$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa File: c7b491e4-76ae-4305-8132-a670b41c66fd.roa (raw, json) Hash identifier: lyZcJWrBkNVQKl2M2bEb24sjElivR0XAUrUX/5cIp5c= Subject key identifier: B5:D1:F0:12:93:55:BE:33:55:7A:88:15:79:76:7D:78:CB:75:E2:4C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 21B9559F8F144E5DB5803E4DA78EF310228B5E9B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa Signing time: Wed 09 Jul 2025 00:00:21 +0000 ROA not before: Wed 09 Jul 2025 00:00:21 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:b9:55:9f:8f:14:4e:5d:b5:80:3e:4d:a7:8e:f3:10:22:8b:5e:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:21 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=e8a04bf0cbafebea28163ead2117787350a2713b965850d2fc875c7c483f6538, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:39:0b:f0:ac:00:fc:b9:d1:b3:e0:82:d4:ab: 8c:08:50:7a:b8:db:0b:7a:70:18:8a:dd:b0:87:d3: d8:1f:32:ea:68:79:37:d9:f3:87:82:c6:53:bd:55: 0e:aa:b2:14:71:ca:77:82:e7:14:b2:0f:22:0e:26: 0b:02:41:fc:c1:e2:d0:55:35:ee:80:7c:9e:ec:5e: 82:a9:6c:76:c6:7c:0b:2a:84:ac:4d:0e:9a:87:14: f7:0a:c6:b5:40:4d:b7:d1:c4:67:90:e5:7f:7e:ab: cb:46:fd:3e:18:aa:a9:b2:02:ab:8a:f2:33:f6:e6: 18:8c:a7:60:18:1c:26:26:8d:bd:45:25:cc:ff:e7: 83:ca:2c:93:ef:a9:8e:5b:6a:e5:0a:4c:2b:28:bf: 8b:79:3a:37:13:43:fa:98:de:34:08:5f:cf:d2:0c: 7c:bc:c4:4e:1b:0c:7c:02:83:e8:3e:ce:86:02:f7: 7d:84:52:0a:b9:c6:44:94:bc:1b:8e:f3:fa:cc:80: 48:05:94:b7:1c:53:4f:bf:f2:96:d1:ad:d7:e6:f1: 4f:80:09:b8:d3:f8:aa:fd:10:78:e5:9e:84:e1:42: 4a:04:cc:20:f4:69:7c:49:20:f2:22:69:90:8a:d5: 97:4a:62:5a:f1:4a:e6:2b:e9:7b:5b:14:8e:07:cb: 6b:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:D1:F0:12:93:55:BE:33:55:7A:88:15:79:76:7D:78:CB:75:E2:4C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4000::/40 Signature Algorithm: sha256WithRSAEncryption 62:6e:07:5d:71:67:be:88:e6:62:e9:1d:de:4a:0e:26:13:0a: 1f:f1:b8:a6:76:40:e1:be:a8:a1:06:af:31:51:b0:45:93:8c: c9:20:e3:b2:e5:84:a7:60:23:e4:3a:18:83:e5:89:d6:0a:0b: c9:49:8e:b6:ea:cb:5f:88:5d:97:d9:15:37:f5:e6:5c:00:46: dc:a8:d2:a3:15:69:6f:0f:10:9f:ec:11:54:f3:0e:86:67:92: d1:38:60:38:e7:d8:e2:f1:3c:a0:ac:d3:e3:e3:f1:8b:55:26: 35:1e:c1:42:66:b6:df:75:e5:29:26:c1:13:4a:64:6d:f7:18: 46:62:1a:e0:9e:a8:1a:5c:0c:ff:1f:50:3d:1e:95:5a:52:fa: 50:50:e8:60:16:a4:f6:70:b1:c2:c2:21:91:66:46:9b:90:6c: eb:5c:b5:30:17:a1:26:0d:04:3c:7e:fd:dc:53:a4:90:ed:69: cf:e2:a2:53:f4:50:9e:8b:34:f6:40:db:17:d8:87:0b:e6:8b: 69:cb:f5:dc:50:11:e3:31:7e:ba:fb:0d:7d:82:1d:c8:af:cb: b7:2d:8b:39:00:70:be:79:4b:9e:23:d8:d8:06:71:48:3e:43: 3a:8c:fc:50:9b:54:b0:63:96:81:32:bf:f5:38:70:d3:16:2b: ee:52:6f:41 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIblVn48UTl21gD5Np47zECKLXpswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAyMVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAZThhMDRiZjBjYmFmZWJlYTI4MTYz ZWFkMjExNzc4NzM1MGEyNzEzYjk2NTg1MGQyZmM4NzVjN2M0ODNmNjUzODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDkL8KwA/LnRs+CC1KuMCFB6uNsL enAYit2wh9PYHzLqaHk32fOHgsZTvVUOqrIUccp3gucUsg8iDiYLAkH8weLQVTXu gHye7F6CqWx2xnwLKoSsTQ6ahxT3Csa1QE230cRnkOV/fqvLRv0+GKqpsgKrivIz 9uYYjKdgGBwmJo29RSXM/+eDyiyT76mOW2rlCkwrKL+LeTo3E0P6mN40CF/P0gx8 vMROGwx8AoPoPs6GAvd9hFIKucZElLwbjvP6zIBIBZS3HFNPv/KW0a3X5vFPgAm4 0/iq/RB45Z6E4UJKBMwg9Gl8SSDyImmQitWXSmJa8UrmK+l7WxSOB8trPwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLXR8BKTVb4zVXqIFXl2fXjLdeJMMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3YjQ5MWU0LTc2YWUtNDMwNS04MTMyLWE2NzBiNDFjNjZmZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBAGJuB11xZ76I5mLpHd5K DiYTCh/xuKZ2QOG+qKEGrzFRsEWTjMkg47LlhKdgI+Q6GIPlidYKC8lJjrbqy1+I XZfZFTf15lwARtyo0qMVaW8PEJ/sEVTzDoZnktE4YDjn2OLxPKCs0+Pj8YtVJjUe wUJmtt915SkmwRNKZG33GEZiGuCeqBpcDP8fUD0elVpS+lBQ6GAWpPZwscLCIZFm RpuQbOtctTAXoSYNBDx+/dxTpJDtac/iolP0UJ6LNPZA2xfYhwvmi2nL9dxQEeMx frr7DX2CHcivy7ctizkAcL55S54j2NgGcUg+QzqM/FCbVLBjloEyv/U4cNMWK+5S b0E= -----END CERTIFICATE-----Generated at Tue Jul 22 11:47:37 2025 by rpki-client