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4DAMA0GCSqGSIb3DQEBCwUAA4IBAQCnBl8ujOOwFFuw2bF/ wU87MV2r0SSdsCei+y2nJGVgB30kFpSr9q5bkWQ45O6aVCHH+R6dKUq2mqrgkZDQ K3G5cWzWLwYiIkdXPyZfq1PxXLDg5z+haMYcKIu5naWGvCCe6us7fgTAnOumS/NB yjCbsFYPagx8n0IdciPM23TbqKPjjUwKJ2BM9XlxLY9gfYFeak00bUiSjUuTCId/ JedcbvMrqgrt6tpDuRVn3QVKjIiBcSwsYbOO4MqdjgVvJXYq/T/48LWVeA/mQoG4 G6PxxHDWT6hnD4j29ms1lJCE4q6q1bA1Cmgkjy2Uc9syMcC5f1aso+xBZRdIFr2y INUf -----END CERTIFICATE-----Generated at Tue Jul 22 19:30:33 2025 by rpki-client