$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json) Hash identifier: +brcMrK7o/Dsvso/273l4m42euvCeqoDC8McBwWq9BY= Subject key identifier: F1:08:68:C0:D2:94:5C:AE:22:A8:74:5D:55:79:05:3A:BC:27:99:25 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5C16AB43059EC062EA2686409865FC318E5D1B67 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa Signing time: Wed 09 Jul 2025 00:00:18 +0000 ROA not before: Wed 09 Jul 2025 00:00:18 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:16:ab:43:05:9e:c0:62:ea:26:86:40:98:65:fc:31:8e:5d:1b:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:18 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=706c8ca78ca918b4e2db4bd72f6b9c2342130b05594c082d0a97f60620962c5b, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:83:29:cf:9f:9f:40:03:af:9a:9f:f4:18:e8: 57:86:4d:a0:8b:ae:e2:3e:d6:23:3c:78:08:af:8a: 2d:e3:72:9c:69:c1:c6:19:26:81:fb:85:fd:a4:e9: 2c:e1:b6:71:03:81:47:e0:89:eb:c4:58:40:dd:0c: f1:c1:0f:88:1f:8b:5b:b9:0b:9e:ad:9b:a2:18:82: f3:82:b8:5e:b5:5c:74:e3:0d:1d:3c:d2:6a:09:77: fc:f0:f7:f5:b6:9b:49:95:7e:ff:09:c0:b3:e0:dc: 32:51:73:29:62:60:45:b6:b4:ae:2d:4a:17:bc:57: 64:e9:2b:c7:34:17:7b:e7:c4:ab:60:d1:50:ab:dd: 88:eb:2c:ee:2d:d7:57:5e:c8:e5:3f:68:04:24:61: f5:65:16:f9:65:47:a0:e0:7d:7f:81:01:eb:9f:48: 23:5a:d9:38:f2:6b:a4:b8:2f:aa:8e:c2:48:a1:a6: 35:83:23:a4:eb:d6:20:75:ba:96:0e:0b:5d:30:c1: 64:73:25:3c:61:5e:80:38:33:ad:e9:a9:1b:4a:92: 6d:81:af:3b:72:d3:7b:e0:d5:fd:2a:64:f8:1d:fc: 8c:c9:70:e5:de:9d:ef:32:de:68:4b:0d:9c:90:aa: ae:03:98:25:1a:91:fb:8b:b0:1c:25:86:2a:78:60: d0:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:08:68:C0:D2:94:5C:AE:22:A8:74:5D:55:79:05:3A:BC:27:99:25 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 7a:23:87:1e:4f:e8:c3:11:b0:66:fa:16:30:e5:ff:89:f4:7d: a3:bb:5d:ba:ef:da:e2:9a:fa:ac:21:e3:f9:56:3d:46:d8:1e: 25:6c:1e:ed:57:3e:9c:a7:32:1d:45:ba:b6:71:cf:df:60:0e: 00:d0:db:3f:b2:51:0c:66:81:ab:80:d8:eb:47:6e:77:16:de: 40:65:68:ee:85:0a:66:9b:d0:1b:f0:f1:b5:2e:5c:76:06:d1: 32:9a:d8:9a:e5:fc:d1:28:4c:da:5f:b8:9c:ff:17:1d:da:75: 60:f8:e9:95:74:9e:d9:fd:ea:5a:49:51:3e:a2:da:b7:33:fd: 2a:8e:ac:7a:55:ad:fd:9a:8d:a5:72:72:53:2c:50:e3:6d:0c: 3b:0f:68:e4:f4:c9:82:9d:42:31:a7:84:ec:72:a8:ba:49:a4: 8a:e9:b3:7a:fe:cb:88:cb:43:13:57:c2:d8:f3:0d:50:39:1a: 5a:d5:96:9c:f4:73:35:f2:4d:af:f4:10:8f:c8:e2:be:30:c4: e8:24:da:79:63:f9:18:6d:93:6d:21:e2:0a:4a:6d:7c:f0:af: 35:cb:be:2b:47:bb:28:72:e6:db:88:44:93:01:c6:87:c2:a1: 4b:26:b7:a8:e8:fb:05:0c:6d:c9:c9:de:69:99:8d:08:80:ac: 69:aa:ee:4e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXBarQwWewGLqJoZAmGX8MY5dG2cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAxOFoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANzA2YzhjYTc4Y2E5MThiNGUyZGI0 YmQ3MmY2YjljMjM0MjEzMGIwNTU5NGMwODJkMGE5N2Y2MDYyMDk2MmM1YjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4Mpz5+fQAOvmp/0GOhXhk2gi67i PtYjPHgIr4ot43KcacHGGSaB+4X9pOks4bZxA4FH4InrxFhA3QzxwQ+IH4tbuQue rZuiGILzgrhetVx04w0dPNJqCXf88Pf1tptJlX7/CcCz4NwyUXMpYmBFtrSuLUoX vFdk6SvHNBd758SrYNFQq92I6yzuLddXXsjlP2gEJGH1ZRb5ZUeg4H1/gQHrn0gj Wtk48mukuC+qjsJIoaY1gyOk69YgdbqWDgtdMMFkcyU8YV6AODOt6akbSpJtga87 ctN74NX9KmT4HfyMyXDl3p3vMt5oSw2ckKquA5glGpH7i7AcJYYqeGDQIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPEIaMDSlFyuIqh0XVV5BTq8J5klMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBAHojhx5P6MMRsGb6FjDl /4n0faO7Xbrv2uKa+qwh4/lWPUbYHiVsHu1XPpynMh1FurZxz99gDgDQ2z+yUQxm gauA2OtHbncW3kBlaO6FCmab0Bvw8bUuXHYG0TKa2Jrl/NEoTNpfuJz/Fx3adWD4 6ZV0ntn96lpJUT6i2rcz/SqOrHpVrf2ajaVyclMsUONtDDsPaOT0yYKdQjGnhOxy qLpJpIrps3r+y4jLQxNXwtjzDVA5GlrVlpz0czXyTa/0EI/I4r4wxOgk2nlj+Rht k20h4gpKbXzwrzXLvitHuyhy5tuIRJMBxofCoUsmt6jo+wUMbcnJ3mmZjQiArGmq 7k4= -----END CERTIFICATE-----Generated at Tue Jul 22 19:31:18 2025 by rpki-client