$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: cN+erzXgky2WqriyjQsMtg3vwsV3Y+5T5G1lMyfB84A= Subject key identifier: D2:FD:48:05:0A:BC:2A:31:C5:FA:07:15:06:28:86:B1:DA:EA:4A:5C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6DAEAFF0D11E88F9B837021C12D9467CAEEB13D3 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Wed 09 Jul 2025 00:00:27 +0000 ROA not before: Wed 09 Jul 2025 00:00:27 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:ae:af:f0:d1:1e:88:f9:b8:37:02:1c:12:d9:46:7c:ae:eb:13:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:27 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=6ec29c0ee3b8f7a407d210d06222959c9dc8057e10a5b4b719c460b7a9b29950, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f9:38:f6:cc:72:b5:9b:2f:e9:d7:4e:26:d6: a9:10:e0:43:1b:0b:70:81:23:d3:d9:e6:ea:77:c4: c5:b2:22:0b:1c:e2:6b:82:c8:0b:e7:40:93:c9:a7: 53:2e:fe:c5:58:cb:98:99:48:2f:4d:e7:9c:05:01: bf:44:23:aa:f5:ca:20:34:d6:e7:a9:5d:1a:b9:69: 32:2a:b1:34:a0:5a:15:80:70:07:30:da:91:97:a2: 8c:d3:a7:8f:e1:27:a9:49:8b:0b:9d:3b:57:65:66: 0f:55:ca:13:76:e3:2f:70:d9:96:12:b6:c3:98:5d: 92:46:7f:5f:b7:ff:7b:4a:39:12:e9:ab:c7:35:3d: e6:a1:43:91:86:a6:83:be:f2:d6:1a:63:71:01:2c: b0:ea:eb:10:74:dd:a6:07:ab:ca:87:f4:14:e5:91: ac:cc:33:15:69:d0:35:47:34:d4:23:4b:8c:3f:12: 82:9a:c6:e8:9b:8d:ca:86:9b:a6:3d:b7:bd:36:19: 32:62:b3:af:0f:1c:f9:c5:12:89:80:0e:a1:cb:6d: 5e:0e:c8:27:1c:e2:85:c8:db:2d:e9:49:83:20:f0: 46:e2:08:61:06:2e:70:b0:88:a4:ee:ee:81:48:6d: de:1f:9c:e6:4d:8a:48:64:cd:b1:3f:54:2c:14:28: fa:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:FD:48:05:0A:BC:2A:31:C5:FA:07:15:06:28:86:B1:DA:EA:4A:5C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption 6d:28:7f:fd:b1:01:b6:6f:7e:25:1d:50:b4:c1:04:1b:d7:21: 21:97:a7:ba:28:bd:17:bf:04:e5:cc:ed:e2:06:26:ef:da:4b: 21:4e:a8:94:09:fc:78:3f:c3:e5:15:f6:98:4e:41:0f:df:e5: 0d:7b:f6:c2:b6:30:f5:78:9d:71:4e:1c:2c:95:87:7c:19:e5: d6:0b:d8:11:29:fb:74:03:9e:60:20:b9:86:44:94:90:2c:49: d7:f0:03:b7:a7:40:ef:b1:8c:60:a6:3c:6e:d7:0f:c1:25:cb: c6:78:9a:43:df:17:38:f4:40:f9:55:fc:bb:5f:ed:50:b5:ce: db:18:67:73:0f:60:d2:c4:a1:b6:55:e3:eb:1f:f9:e7:0b:f1: b1:bd:03:ab:22:12:27:f5:05:fe:da:fb:8e:28:04:b2:31:e7: be:55:ca:88:93:12:cb:4d:3d:d7:e1:fd:33:a9:34:77:4d:b0: 8e:c2:e7:76:43:dc:4f:21:18:12:30:03:4c:f1:df:fc:e7:48: c9:82:89:c0:77:8c:c4:8b:a0:b1:7e:97:01:b0:ca:47:21:3f: e6:e8:6d:10:10:2e:4d:6f:c8:8d:34:b2:48:c5:0b:fd:74:d9: ca:d9:2e:42:0c:cf:e5:84:2f:66:99:6e:fa:b9:21:f9:62:6f: 80:fe:e1:f1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUba6v8NEeiPm4NwIcEtlGfK7rE9MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAyN1oX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANmVjMjljMGVlM2I4ZjdhNDA3ZDIx MGQwNjIyMjk1OWM5ZGM4MDU3ZTEwYTViNGI3MTljNDYwYjdhOWIyOTk1MDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfk49sxytZsv6ddOJtapEOBDGwtw gSPT2ebqd8TFsiILHOJrgsgL50CTyadTLv7FWMuYmUgvTeecBQG/RCOq9cogNNbn qV0auWkyKrE0oFoVgHAHMNqRl6KM06eP4SepSYsLnTtXZWYPVcoTduMvcNmWErbD mF2SRn9ft/97SjkS6avHNT3moUORhqaDvvLWGmNxASyw6usQdN2mB6vKh/QU5ZGs zDMVadA1RzTUI0uMPxKCmsbom43KhpumPbe9NhkyYrOvDxz5xRKJgA6hy21eDsgn HOKFyNst6UmDIPBG4ghhBi5wsIik7u6BSG3eH5zmTYpIZM2xP1QsFCj6QwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNL9SAUKvCoxxfoHFQYohrHa6kpcMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBAG0of/2xAbZvfiUdULTB BBvXISGXp7oovRe/BOXM7eIGJu/aSyFOqJQJ/Hg/w+UV9phOQQ/f5Q179sK2MPV4 nXFOHCyVh3wZ5dYL2BEp+3QDnmAguYZElJAsSdfwA7enQO+xjGCmPG7XD8Ely8Z4 mkPfFzj0QPlV/Ltf7VC1ztsYZ3MPYNLEobZV4+sf+ecL8bG9A6siEif1Bf7a+44o BLIx575VyoiTEstNPdfh/TOpNHdNsI7C53ZD3E8hGBIwA0zx3/znSMmCicB3jMSL oLF+lwGwykchP+bobRAQLk1vyI00skjFC/102crZLkIMz+WEL2aZbvq5Iflib4D+ 4fE= -----END CERTIFICATE-----Generated at Tue Jul 22 19:31:56 2025 by rpki-client