$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa File: baa1273d-7883-4b5d-8e1c-23ebac490846.roa (raw, json) Hash identifier: c7Ao+70OXsEuMF7KG7Xx+mQ6hzoZ2S6pD2XVz7PNEkM= Subject key identifier: D8:37:BB:1E:7B:36:30:AE:C1:03:95:22:A8:3F:89:4C:F6:BE:65:E0 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6E23B5F06DACCDB38418145882089D290BED287A Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa Signing time: Wed 09 Jul 2025 00:00:22 +0000 ROA not before: Wed 09 Jul 2025 00:00:22 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:23:b5:f0:6d:ac:cd:b3:84:18:14:58:82:08:9d:29:0b:ed:28:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:22 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=855da912ca52e23dfbb6f50a7d645b757f9397cf5ffeb357a4f43adec867b474, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:0a:7f:02:19:cd:8e:a1:31:e8:d5:81:f5:1d: d0:f5:c4:38:83:5e:9c:f8:98:1c:a7:11:fd:5e:a3: ec:34:b0:3c:35:08:c1:09:b0:15:39:ba:06:46:73: 93:f0:f9:ef:73:87:18:61:43:6a:cf:5b:ba:bb:56: 21:63:45:7a:ce:44:e0:f5:0b:19:d6:75:3b:93:ff: 75:f3:3c:f9:35:67:bd:d3:52:71:39:b3:bd:26:44: 67:38:6d:57:5f:e5:2a:bf:49:cd:16:f7:37:43:eb: fd:83:79:cd:51:5d:77:af:14:fb:7d:52:91:15:5d: 58:33:a8:a9:a0:19:16:b4:37:3e:18:a1:5d:4f:01: 5a:a0:64:74:ce:97:e4:d4:4c:94:d4:2a:58:e6:e4: 1e:c6:a7:0c:ea:68:ad:48:18:d2:46:89:8f:59:52: 96:00:26:c1:1b:52:e1:91:a0:3f:98:a7:ef:ec:6a: 65:7c:bf:6e:18:c3:ce:0c:aa:58:ce:40:be:81:2d: 56:6e:61:70:ee:82:29:97:8d:6c:98:17:a7:43:05: e1:27:ce:7f:70:bc:e0:81:16:0c:50:83:14:a6:5a: 2b:aa:ec:50:7e:95:ad:04:56:68:c4:54:4f:32:ff: d7:90:b8:f8:ef:1a:ab:25:40:81:39:3c:ba:6c:10: 1c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:37:BB:1E:7B:36:30:AE:C1:03:95:22:A8:3F:89:4C:F6:BE:65:E0 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4040::/48 Signature Algorithm: sha256WithRSAEncryption 9a:ea:ba:a0:7f:5f:0c:3d:2a:11:71:f8:fa:87:da:35:d4:9a: d7:99:ad:31:8f:7d:db:60:e1:7f:cc:85:ba:3b:30:2d:29:56: 1e:80:ae:6d:c0:23:f5:32:f5:1e:43:a6:7c:9f:b6:d1:34:94: f5:26:c0:0e:41:b8:b2:e5:55:01:62:38:f5:c6:0b:16:f0:42: d1:1f:f7:7f:1e:ec:30:b5:cf:08:f3:d5:0e:05:73:bf:7d:22: fa:c3:28:c2:ea:89:c1:4b:6e:62:c9:6a:d8:16:a0:4c:f9:32: d8:d6:c8:b5:09:53:ae:cd:cd:40:b3:68:d5:cd:db:01:89:dc: 21:e7:3d:20:72:97:31:46:18:ba:57:4e:16:b3:b0:6f:5a:57: 02:67:1d:36:c9:a5:cd:32:4b:da:c2:11:56:32:f7:bb:09:7d: 3b:9f:67:96:16:18:32:22:66:8f:1c:4c:8f:6b:72:39:06:23: 07:65:94:a7:fc:73:c5:4e:46:29:13:21:f0:e1:14:0f:d1:77: 65:bd:52:36:25:29:48:5f:21:28:fa:f0:2b:35:44:f7:86:b3: 2d:7b:bb:74:12:fe:28:28:66:19:b6:0a:93:df:8f:cb:c8:60: 2e:1b:90:44:dc:7b:94:98:52:b7:f6:c2:5d:de:cc:6d:c1:42: 75:e3:5a:9b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbiO18G2szbOEGBRYggidKQvtKHowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAyMloX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAODU1ZGE5MTJjYTUyZTIzZGZiYjZm NTBhN2Q2NDViNzU3ZjkzOTdjZjVmZmViMzU3YTRmNDNhZGVjODY3YjQ3NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAp/AhnNjqEx6NWB9R3Q9cQ4g16c +JgcpxH9XqPsNLA8NQjBCbAVOboGRnOT8Pnvc4cYYUNqz1u6u1YhY0V6zkTg9QsZ 1nU7k/918zz5NWe901JxObO9JkRnOG1XX+Uqv0nNFvc3Q+v9g3nNUV13rxT7fVKR FV1YM6ipoBkWtDc+GKFdTwFaoGR0zpfk1EyU1CpY5uQexqcM6mitSBjSRomPWVKW ACbBG1LhkaA/mKfv7GplfL9uGMPODKpYzkC+gS1WbmFw7oIpl41smBenQwXhJ85/ cLzggRYMUIMUplorquxQfpWtBFZoxFRPMv/XkLj47xqrJUCBOTy6bBAc/QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNg3ux57NjCuwQOVIqg/iUz2vmXgMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2JhYTEyNzNkLTc4ODMtNGI1ZC04ZTFjLTIzZWJhYzQ5MDg0Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0BAMA0GCSqGSIb3DQEBCwUAA4IBAQCa6rqgf18MPSoRcfj6 h9o11JrXma0xj33bYOF/zIW6OzAtKVYegK5twCP1MvUeQ6Z8n7bRNJT1JsAOQbiy 5VUBYjj1xgsW8ELRH/d/Huwwtc8I89UOBXO/fSL6wyjC6onBS25iyWrYFqBM+TLY 1si1CVOuzc1As2jVzdsBidwh5z0gcpcxRhi6V04Ws7BvWlcCZx02yaXNMkvawhFW Mve7CX07n2eWFhgyImaPHEyPa3I5BiMHZZSn/HPFTkYpEyHw4RQP0XdlvVI2JSlI XyEo+vArNUT3hrMte7t0Ev4oKGYZtgqT34/LyGAuG5BE3HuUmFK39sJd3sxtwUJ1 41qb -----END CERTIFICATE-----Generated at Tue Jul 22 19:31:40 2025 by rpki-client