$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa File: a3080b31-8684-4ce8-b4e6-33db63d13627.roa (raw, json) Hash identifier: Af8dcZJIbbpuuikKeRExm+8hco5FOWCEkKcu9EzaxhI= Subject key identifier: E8:FC:51:3F:D3:CA:E4:19:CA:70:E9:6B:74:6C:F4:E4:1A:18:F9:28 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1D320178788626290FA582487E75BBA63D127D56 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa Signing time: Wed 09 Jul 2025 00:00:49 +0000 ROA not before: Wed 09 Jul 2025 00:00:49 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8060::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:32:01:78:78:86:26:29:0f:a5:82:48:7e:75:bb:a6:3d:12:7d:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:49 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=3d60b345a33ec7ec47f0831117076030d2735e37e643dc09f332e99d18ce1564, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c1:00:20:fe:9f:1b:63:fb:e4:dc:14:72:bb: ee:8b:8c:5c:17:bb:f8:23:d9:ce:43:6a:05:8d:45: 92:21:e9:85:92:c6:b0:a0:cd:d2:57:e9:36:d7:5f: 7b:62:2d:aa:48:b2:e9:a9:3b:96:4a:c8:8d:ac:7a: 23:7a:90:d9:10:36:e7:4d:0c:18:84:a7:f5:52:a9: f9:fc:07:2e:66:47:e3:0f:b6:b3:94:89:43:ed:b7: 31:eb:f0:83:71:ef:4c:ef:fa:f0:56:46:44:2e:5d: 68:fd:df:e0:ea:4e:12:f4:5c:d4:fc:f1:d8:19:17: 1f:95:f9:64:34:48:ca:79:40:8c:e2:e0:75:1b:27: d6:f2:8f:d4:f7:f5:de:ee:0b:e1:37:6e:56:5b:93: 0d:e0:d7:55:02:5e:61:f1:b7:b6:18:1c:35:0f:44: b7:34:35:6a:2b:bb:77:f7:de:61:0d:94:0f:66:8a: 4a:83:5c:be:3c:7a:58:04:ae:36:f5:6d:f7:f7:0c: 9a:7d:9a:75:ea:d9:92:7a:64:b9:bf:f6:af:9a:79: 8f:f4:e0:a6:09:86:73:3d:3d:36:c1:6b:8f:03:3b: a5:2f:50:3c:7e:44:63:66:72:5d:30:60:4f:bf:6f: fd:ad:12:f0:89:3a:0b:12:4f:3a:64:de:58:d9:81: e3:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:FC:51:3F:D3:CA:E4:19:CA:70:E9:6B:74:6C:F4:E4:1A:18:F9:28 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8060::/32 Signature Algorithm: sha256WithRSAEncryption 73:f4:7f:15:04:50:8b:13:fa:78:e0:ba:cc:3e:b5:61:7a:d7: dc:dd:84:f9:ab:b4:a7:56:ec:25:17:01:ad:06:44:42:f4:64: 7f:bf:8f:f8:50:84:0a:66:22:73:d2:2a:86:56:8b:47:2c:d2: b6:5c:7e:46:81:9c:d6:98:bf:5e:11:96:17:02:f6:d5:d8:ee: f1:7b:29:73:da:ee:64:9f:85:bd:cc:55:c0:2b:fa:1e:01:d4: 20:f4:ab:f7:98:d8:92:58:1d:23:b5:eb:3e:21:d4:32:74:5d: 2d:00:fc:71:ce:96:61:ae:b3:a7:43:52:26:79:25:76:2d:d8: 90:e9:75:50:18:d3:3c:80:7b:bc:5e:24:8d:9f:c6:0a:9f:13: aa:1e:77:e0:07:8d:0c:d7:24:ca:f7:8b:c1:82:47:aa:48:3a: f9:f0:55:d3:30:fe:68:ec:87:f8:fb:93:a1:98:1d:ec:57:f4: 86:69:0e:c2:73:5c:c9:96:a0:95:47:51:3f:a0:f4:5d:69:a8: 29:aa:76:14:1b:45:0d:78:3b:92:f3:35:52:f9:b2:7f:82:c8: 42:fd:71:c5:46:9e:fa:75:56:d7:5c:62:79:16:35:e8:54:b0: d8:16:73:a8:4e:20:e5:ce:fd:1b:29:e4:a5:68:c7:06:a8:e0: 4f:09:ad:37 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUHTIBeHiGJikPpYJIfnW7pj0SfVYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDA0OVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAM2Q2MGIzNDVhMzNlYzdlYzQ3ZjA4 MzExMTcwNzYwMzBkMjczNWUzN2U2NDNkYzA5ZjMzMmU5OWQxOGNlMTU2NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsEAIP6fG2P75NwUcrvui4xcF7v4 I9nOQ2oFjUWSIemFksawoM3SV+k21197Yi2qSLLpqTuWSsiNrHojepDZEDbnTQwY hKf1Uqn5/AcuZkfjD7azlIlD7bcx6/CDce9M7/rwVkZELl1o/d/g6k4S9FzU/PHY GRcflflkNEjKeUCM4uB1GyfW8o/U9/Xe7gvhN25WW5MN4NdVAl5h8be2GBw1D0S3 NDVqK7t3995hDZQPZopKg1y+PHpYBK429W339wyafZp16tmSemS5v/avmnmP9OCm CYZzPT02wWuPAzulL1A8fkRjZnJdMGBPv2/9rRLwiToLEk86ZN5Y2YHjsQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFOj8UT/TyuQZynDpa3Rs9OQaGPkoMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzMDgwYjMxLTg2ODQtNGNlOC1iNGU2LTMzZGI2M2QxMzYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+AYDANBgkqhkiG9w0BAQsFAAOCAQEAc/R/FQRQixP6eOC6zD61 YXrX3N2E+au0p1bsJRcBrQZEQvRkf7+P+FCECmYic9IqhlaLRyzStlx+RoGc1pi/ XhGWFwL21dju8Xspc9ruZJ+FvcxVwCv6HgHUIPSr95jYklgdI7XrPiHUMnRdLQD8 cc6WYa6zp0NSJnkldi3YkOl1UBjTPIB7vF4kjZ/GCp8Tqh534AeNDNckyveLwYJH qkg6+fBV0zD+aOyH+PuToZgd7Ff0hmkOwnNcyZaglUdRP6D0XWmoKap2FBtFDXg7 kvM1Uvmyf4LIQv1xxUae+nVW11xieRY16FSw2BZzqE4g5c79GynkpWjHBqjgTwmt Nw== -----END CERTIFICATE-----Generated at Tue Jul 22 11:48:05 2025 by rpki-client