$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json) Hash identifier: /Q6dYkZDqwROf0b5M+sPWkUne4brS0P/EZN5BiaCbEs= Subject key identifier: C7:40:FB:B6:37:16:8E:FD:15:56:CD:AD:9A:53:CE:06:55:2E:71:C1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 32A58AECC7529365F87341F59EFBE5FF613D8FA9 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa Signing time: Mon 07 Jul 2025 16:00:08 +0000 ROA not before: Mon 07 Jul 2025 16:00:08 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:a5:8a:ec:c7:52:93:65:f8:73:41:f5:9e:fb:e5:ff:61:3d:8f:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 7 16:00:08 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=c92e284bf8ddfb1c71a9cd5e54c3ee2d759e911de371f5412b865f80d9ed1af6, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:60:cd:4f:57:f8:c5:a0:02:13:4b:9b:7f:ec: a9:76:68:15:c7:21:56:39:43:dd:15:41:d3:aa:51: 40:c2:12:37:e4:fa:d8:7b:00:05:45:5b:84:0c:b0: 07:36:e4:51:4b:98:b7:8d:e0:fa:ac:f1:93:35:28: b2:8f:c8:5e:ab:bf:80:07:73:93:47:4d:c9:c0:29: ea:5d:a5:43:92:16:fd:46:81:f4:c3:44:53:a5:d9: 27:6b:83:f9:53:21:40:78:55:d8:05:47:fa:4b:4d: 34:5c:dc:d6:99:ba:66:36:84:57:85:81:78:b2:91: b6:79:08:73:60:68:a6:a2:a6:5c:b5:63:b9:25:b4: d3:6f:f1:bf:5f:28:82:ba:a0:1b:78:8c:1c:08:38: 16:a7:7a:0b:34:a4:2c:5c:8d:5b:3f:aa:a4:e0:f1: 38:94:cd:c6:d7:2a:4e:97:26:d5:a0:fe:59:68:03: aa:e9:f0:42:98:15:64:e4:ef:36:b5:8d:b0:ab:d1: b4:29:79:61:d9:35:08:3e:6e:54:4e:99:8d:dd:f9: a2:6c:43:ab:1b:d8:96:a4:3c:9b:d7:74:8a:33:4f: a9:84:71:9b:78:40:b6:df:85:a1:31:3c:5e:f8:98: 9d:f8:ea:a3:57:06:e9:64:3d:ca:8a:e0:b0:bd:93: 10:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:40:FB:B6:37:16:8E:FD:15:56:CD:AD:9A:53:CE:06:55:2E:71:C1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fe:4000::/40 Signature Algorithm: sha256WithRSAEncryption 54:c1:51:80:e3:9d:3f:d9:33:ed:62:c2:1b:9f:1f:a6:ce:08: 3c:56:51:f1:75:93:78:87:14:4e:12:6e:6d:9f:70:62:3e:c7: e3:19:e0:9f:4b:71:0e:b7:1d:62:38:75:4a:73:cf:54:13:c5: c3:f2:af:9a:0e:6b:bf:12:c1:ac:c4:da:ec:b7:3d:ed:bd:3f: 34:e2:92:d0:87:ad:cb:61:24:cf:69:09:00:ad:46:01:e6:3e: 02:a5:ee:a6:b9:fa:8f:3e:45:a3:f0:00:b0:b3:a2:33:8c:0d: f2:e5:b8:cf:a2:ee:7f:0e:8a:1f:67:31:80:60:d2:cf:1b:1a: 84:22:c6:6e:5d:9d:ca:73:56:21:71:53:e0:bf:b6:a2:1f:d5: 5e:90:bf:cf:11:dc:83:73:54:71:83:8b:1c:c5:97:b7:58:4c: 56:cd:62:c9:dc:f8:97:e3:4e:85:de:6d:8d:f6:7f:a7:a1:32: 40:b7:81:b1:f4:f6:50:04:1f:db:1c:dc:7b:cc:c7:02:c9:26: b0:61:55:df:8f:19:94:b9:bd:d3:ab:1a:15:b3:38:86:1b:7e: c8:66:a9:3c:bb:ed:45:33:c7:e6:69:54:26:2f:8c:0f:e8:c5: 8c:cc:01:29:2a:9a:00:a1:6c:f2:15:11:ae:1f:ba:e1:3f:77: 1d:8f:36:c6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMqWK7MdSk2X4c0H1nvvl/2E9j6kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwNzE2MDAwOFoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYzkyZTI4NGJmOGRkZmIxYzcxYTlj ZDVlNTRjM2VlMmQ3NTllOTExZGUzNzFmNTQxMmI4NjVmODBkOWVkMWFmNjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGDNT1f4xaACE0ubf+ypdmgVxyFW OUPdFUHTqlFAwhI35PrYewAFRVuEDLAHNuRRS5i3jeD6rPGTNSiyj8heq7+AB3OT R03JwCnqXaVDkhb9RoH0w0RTpdkna4P5UyFAeFXYBUf6S000XNzWmbpmNoRXhYF4 spG2eQhzYGimoqZctWO5JbTTb/G/XyiCuqAbeIwcCDgWp3oLNKQsXI1bP6qk4PE4 lM3G1ypOlybVoP5ZaAOq6fBCmBVk5O82tY2wq9G0KXlh2TUIPm5UTpmN3fmibEOr G9iWpDyb13SKM0+phHGbeEC234WhMTxe+Jid+OqjVwbpZD3KiuCwvZMQcwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMdA+7Y3Fo79FVbNrZpTzgZVLnHBMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBAFTBUYDjnT/ZM+1iwhuf H6bOCDxWUfF1k3iHFE4Sbm2fcGI+x+MZ4J9LcQ63HWI4dUpzz1QTxcPyr5oOa78S wazE2uy3Pe29PzTiktCHrcthJM9pCQCtRgHmPgKl7qa5+o8+RaPwALCzojOMDfLl uM+i7n8Oih9nMYBg0s8bGoQixm5dncpzViFxU+C/tqIf1V6Qv88R3INzVHGDixzF l7dYTFbNYsnc+JfjToXebY32f6ehMkC3gbH09lAEH9sc3HvMxwLJJrBhVd+PGZS5 vdOrGhWzOIYbfshmqTy77UUzx+ZpVCYvjA/oxYzMASkqmgChbPIVEa4fuuE/dx2P NsY= -----END CERTIFICATE-----Generated at Tue Jul 22 11:45:06 2025 by rpki-client