$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa File: 8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa (raw, json) Hash identifier: tvFaGVUTARVrRA9F905DvhF4FgivkDYqcV3Ph2RXhfU= Subject key identifier: A4:F3:03:48:EA:55:23:07:CF:6B:5D:40:35:41:A6:43:A7:EE:E7:E3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0278D5348F4A8E53CAAE67034B9D7B75CD7C7C86 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa Signing time: Wed 09 Jul 2025 00:00:35 +0000 ROA not before: Wed 09 Jul 2025 00:00:35 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:78:d5:34:8f:4a:8e:53:ca:ae:67:03:4b:9d:7b:75:cd:7c:7c:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:35 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=ebada3e9d7d37de62e096f96654bfcf630542664f54d508dcd8fa1878cb5ecc8, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:95:10:44:2e:3e:14:3a:4c:19:02:d1:d5:7e: de:4e:0d:dd:57:af:cb:96:29:74:bf:6d:ad:95:ec: 16:39:d3:d3:b7:43:20:eb:29:91:b5:c5:67:38:53: 4c:1d:1c:78:69:6f:47:20:6f:16:cc:1c:07:28:d6: 9f:33:f2:0d:a7:98:08:b2:b4:da:c0:2f:7f:0b:7a: 2b:55:37:e4:e2:99:a9:e0:3b:33:85:3d:74:0d:0a: 58:ff:d6:0b:ca:74:63:8c:ce:78:71:ac:88:fb:10: 15:85:a7:dd:ac:52:dc:d5:52:2a:a6:bf:0b:a3:1b: b4:e4:be:08:96:ff:16:35:3e:87:1c:c2:fd:bd:76: 20:25:4c:f2:67:67:6e:ce:bb:f7:ca:db:9b:d2:7d: d3:dd:0b:1c:06:e2:20:ff:b9:f4:bb:a2:fa:bf:26: d4:59:17:6e:c7:0d:8e:9a:73:8e:b7:9c:19:9e:48: 4e:bb:52:b4:82:38:05:09:a0:82:47:ae:91:03:4e: b8:bb:82:f1:23:20:b2:9a:95:50:6c:a6:b2:3f:bc: b9:71:ca:cd:33:ab:95:5d:b3:99:53:aa:be:9d:d6: 8b:81:64:70:08:bf:b3:73:36:e4:5a:2a:37:f2:92: 8b:f0:31:42:67:b3:38:f6:fa:6b:6a:37:ed:c6:89: f3:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:F3:03:48:EA:55:23:07:CF:6B:5D:40:35:41:A6:43:A7:EE:E7:E3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:400::/38 Signature Algorithm: sha256WithRSAEncryption 50:66:62:e0:e5:97:8e:72:00:49:c7:82:8a:3b:90:ac:77:9f: 77:8f:34:76:e8:36:4c:4c:69:18:95:fa:30:29:4e:c0:ff:2b: cb:07:5d:43:e9:88:bf:75:15:71:b4:4b:7b:42:97:3e:cc:64: 0b:fd:e9:bc:8b:8b:9a:89:0c:84:bb:50:f7:8a:fd:a9:dc:18: 1e:b7:e1:07:43:68:70:16:20:33:25:2b:67:09:92:da:4a:19: 9e:ad:44:75:a7:75:7d:a9:09:87:b3:0f:05:77:e4:d5:bf:86: c4:da:be:17:65:52:f8:c1:d2:6f:70:63:3b:86:57:9d:04:32: dd:cc:53:a9:09:45:c0:fc:46:f1:6a:7d:17:d7:dc:30:8f:9c: 78:93:fd:fe:e0:10:7d:0f:88:0b:75:8a:3e:d9:b9:2e:7b:cd: 82:e2:f7:c7:1d:fa:dd:91:9f:74:73:e1:8c:a5:bf:04:c3:a7: 4f:31:01:42:d5:c9:8f:54:28:b8:68:93:26:40:39:6e:9c:90: f8:b0:8d:9b:d3:fa:e6:2d:62:dd:f4:bf:37:43:b0:43:7c:bd: 3f:7e:f6:fd:61:bb:d9:dd:52:5c:a4:0f:58:fe:3d:d6:d1:23: 3f:63:24:1e:49:76:11:d9:34:f3:e2:d1:00:42:bd:3f:1f:e8: c4:41:c2:11 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAnjVNI9KjlPKrmcDS517dc18fIYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAzNVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAZWJhZGEzZTlkN2QzN2RlNjJlMDk2 Zjk2NjU0YmZjZjYzMDU0MjY2NGY1NGQ1MDhkY2Q4ZmExODc4Y2I1ZWNjODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpUQRC4+FDpMGQLR1X7eTg3dV6/L lil0v22tlewWOdPTt0Mg6ymRtcVnOFNMHRx4aW9HIG8WzBwHKNafM/INp5gIsrTa wC9/C3orVTfk4pmp4DszhT10DQpY/9YLynRjjM54cayI+xAVhafdrFLc1VIqpr8L oxu05L4Ilv8WNT6HHML9vXYgJUzyZ2duzrv3ytub0n3T3QscBuIg/7n0u6L6vybU WRduxw2OmnOOt5wZnkhOu1K0gjgFCaCCR66RA064u4LxIyCympVQbKayP7y5ccrN M6uVXbOZU6q+ndaLgWRwCL+zczbkWio38pKL8DFCZ7M49vprajftxonzJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKTzA0jqVSMHz2tdQDVBpkOn7ufjMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzhiZjMxMWU5LWQyN2YtNDZmYS04ZjA1LTJlZDZiMTc2YjViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAQwDQYJKoZIhvcNAQELBQADggEBAFBmYuDll45yAEnHgoo7 kKx3n3ePNHboNkxMaRiV+jApTsD/K8sHXUPpiL91FXG0S3tClz7MZAv96byLi5qJ DIS7UPeK/ancGB634QdDaHAWIDMlK2cJktpKGZ6tRHWndX2pCYezDwV35NW/hsTa vhdlUvjB0m9wYzuGV50EMt3MU6kJRcD8RvFqfRfX3DCPnHiT/f7gEH0PiAt1ij7Z uS57zYLi98cd+t2Rn3Rz4YylvwTDp08xAULVyY9UKLhokyZAOW6ckPiwjZvT+uYt Yt30vzdDsEN8vT9+9v1hu9ndUlykD1j+PdbRIz9jJB5JdhHZNPPi0QBCvT8f6MRB whE= -----END CERTIFICATE-----Generated at Tue Jul 22 19:29:23 2025 by rpki-client