$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa File: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (raw, json) Hash identifier: Z9BhzX3FhJZtPNydYd9adqChM6ZXAxTAL4cznxxA5Ss= Subject key identifier: 37:31:47:D9:19:83:5E:66:A4:3C:E5:A4:5E:10:FC:01:60:1C:14:B3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 531EAD17302ED0752ACEB955CA8C4544F9AA2345 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa Signing time: Tue 26 Aug 2025 00:50:11 +0000 ROA not before: Tue 26 Aug 2025 00:50:11 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 00:03:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:1e:ad:17:30:2e:d0:75:2a:ce:b9:55:ca:8c:45:44:f9:aa:23:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 26 00:50:11 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=0caec27630dbc56cca28bc18783866aebb34aa7e2c0d9788bc243c93d64369bb, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:88:6c:d0:76:c2:f4:ef:c3:b5:68:54:e6:c5: 20:82:87:0b:a5:a3:ff:25:9c:1f:80:86:88:67:b1: d5:5c:fd:ba:e9:61:0c:13:f9:22:c6:b7:c6:27:89: f3:71:18:8f:6d:43:69:47:23:3e:c1:12:9d:bb:d7: d9:c4:c5:75:30:01:86:34:1a:11:24:af:57:78:ff: 09:bf:ce:f0:da:07:b1:66:7a:78:69:d8:ac:3f:25: 09:b5:2f:7f:12:fe:82:38:62:97:50:79:30:15:21: ea:63:7c:0e:8c:d0:c2:15:50:a6:e3:ab:57:96:82: d7:cd:18:26:37:23:70:c5:f0:50:ef:59:69:d9:21: 81:e2:eb:49:08:7c:93:46:04:49:94:49:ec:0a:76: da:97:69:c8:8b:ad:04:4c:39:fd:a8:6a:73:0c:22: fa:1f:38:f4:e1:e1:6b:fd:a6:4e:d8:fd:26:41:29: 32:0a:d3:f7:c6:bd:c3:c2:10:6f:59:90:69:fd:ff: 8f:54:2c:ae:10:d3:89:57:2a:c3:92:a5:ab:14:ea: 1f:d5:4d:d8:11:f4:b5:44:66:47:c1:3f:4c:82:05: 64:7b:8a:07:cc:5a:00:1f:b7:32:40:80:cf:11:ec: d0:50:18:dd:f5:91:3b:c1:78:6d:6a:9e:d1:82:2e: 6a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:31:47:D9:19:83:5E:66:A4:3C:E5:A4:5E:10:FC:01:60:1C:14:B3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:4000::/40 Signature Algorithm: sha256WithRSAEncryption a9:40:9e:64:24:6b:49:fa:8e:ed:6e:cd:c9:e1:e9:6b:4e:c0: e2:b0:dc:3f:b7:38:e5:74:3c:79:73:ee:b3:94:c3:90:7c:d7: cb:c7:54:2f:0f:1b:6d:4c:21:db:3f:e8:1e:82:71:a7:4f:14: c5:de:02:b4:56:e9:cb:77:4a:0e:69:b1:0f:68:41:4a:81:28: 55:12:c6:a9:ac:75:cc:76:01:a0:02:6c:b1:d6:60:5c:50:b8: c2:60:1b:4b:fd:d3:80:99:48:df:13:e4:2f:f2:72:bb:c5:5d: 8e:6d:93:90:3b:03:f5:d4:63:1c:0c:08:5d:c5:d2:83:0d:28: 1b:16:51:b3:f9:8a:80:59:a9:29:b0:bf:9f:cd:74:0d:0b:d7: 83:07:d8:fe:fb:f8:68:d0:ac:95:51:09:2b:a0:68:0b:47:24: 1a:0f:38:35:59:99:a7:86:39:6b:be:cd:5b:09:19:90:fb:f8: cb:2d:10:f4:18:cd:4f:39:60:24:31:3c:58:e6:23:39:3b:71: 37:bf:0d:97:35:d4:e6:46:f5:95:ae:15:2f:37:57:04:75:a6: 25:ef:06:4a:b6:85:45:30:58:70:8a:35:4b:65:6a:1f:55:b4: b7:61:b5:ad:e1:6d:af:a3:47:d4:d9:01:33:90:ba:f3:af:65: 48:18:3d:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUx6tFzAu0HUqzrlVyoxFRPmqI0UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgyNjAwNTAxMVoX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAMGNhZWMyNzYzMGRiYzU2Y2NhMjhi YzE4NzgzODY2YWViYjM0YWE3ZTJjMGQ5Nzg4YmMyNDNjOTNkNjQzNjliYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIhs0HbC9O/DtWhU5sUggocLpaP/ JZwfgIaIZ7HVXP266WEME/kixrfGJ4nzcRiPbUNpRyM+wRKdu9fZxMV1MAGGNBoR JK9XeP8Jv87w2gexZnp4adisPyUJtS9/Ev6COGKXUHkwFSHqY3wOjNDCFVCm46tX loLXzRgmNyNwxfBQ71lp2SGB4utJCHyTRgRJlEnsCnbal2nIi60ETDn9qGpzDCL6 Hzj04eFr/aZO2P0mQSkyCtP3xr3DwhBvWZBp/f+PVCyuENOJVyrDkqWrFOof1U3Y EfS1RGZHwT9MggVke4oHzFoAH7cyQIDPEezQUBjd9ZE7wXhtap7Rgi5q7wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDcxR9kZg15mpDzlpF4Q/AFgHBSzMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBhZTA1ODg5LWViNmQtNDE0Yy04OGU5LWJjMjkzMTcxZjUzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+UAwDQYJKoZIhvcNAQELBQADggEBAKlAnmQka0n6ju1uzcnh 6WtOwOKw3D+3OOV0PHlz7rOUw5B818vHVC8PG21MIds/6B6CcadPFMXeArRW6ct3 Sg5psQ9oQUqBKFUSxqmsdcx2AaACbLHWYFxQuMJgG0v904CZSN8T5C/ycrvFXY5t k5A7A/XUYxwMCF3F0oMNKBsWUbP5ioBZqSmwv5/NdA0L14MH2P77+GjQrJVRCSug aAtHJBoPODVZmaeGOWu+zVsJGZD7+MstEPQYzU85YCQxPFjmIzk7cTe/DZc11OZG 9ZWuFS83VwR1piXvBkq2hUUwWHCKNUtlah9VtLdhta3hba+jR9TZATOQuvOvZUgY PZI= -----END CERTIFICATE-----Generated at Wed Sep 17 06:44:57 2025 by rpki-client