$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa File: 64aa0337-4cf9-42c7-b236-4cd36e69005e.roa (raw, json) Hash identifier: ZQBIYtA3ZWMK4qCHbuA4tFX3Bz9EvUVa1TClmWhZ+DY= Subject key identifier: 23:94:02:40:41:A7:45:5D:BD:0A:BC:0E:58:5A:31:A6:3D:2A:F2:45 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5CCEE1AA772CF54997127D697A5C364BD37BC6B0 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa Signing time: Wed 09 Jul 2025 00:00:51 +0000 ROA not before: Wed 09 Jul 2025 00:00:51 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:ce:e1:aa:77:2c:f5:49:97:12:7d:69:7a:5c:36:4b:d3:7b:c6:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:51 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=a390ac1c8b6bd28136444114db3dd29a17a22a758857ad81edd86fcccf6249be, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:91:e3:03:e4:dc:bf:93:9f:a5:b8:9e:dd:ea: ad:e7:75:cb:68:bc:e6:ff:c6:54:77:f5:50:82:62: ab:29:1d:21:07:a8:43:86:28:58:30:a7:ba:e5:cb: 18:c5:b8:2f:b6:f5:87:bd:fc:37:f4:cb:c9:8a:51: fb:9b:40:9d:a4:c6:93:83:41:d1:83:2a:43:2b:d9: 60:65:ed:f4:cf:55:e2:6c:88:85:44:7a:3f:2a:63: fb:b1:1c:16:1f:c7:1b:d3:9e:17:03:83:fc:c6:a2: f0:04:b3:b7:b7:e7:d0:50:5c:fd:9e:98:bb:ee:de: 27:84:65:e6:ae:36:17:e0:5e:ab:9d:40:e4:83:39: 33:c4:6e:94:4c:10:21:66:d1:57:7e:ca:7b:4b:c9: 76:7d:1d:83:72:7b:b7:6d:be:cd:fe:34:36:cc:f0: 16:53:e8:bb:70:4b:0c:e5:a8:96:3a:76:70:8d:6b: b4:1c:16:2e:11:3d:3e:8d:ce:4a:2a:3b:e9:84:4b: ed:a5:78:74:91:0d:c0:71:37:eb:c2:69:c4:4f:20: c1:30:72:cb:ce:10:ce:76:0d:3d:b2:48:64:2c:2d: 14:32:c0:b9:5c:cf:c2:70:8d:ea:f4:d4:c4:ed:54: d1:a6:02:33:47:ae:61:48:08:5c:d5:3e:f4:14:7b: 08:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:94:02:40:41:A7:45:5D:BD:0A:BC:0E:58:5A:31:A6:3D:2A:F2:45 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f1::/32 Signature Algorithm: sha256WithRSAEncryption 33:df:79:11:9d:05:44:f3:55:7a:71:b4:8e:b6:c3:38:7f:13: ab:3c:ec:fa:af:b7:e6:fb:d4:9a:47:ea:42:a2:48:49:6c:63: 07:4a:89:0c:5a:86:f3:7a:f8:ba:b9:d0:c7:bb:cf:53:11:f3: f4:ba:81:78:c9:00:13:22:47:a3:94:e0:be:84:09:5d:cb:cb: 73:76:b9:e9:b1:04:12:a2:54:87:2b:68:78:08:41:62:da:90: 00:1d:b2:9d:88:6f:75:96:b8:9c:70:05:bd:f7:e6:6c:d6:a2: cf:bf:05:0b:80:69:ca:be:b2:4b:c2:df:ed:ee:cf:6d:62:65: 23:23:0d:05:2e:0d:70:6d:61:3e:32:3e:7d:2a:de:c0:80:f5: 6a:4a:e5:c9:3e:e2:dd:b3:46:df:2a:2b:d6:f4:a9:69:b7:3e: 2d:66:1a:cd:e1:9d:e6:65:07:74:81:de:5d:d2:14:3d:c5:83: c9:d4:9c:61:98:b8:8e:a9:96:5b:99:46:60:62:5f:da:06:68: a2:5c:e7:6f:14:89:08:87:e0:b1:d5:e4:ed:66:99:c8:1d:a0: 2b:3e:a5:e7:bf:69:9a:a8:45:d9:82:ce:76:bc:11:98:ea:6d: da:35:5a:ce:61:be:7d:cd:16:2a:c8:0a:30:84:54:37:4e:e3: 25:da:89:2d -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUXM7hqncs9UmXEn1pelw2S9N7xrAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDA1MVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAYTM5MGFjMWM4YjZiZDI4MTM2NDQ0 MTE0ZGIzZGQyOWExN2EyMmE3NTg4NTdhZDgxZWRkODZmY2NjZjYyNDliZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5HjA+Tcv5Ofpbie3eqt53XLaLzm /8ZUd/VQgmKrKR0hB6hDhihYMKe65csYxbgvtvWHvfw39MvJilH7m0CdpMaTg0HR gypDK9lgZe30z1XibIiFRHo/KmP7sRwWH8cb054XA4P8xqLwBLO3t+fQUFz9npi7 7t4nhGXmrjYX4F6rnUDkgzkzxG6UTBAhZtFXfsp7S8l2fR2Dcnu3bb7N/jQ2zPAW U+i7cEsM5aiWOnZwjWu0HBYuET0+jc5KKjvphEvtpXh0kQ3AcTfrwmnETyDBMHLL zhDOdg09skhkLC0UMsC5XM/CcI3q9NTE7VTRpgIzR65hSAhc1T70FHsITwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFCOUAkBBp0VdvQq8DlhaMaY9KvJFMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzY0YWEwMzM3LTRjZjktNDJjNy1iMjM2LTRjZDM2ZTY5MDA1ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8TANBgkqhkiG9w0BAQsFAAOCAQEAM995EZ0FRPNVenG0jrbD OH8Tqzzs+q+35vvUmkfqQqJISWxjB0qJDFqG83r4urnQx7vPUxHz9LqBeMkAEyJH o5TgvoQJXcvLc3a56bEEEqJUhytoeAhBYtqQAB2ynYhvdZa4nHAFvffmbNaiz78F C4Bpyr6yS8Lf7e7PbWJlIyMNBS4NcG1hPjI+fSrewID1akrlyT7i3bNG3yor1vSp abc+LWYazeGd5mUHdIHeXdIUPcWDydScYZi4jqmWW5lGYGJf2gZoolznbxSJCIfg sdXk7WaZyB2gKz6l579pmqhF2YLOdrwRmOpt2jVazmG+fc0WKsgKMIRUN07jJdqJ LQ== -----END CERTIFICATE-----Generated at Tue Jul 22 19:30:50 2025 by rpki-client