$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa File: f54cd21d-ebef-4509-8295-1f7547d0d717.roa (raw, json) Hash identifier: fL+E7GPFHFUPx0Eu2IwJsHMhHEPPlWpNgaeWVuxV46A= Subject key identifier: F1:B9:E3:07:BB:59:B3:FF:6F:70:A0:9C:27:0C:1F:D3:55:16:18:34 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 344AE0A6E6D97C7F41EC833BBC0D2A88010CA680 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa Signing time: Wed 09 Jul 2025 00:00:32 +0000 ROA not before: Wed 09 Jul 2025 00:00:32 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 00:02:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:4a:e0:a6:e6:d9:7c:7f:41:ec:83:3b:bc:0d:2a:88:01:0c:a6:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 9 00:00:32 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=086a1a45a8e7596878cd2e3279fb305724f94ba225aec66860998373a695d7f4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:07:5e:66:46:65:2b:f0:76:af:f1:d9:6c:b0: bb:d2:73:a7:f3:34:46:72:92:3c:a0:42:65:ea:a6: cf:64:25:a2:e1:68:f8:d6:ea:ac:50:39:ea:00:14: cd:0d:23:5e:c7:3e:24:08:06:85:a5:ac:8b:bf:d4: 2c:f8:05:7d:2c:3f:bc:5f:1e:7d:38:a3:8b:11:ab: 1d:69:2f:13:74:37:53:ef:04:ca:86:fc:83:1f:65: b9:29:a2:38:f9:0d:a7:e7:0a:b2:d4:12:f3:39:ef: 46:fe:d6:86:9b:ec:a7:ab:25:e9:ff:3e:54:82:e1: 4a:86:86:7b:c2:09:1f:fe:ec:dc:61:8e:63:f1:42: 6b:9c:f1:82:98:d2:cc:f7:24:b4:0b:f1:58:5e:c3: 88:98:a7:e7:35:22:7b:c8:d1:bb:b5:46:db:88:38: 71:10:96:11:d6:65:35:e2:ad:c7:46:e5:6b:01:89: cc:f9:62:8f:1d:6c:46:7a:6f:5a:94:25:8d:fb:a5: e4:7f:c6:00:5c:de:71:a1:97:e9:b1:3a:ca:bb:df: cd:9a:92:37:f1:6b:f1:e4:5a:0a:69:40:4a:c1:05: 61:62:99:e5:51:5b:b9:fc:2f:27:31:ba:46:98:83: 1f:00:d8:4e:6f:cf:67:3d:df:3f:f4:d2:3f:69:94: 0d:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:B9:E3:07:BB:59:B3:FF:6F:70:A0:9C:27:0C:1F:D3:55:16:18:34 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:400::/38 Signature Algorithm: sha256WithRSAEncryption 37:35:33:b8:82:54:4c:ad:66:d1:e4:1d:44:76:ee:19:0f:ea: b0:37:19:11:3d:b3:22:89:4a:6d:b7:9b:20:2f:a5:d3:09:13: de:3f:20:eb:3f:10:d7:ba:1c:00:b1:31:00:89:78:59:29:df: 61:00:c3:b4:06:1a:33:5a:9e:e3:ca:e2:a9:b3:fe:e1:41:99: ae:a1:19:fb:fa:4f:d7:c2:76:14:23:a2:0c:53:82:62:5a:eb: 81:62:b9:bf:92:19:af:e9:8a:05:a2:58:32:83:bf:d7:cf:b2: 55:c6:e6:e4:8e:ef:52:69:6c:a6:95:ff:0a:b0:49:d8:76:ca: 47:ae:18:7d:9f:ca:de:25:08:f6:0d:3e:2a:77:f7:c1:cf:8b: 8e:a8:4c:50:eb:44:42:9f:ff:fd:08:c0:02:18:ff:e4:75:c1: 5d:73:f1:29:15:48:5e:6d:e5:0a:5b:7b:67:c6:2b:70:5e:8c: 87:c3:06:d4:dc:91:1e:3f:9e:84:fa:04:66:8a:63:48:80:c4: 8e:27:fc:e2:37:68:cd:ed:2b:e0:5a:4f:5a:2b:65:7e:cb:e5: c6:cd:b8:55:9f:d4:51:85:65:5d:ce:7d:d6:a5:9d:42:e4:a4: 4e:e6:b4:fe:91:08:32:13:07:d4:dc:ab:fd:a9:56:c8:df:25: 87:a0:63:9b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNErgpubZfH9B7IM7vA0qiAEMpoAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcwOTAwMDAzMloX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAMDg2YTFhNDVhOGU3NTk2ODc4Y2Qy ZTMyNzlmYjMwNTcyNGY5NGJhMjI1YWVjNjY4NjA5OTgzNzNhNjk1ZDdmNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowdeZkZlK/B2r/HZbLC70nOn8zRG cpI8oEJl6qbPZCWi4Wj41uqsUDnqABTNDSNexz4kCAaFpayLv9Qs+AV9LD+8Xx59 OKOLEasdaS8TdDdT7wTKhvyDH2W5KaI4+Q2n5wqy1BLzOe9G/taGm+ynqyXp/z5U guFKhoZ7wgkf/uzcYY5j8UJrnPGCmNLM9yS0C/FYXsOImKfnNSJ7yNG7tUbbiDhx EJYR1mU14q3HRuVrAYnM+WKPHWxGem9alCWN+6Xkf8YAXN5xoZfpsTrKu9/NmpI3 8Wvx5FoKaUBKwQVhYpnlUVu5/C8nMbpGmIMfANhOb89nPd8/9NI/aZQNpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPG54we7WbP/b3CgnCcMH9NVFhg0MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2Y1NGNkMjFkLWViZWYtNDUwOS04Mjk1LTFmNzU0N2QwZDcxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAQwDQYJKoZIhvcNAQELBQADggEBADc1M7iCVEytZtHkHUR2 7hkP6rA3GRE9syKJSm23myAvpdMJE94/IOs/ENe6HACxMQCJeFkp32EAw7QGGjNa nuPK4qmz/uFBma6hGfv6T9fCdhQjogxTgmJa64Fiub+SGa/pigWiWDKDv9fPslXG 5uSO71JpbKaV/wqwSdh2ykeuGH2fyt4lCPYNPip398HPi46oTFDrREKf//0IwAIY /+R1wV1z8SkVSF5t5Qpbe2fGK3BejIfDBtTckR4/noT6BGaKY0iAxI4n/OI3aM3t K+BaT1orZX7L5cbNuFWf1FGFZV3OfdalnULkpE7mtP6RCDITB9Tcq/2pVsjfJYeg Y5s= -----END CERTIFICATE-----Generated at Fri Jul 25 05:16:25 2025 by rpki-client