$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa File: 5484d331-446c-4042-9500-dd3002e6a910.roa (raw, json) Hash identifier: W6sPe2qkqish2ysq2vjNIkImkc9rMxrJvBO3Jzx06Mw= Subject key identifier: B3:7A:FF:75:2B:E4:3B:28:0B:F3:35:C6:F5:E7:A7:4B:72:61:4E:D7 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3BD5ED588617E95B4399FB82C3ADB1D83173DABB Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa Signing time: Wed 09 Jul 2025 00:00:33 +0000 ROA not before: Wed 09 Jul 2025 00:00:33 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:d5:ed:58:86:17:e9:5b:43:99:fb:82:c3:ad:b1:d8:31:73:da:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:33 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=b9e82cc944ec0b74758c6c7bdbef8f991d268c6cb344e2d978958f05fb749285, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:63:b6:f8:1e:14:a8:15:8d:bf:7e:7e:51:14: e8:b9:5a:13:0a:1c:ea:1d:c2:a2:57:21:09:9a:47: 48:7e:31:f7:14:2b:ab:c0:da:44:0e:dc:29:00:8f: bf:65:c4:3a:33:bc:3c:19:f5:d2:80:39:61:17:e3: 0d:28:79:b1:db:7f:f9:aa:dc:02:41:b1:4d:92:24: a2:19:c5:4b:a0:5a:13:a3:ce:0c:1f:86:d9:ba:b3: 7d:6d:94:21:ca:93:0a:08:2b:55:86:08:bd:c7:a7: 80:61:f3:05:07:c8:3f:e0:1b:c9:ea:71:0e:05:1e: de:23:c5:ef:60:c0:12:7d:c9:95:ea:26:92:d8:43: c1:4a:77:1d:97:70:d5:95:de:ac:b9:33:53:43:95: ef:64:5d:72:cd:1c:54:af:e3:97:b4:b8:62:00:0d: 94:c8:a9:ec:75:ca:3a:18:b5:b1:1f:3a:f9:68:09: 34:19:9e:e0:63:60:2f:6a:09:57:ac:93:10:c6:ae: 4f:d6:36:54:2d:35:56:4b:4d:b1:e8:25:40:bd:b9: 98:8d:92:a1:75:b9:b6:c8:14:c6:c9:85:32:ff:f7: 1e:f9:98:28:dd:0e:9c:1b:c8:c4:89:80:b7:32:13: 63:b3:2d:6c:2d:aa:e5:1c:d0:4f:2b:4a:e3:73:90: 1f:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:7A:FF:75:2B:E4:3B:28:0B:F3:35:C6:F5:E7:A7:4B:72:61:4E:D7 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:c00::/38 Signature Algorithm: sha256WithRSAEncryption b6:e4:db:d1:8d:77:51:0e:74:60:02:81:bb:1a:68:07:18:6a: d2:3d:10:8f:6b:7b:c3:02:48:31:b1:60:6a:0f:79:fd:ab:32: bb:44:23:09:78:5c:c4:71:50:94:d3:45:ad:b3:96:ce:75:08: 49:6b:29:a0:e6:7b:af:ba:0f:3d:b9:5c:bc:95:b3:81:6a:b8: 1a:53:0f:76:f0:03:c0:13:fa:77:37:1f:51:ca:66:c2:c4:9c: e4:8d:23:51:2a:a7:b9:ec:a3:a0:86:7c:89:19:28:c4:07:e9: 22:b9:71:ad:26:89:6a:51:8b:c9:d2:e5:04:83:77:9f:2f:28: 24:1a:18:7a:2b:ac:be:e1:0b:89:aa:4e:a1:fb:89:e7:5a:2e: 7b:2a:8d:75:37:9f:ce:ad:6e:61:2b:b2:8b:6b:2a:d3:b9:a9: 88:99:89:2b:a6:f8:35:0e:12:50:a8:fa:bd:82:81:a3:ab:a4: 3b:d4:eb:44:1d:32:f3:cd:ae:fc:c8:3a:9a:da:0f:7b:e7:9c: 10:ed:eb:a4:80:2f:33:f6:74:1a:8c:e0:12:36:36:1f:36:c7: e6:23:9c:4f:e7:f8:3a:e2:36:ea:b2:c5:1c:49:3a:c8:c1:a6: 5e:bc:86:5a:f9:81:59:15:1a:14:c5:50:89:da:02:b9:31:30: 45:01:65:10 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUO9XtWIYX6VtDmfuCw62x2DFz2rswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAzM1oX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAYjllODJjYzk0NGVjMGI3NDc1OGM2 YzdiZGJlZjhmOTkxZDI2OGM2Y2IzNDRlMmQ5Nzg5NThmMDVmYjc0OTI4NTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWO2+B4UqBWNv35+URTouVoTChzq HcKiVyEJmkdIfjH3FCurwNpEDtwpAI+/ZcQ6M7w8GfXSgDlhF+MNKHmx23/5qtwC QbFNkiSiGcVLoFoTo84MH4bZurN9bZQhypMKCCtVhgi9x6eAYfMFB8g/4BvJ6nEO BR7eI8XvYMASfcmV6iaS2EPBSncdl3DVld6suTNTQ5XvZF1yzRxUr+OXtLhiAA2U yKnsdco6GLWxHzr5aAk0GZ7gY2AvaglXrJMQxq5P1jZULTVWS02x6CVAvbmYjZKh dbm2yBTGyYUy//ce+Zgo3Q6cG8jEiYC3MhNjsy1sLarlHNBPK0rjc5AfrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLN6/3Ur5DsoC/M1xvXnp0tyYU7XMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU0ODRkMzMxLTQ0NmMtNDA0Mi05NTAwLWRkMzAwMmU2YTkxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAwwDQYJKoZIhvcNAQELBQADggEBALbk29GNd1EOdGACgbsa aAcYatI9EI9re8MCSDGxYGoPef2rMrtEIwl4XMRxUJTTRa2zls51CElrKaDme6+6 Dz25XLyVs4FquBpTD3bwA8AT+nc3H1HKZsLEnOSNI1Eqp7nso6CGfIkZKMQH6SK5 ca0miWpRi8nS5QSDd58vKCQaGHorrL7hC4mqTqH7iedaLnsqjXU3n86tbmErsotr KtO5qYiZiSum+DUOElCo+r2CgaOrpDvU60QdMvPNrvzIOpraD3vnnBDt66SALzP2 dBqM4BI2Nh82x+YjnE/n+DriNuqyxRxJOsjBpl68hlr5gVkVGhTFUInaArkxMEUB ZRA= -----END CERTIFICATE-----Generated at Tue Jul 22 11:49:01 2025 by rpki-client