$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json) Hash identifier: 1Dsiknx4fPewwsry0uIwyJ2+TBVjkwvBinU5OSP9LW0= Subject key identifier: F3:F6:06:46:3B:1E:EE:5A:4D:66:D1:EF:BE:95:C8:B5:43:22:18:DA Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4335F04F7360157BFEA020EF7951697B8C81C8CE Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa Signing time: Wed 09 Jul 2025 00:00:20 +0000 ROA not before: Wed 09 Jul 2025 00:00:20 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:35:f0:4f:73:60:15:7b:fe:a0:20:ef:79:51:69:7b:8c:81:c8:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:20 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=7ef26b7e9ef3725b804ba8973cc3764c3b21f8654ab759f2407b43ba289323ef, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:5b:a4:6d:45:cc:b7:f3:19:43:d2:27:ab:2b: 7a:e9:f8:ee:e0:0f:13:c3:65:b0:43:26:8e:1f:30: 3f:f4:76:de:d3:ca:ae:99:b5:22:71:13:30:5e:e2: 1d:d5:8f:7f:c2:0c:a7:59:d6:44:2e:ff:04:30:9d: b8:de:a9:22:42:f4:29:9b:4a:93:2f:a8:e5:51:8d: 04:6f:c3:af:14:65:d1:19:57:60:c5:86:e9:26:f3: a5:6b:4d:3c:17:1f:62:9c:70:39:c0:26:24:43:e2: 9a:3f:b4:7e:4c:46:a7:b5:d5:65:7c:b7:33:c7:b8: f3:21:68:c8:dc:a0:53:38:ab:b7:a3:7f:6e:03:ab: d1:58:4f:86:01:88:d7:ca:a0:18:0b:f0:5e:51:18: 95:89:09:a2:11:c6:b5:b6:52:db:54:ee:a1:a0:34: 59:9d:5c:d8:f1:14:cc:f1:8f:05:06:13:7a:3b:17: 99:5c:3f:5c:69:4e:f0:7d:98:af:31:9a:6d:ef:90: f4:fa:eb:83:52:9f:b2:3e:ad:f4:b6:67:58:18:98: bf:04:7f:9e:87:1b:0e:ae:15:4f:1e:cb:d6:3f:fd: 56:86:71:1a:85:3a:e5:cf:5b:ef:1e:4b:d8:6f:d2: a9:58:20:39:50:e7:58:7f:cd:36:61:ec:eb:59:14: d3:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:F6:06:46:3B:1E:EE:5A:4D:66:D1:EF:BE:95:C8:B5:43:22:18:DA X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 59:34:d7:c9:14:20:e7:53:8e:52:50:b8:10:86:4d:bc:c2:1c: 3d:6b:b7:c9:64:83:6e:62:c2:bb:01:14:e4:23:3c:32:d7:89: 39:cc:14:9f:43:e4:40:be:37:36:b3:c5:c5:0b:62:a2:6a:b0: 5a:ea:06:e5:e5:c9:73:53:63:6b:f9:97:c7:07:77:76:b3:20: 05:08:48:d5:63:5e:30:fd:02:58:c4:a5:a9:c6:d2:5f:f8:54: b5:22:63:fb:b7:02:2d:c4:36:7b:4a:cb:4f:ec:00:bb:28:80: 46:96:06:66:dd:2b:68:6c:b2:d9:48:b7:d1:46:46:66:51:84: 1e:4e:23:7f:3c:3b:0b:5f:33:35:ae:ad:94:75:b8:6a:bf:0c: 3f:15:a2:71:97:87:6e:84:a6:bb:e7:ca:ae:c0:49:93:ef:0c: 00:aa:c7:85:c4:65:7f:e5:b3:c9:ce:c8:be:59:14:59:ea:2b: 7a:3f:8f:32:5c:19:19:be:ab:64:a5:57:e8:f2:ed:2e:b0:c7: 30:22:9a:02:af:40:3a:59:d9:e8:2c:98:03:76:4f:cb:85:fd: c7:6b:bb:04:8d:e5:d5:ae:9b:0c:62:64:d6:55:b2:1e:19:44: bf:71:ec:e1:9b:57:6b:ac:0d:86:3d:3d:42:3b:de:d1:a4:77: 6c:f4:dd:8c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQzXwT3NgFXv+oCDveVFpe4yByM4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAyMFoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAN2VmMjZiN2U5ZWYzNzI1YjgwNGJh ODk3M2NjMzc2NGMzYjIxZjg2NTRhYjc1OWYyNDA3YjQzYmEyODkzMjNlZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVukbUXMt/MZQ9Inqyt66fju4A8T w2WwQyaOHzA/9Hbe08qumbUicRMwXuId1Y9/wgynWdZELv8EMJ243qkiQvQpm0qT L6jlUY0Eb8OvFGXRGVdgxYbpJvOla008Fx9inHA5wCYkQ+KaP7R+TEantdVlfLcz x7jzIWjI3KBTOKu3o39uA6vRWE+GAYjXyqAYC/BeURiViQmiEca1tlLbVO6hoDRZ nVzY8RTM8Y8FBhN6OxeZXD9caU7wfZivMZpt75D0+uuDUp+yPq30tmdYGJi/BH+e hxsOrhVPHsvWP/1WhnEahTrlz1vvHkvYb9KpWCA5UOdYf802YezrWRTTUwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPP2BkY7Hu5aTWbR776VyLVDIhjaMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQBZNNfJFCDnU45SULgQ hk28whw9a7fJZINuYsK7ARTkIzwy14k5zBSfQ+RAvjc2s8XFC2KiarBa6gbl5clz U2Nr+ZfHB3d2syAFCEjVY14w/QJYxKWpxtJf+FS1ImP7twItxDZ7SstP7AC7KIBG lgZm3StobLLZSLfRRkZmUYQeTiN/PDsLXzM1rq2Udbhqvww/FaJxl4duhKa758qu wEmT7wwAqseFxGV/5bPJzsi+WRRZ6it6P48yXBkZvqtkpVfo8u0usMcwIpoCr0A6 WdnoLJgDdk/Lhf3Ha7sEjeXVrpsMYmTWVbIeGUS/cezhm1drrA2GPT1CO97RpHds 9N2M -----END CERTIFICATE-----Generated at Tue Jul 22 19:29:35 2025 by rpki-client