$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: iWmMbxScbas8tfP5+TyxFaI3LNQ6sfKfor7iEkpF/P0= Subject key identifier: B2:87:FF:E1:85:5A:8F:04:9E:29:FE:EA:EC:E0:28:F2:01:11:D0:EB Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 172A5ACCC1E53860D8122C72C3748C36549FDEA0 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Wed 09 Jul 2025 00:00:28 +0000 ROA not before: Wed 09 Jul 2025 00:00:28 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:2a:5a:cc:c1:e5:38:60:d8:12:2c:72:c3:74:8c:36:54:9f:de:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:28 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=698e7ce82154cb72db87cd8ea82fb4581245ff3ab926cf6bad94a876d237ba83, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:59:fb:b8:5e:07:57:37:ab:6e:6a:90:c9:42: f8:97:bb:62:4b:48:ba:11:b3:ec:8b:07:9e:05:4a: f2:e1:3d:86:87:31:8c:a9:fe:51:c0:1f:1c:a5:02: 58:7f:b9:c6:b0:73:a8:0a:81:33:ee:b2:04:30:85: bd:28:0a:44:a6:f9:45:39:a0:eb:aa:9d:7d:a1:a4: 9b:a2:6a:94:da:59:df:37:c2:b6:1c:ff:3b:80:9a: 9c:a4:90:4f:e6:92:7e:e9:85:99:7b:e2:40:07:1c: 8c:26:e0:ce:1d:61:3f:cd:4f:ba:88:4f:0a:ef:f1: 68:04:99:36:a1:01:4d:ce:14:fb:38:e5:5b:dd:fc: a3:3e:fc:ba:7c:db:e3:7a:d0:cf:58:a3:64:5c:ed: c7:8e:8f:cd:44:6c:50:80:b1:9f:a5:a5:51:ad:bd: e7:34:4e:1b:fa:2e:7e:7e:91:0c:b0:66:b9:1e:5b: f2:b4:fb:2d:ff:6f:10:4a:ad:55:0f:8f:fb:ff:af: e6:e8:ea:cc:98:67:49:29:e6:41:91:ae:b1:da:29: db:ce:63:da:da:8e:18:d8:94:39:bf:5a:d0:0c:34: d5:e6:93:23:99:9c:b6:e7:15:c9:bb:e2:8d:fe:37: 3e:1e:84:ec:57:97:56:1a:84:63:90:5c:89:93:16: 73:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:87:FF:E1:85:5A:8F:04:9E:29:FE:EA:EC:E0:28:F2:01:11:D0:EB X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption ab:0b:65:c7:79:d0:41:7d:0f:8d:02:4d:51:de:23:96:16:18: 23:82:28:82:43:d9:7b:2f:bf:c4:2c:d1:69:9c:af:4f:e5:a4: d4:26:5a:20:83:5a:20:06:38:15:d9:ad:e6:7e:28:18:69:c2: 72:94:42:d1:2a:17:92:bb:19:46:cb:1e:27:5a:9b:fe:10:f1: a2:6d:da:77:91:94:df:98:ab:e4:31:65:4f:cb:ce:b2:e2:e1: c8:6d:0d:58:ed:7f:b7:13:15:09:24:ab:d7:b9:fe:b1:da:06: 4a:39:0e:2e:47:fa:e8:53:e9:34:26:cf:b9:73:d0:f7:47:a0: 62:58:cf:86:9d:0e:62:5e:ac:6c:ec:12:92:54:82:6a:a1:1b: 84:01:1b:62:bb:90:89:46:ec:74:14:ed:66:26:aa:63:4c:c3: 59:92:9e:76:bf:01:8c:64:fa:7b:d0:e6:42:04:c0:fd:4e:25: b5:cc:f2:61:12:01:f1:78:ae:f0:80:39:60:9a:70:df:19:f1: ae:77:c9:e1:31:4b:1f:d2:14:db:7a:2d:c4:92:ca:3d:c4:b0: e9:0a:3e:41:d4:1f:88:e8:7c:c2:d5:c4:8c:d1:1d:2c:bb:53: 3a:22:a1:2d:64:81:0d:19:60:ac:d9:fa:ba:69:dd:3c:b1:16: eb:7c:08:f3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFypazMHlOGDYEixyw3SMNlSf3qAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAyOFoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANjk4ZTdjZTgyMTU0Y2I3MmRiODdj ZDhlYTgyZmI0NTgxMjQ1ZmYzYWI5MjZjZjZiYWQ5NGE4NzZkMjM3YmE4MzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwln7uF4HVzerbmqQyUL4l7tiS0i6 EbPsiweeBUry4T2GhzGMqf5RwB8cpQJYf7nGsHOoCoEz7rIEMIW9KApEpvlFOaDr qp19oaSbomqU2lnfN8K2HP87gJqcpJBP5pJ+6YWZe+JABxyMJuDOHWE/zU+6iE8K 7/FoBJk2oQFNzhT7OOVb3fyjPvy6fNvjetDPWKNkXO3Hjo/NRGxQgLGfpaVRrb3n NE4b+i5+fpEMsGa5HlvytPst/28QSq1VD4/7/6/m6OrMmGdJKeZBka6x2inbzmPa 2o4Y2JQ5v1rQDDTV5pMjmZy25xXJu+KN/jc+HoTsV5dWGoRjkFyJkxZzAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLKH/+GFWo8Enin+6uzgKPIBEdDrMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAKsLZcd50EF9D40CTVHe I5YWGCOCKIJD2Xsvv8Qs0Wmcr0/lpNQmWiCDWiAGOBXZreZ+KBhpwnKUQtEqF5K7 GUbLHidam/4Q8aJt2neRlN+Yq+QxZU/LzrLi4chtDVjtf7cTFQkkq9e5/rHaBko5 Di5H+uhT6TQmz7lz0PdHoGJYz4adDmJerGzsEpJUgmqhG4QBG2K7kIlG7HQU7WYm qmNMw1mSnna/AYxk+nvQ5kIEwP1OJbXM8mESAfF4rvCAOWCacN8Z8a53yeExSx/S FNt6LcSSyj3EsOkKPkHUH4jofMLVxIzRHSy7UzoioS1kgQ0ZYKzZ+rpp3TyxFut8 CPM= -----END CERTIFICATE-----Generated at Tue Jul 22 19:29:24 2025 by rpki-client