$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa File: 788c3900-e4d5-439b-b231-3a69b5354901.roa (raw, json) Hash identifier: nRu0CLvDXRcgj1OIMBwIzylNTszw2y25JvXAZj6DLA0= Subject key identifier: F8:C2:F3:61:A4:52:1E:D9:FA:31:35:C8:23:14:C0:F6:41:46:36:41 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2CFBE000A21471C869D0BC171D1DB96B0A07F11E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa Signing time: Wed 09 Jul 2025 00:00:45 +0000 ROA not before: Wed 09 Jul 2025 00:00:45 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 00:02:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:fb:e0:00:a2:14:71:c8:69:d0:bc:17:1d:1d:b9:6b:0a:07:f1:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:45 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=0d459c130e4b43fafddaa723e8d33d5ec03559c4308bfd751b8195026e0bb3d3, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:1f:80:dc:9e:a0:84:75:cc:59:7a:46:bc:2c: a5:2c:e1:69:e9:30:14:52:bc:8e:38:0e:90:b3:89: b9:ad:85:0e:19:4f:4c:af:7e:55:ef:c1:ab:23:86: c4:ad:84:d2:c5:95:09:c6:27:d2:16:51:70:29:4c: a4:48:2a:28:a9:b8:db:8e:83:49:90:ed:ff:16:35: bc:f0:aa:95:d9:91:bd:47:52:0d:41:b0:ec:49:43: e4:39:32:9d:8c:48:a3:63:25:02:10:a8:8a:12:0a: 18:70:6e:e8:71:4d:53:0e:43:d0:46:7e:ce:f9:45: 25:ca:91:fb:df:ee:b4:22:3a:93:b7:98:26:5e:a3: 74:a4:69:1a:4d:1f:c8:87:51:f8:57:d7:5f:16:26: 0e:b2:bb:39:d2:49:ef:7b:73:90:d1:6f:26:9e:02: 51:c4:9b:6b:0f:c7:f4:24:a3:84:e9:f3:45:8f:33: 91:26:7b:64:6d:9f:28:29:ca:63:46:13:59:df:11: 46:5f:a7:33:52:0a:6d:88:73:7e:55:50:ca:f9:e2: 6b:0c:92:d9:33:dd:e0:d0:7f:d1:11:74:82:22:eb: eb:ac:c0:fb:2f:0c:1d:c9:bc:cb:a8:87:56:4e:3c: ec:ff:c9:26:92:48:db:fc:ab:4c:1e:5b:b2:d0:f3: f3:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:C2:F3:61:A4:52:1E:D9:FA:31:35:C8:23:14:C0:F6:41:46:36:41 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014::/38 Signature Algorithm: sha256WithRSAEncryption 0f:e2:b6:96:37:74:7b:e5:23:14:15:71:3d:e6:c1:22:d0:a0: 81:6b:96:e8:bb:ce:d5:69:dd:b3:39:8b:94:e6:20:e5:64:45: 45:5c:0b:e4:0d:d3:fa:c1:a5:1e:18:b4:76:b1:de:fa:bf:e1: 31:88:90:d4:ff:61:e5:ae:e9:6a:43:cc:ac:fb:99:95:45:59: a5:3a:1e:4f:eb:be:ed:22:35:56:80:e5:db:4b:39:15:e8:eb: dc:db:79:93:94:22:c7:3f:80:fa:77:64:a3:45:fd:7a:60:84: 9b:64:8c:65:64:2f:38:bc:99:93:53:62:10:38:4b:8d:bb:df: 21:12:a8:c2:11:5e:68:8c:45:94:98:4c:b2:87:47:31:77:58: 2d:3a:a7:34:ca:b7:aa:14:8c:1e:56:14:45:8c:99:0d:c7:0c: 89:06:44:a4:ce:2e:86:84:ec:bf:91:35:d6:bf:5e:5f:d1:57: 33:f2:b5:78:9f:01:6b:00:e7:b8:43:20:08:0d:3a:4f:5a:d3: 8a:7b:9e:6d:3b:b8:88:64:2b:e1:0b:00:37:79:f9:91:ef:9f: 95:13:e7:15:a4:97:ba:7b:f9:2d:3b:85:99:39:24:2a:53:9d: 5d:48:f4:b9:d9:e0:d2:8e:a3:7f:cf:7d:97:00:47:23:a9:be: fa:a7:d4:4f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULPvgAKIUcchp0LwXHR25awoH8R4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDA0NVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAMGQ0NTljMTMwZTRiNDNmYWZkZGFh NzIzZThkMzNkNWVjMDM1NTljNDMwOGJmZDc1MWI4MTk1MDI2ZTBiYjNkMzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5R+A3J6ghHXMWXpGvCylLOFp6TAU UryOOA6Qs4m5rYUOGU9Mr35V78GrI4bErYTSxZUJxifSFlFwKUykSCooqbjbjoNJ kO3/FjW88KqV2ZG9R1INQbDsSUPkOTKdjEijYyUCEKiKEgoYcG7ocU1TDkPQRn7O +UUlypH73+60IjqTt5gmXqN0pGkaTR/Ih1H4V9dfFiYOsrs50knve3OQ0W8mngJR xJtrD8f0JKOE6fNFjzORJntkbZ8oKcpjRhNZ3xFGX6czUgptiHN+VVDK+eJrDJLZ M93g0H/REXSCIuvrrMD7LwwdybzLqIdWTjzs/8kmkkjb/KtMHluy0PPzJQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPjC82GkUh7Z+jE1yCMUwPZBRjZBMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 Lzc4OGMzOTAwLWU0ZDUtNDM5Yi1iMjMxLTNhNjliNTM1NDkwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAAwDQYJKoZIhvcNAQELBQADggEBAA/itpY3dHvlIxQVcT3m wSLQoIFrlui7ztVp3bM5i5TmIOVkRUVcC+QN0/rBpR4YtHax3vq/4TGIkNT/YeWu 6WpDzKz7mZVFWaU6Hk/rvu0iNVaA5dtLORXo69zbeZOUIsc/gPp3ZKNF/XpghJtk jGVkLzi8mZNTYhA4S4273yESqMIRXmiMRZSYTLKHRzF3WC06pzTKt6oUjB5WFEWM mQ3HDIkGRKTOLoaE7L+RNda/Xl/RVzPytXifAWsA57hDIAgNOk9a04p7nm07uIhk K+ELADd5+ZHvn5UT5xWkl7p7+S07hZk5JCpTnV1I9LnZ4NKOo3/PfZcARyOpvvqn 1E8= -----END CERTIFICATE-----Generated at Thu Jul 24 11:49:12 2025 by rpki-client