$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: h2stC4+VOBXJb32tqKEqyVWPqKogQ8cCUOUGnf6c+rQ= Subject key identifier: 88:E5:9D:A5:80:AA:73:12:2D:F7:59:BD:F2:E0:EA:20:BE:E7:75:05 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2BC5D7D4C80FF5C35F918518F7A0707473E47F64 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Tue 26 Aug 2025 00:50:12 +0000 ROA not before: Tue 26 Aug 2025 00:50:12 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:03:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:c5:d7:d4:c8:0f:f5:c3:5f:91:85:18:f7:a0:70:74:73:e4:7f:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 26 00:50:12 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=a7860a9e69612f14494c3fcc066d55b8092b0816c95941dd7fe3e608c8f23b3e, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:3a:d3:36:6b:59:9f:26:3a:2b:3f:1c:10:d8: 51:3b:cc:fe:0b:02:d1:94:8d:71:8f:28:9e:b4:c8: 1c:8b:ae:d5:03:91:35:2c:ee:1f:df:f0:c0:17:38: 75:64:a8:60:9d:b5:3a:34:83:80:c0:78:4c:ed:98: 0d:42:48:3e:0e:83:45:29:9d:30:26:68:a9:b6:68: 79:5b:9d:e7:54:ea:7c:40:f9:37:e7:9c:60:da:6f: ca:de:d4:e3:d1:5e:a5:c5:2c:b8:3d:36:4e:ce:a3: 72:3d:30:9e:2b:ef:ae:ec:11:bd:86:c7:cd:88:b9: 4e:3e:46:c7:44:cb:dd:72:9e:00:27:1f:d0:d1:ca: a9:4d:80:20:80:0c:92:4f:36:6a:43:94:9e:77:1a: 80:7f:e5:0d:6d:f2:f1:ed:4d:76:79:30:91:1e:25: 34:63:aa:db:55:a1:1f:5c:73:00:1b:f3:2c:67:7a: f7:87:f7:18:18:3a:93:5f:b1:f4:2d:10:f0:2f:6f: 1c:58:4f:f8:3c:b2:d8:87:2b:a5:d0:82:e3:94:f2: 77:50:54:27:7a:26:ca:6b:3c:0f:58:54:d1:f7:29: aa:60:f7:b5:9a:bc:0f:49:88:ed:7a:9e:e3:08:bb: 16:70:d8:f0:bf:15:9b:63:04:d7:cf:b4:83:70:11: c1:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:E5:9D:A5:80:AA:73:12:2D:F7:59:BD:F2:E0:EA:20:BE:E7:75:05 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption ac:ca:89:24:55:fe:35:30:a2:6b:49:79:eb:bf:7c:4a:90:fd: c2:5e:62:08:47:d1:b2:2b:75:2f:91:90:78:fe:21:ed:a3:31: f5:d4:5b:7b:e4:f3:3c:7e:8d:f5:67:2b:6f:11:68:29:b7:80: 52:36:a0:39:c3:dd:8a:1f:d1:f4:07:a9:49:39:0c:82:4f:94: 35:33:10:19:37:23:e8:3b:ec:0d:bc:b1:9e:56:2f:80:51:57: a6:33:f5:16:4f:95:f1:3c:04:21:b0:c1:37:01:73:b7:37:41: ff:c1:de:8d:bf:c5:73:bb:74:7f:33:85:e0:61:ad:16:63:a5: fd:62:a5:0d:9e:6f:a6:ec:d5:5e:32:d4:9c:e5:4e:37:71:12: d0:fd:a8:6e:01:b8:20:12:38:cc:5e:a5:0c:c6:3b:3e:01:5f: eb:7e:16:da:1a:d1:6c:35:61:19:31:32:35:75:6c:80:de:dc: 3d:41:31:5d:41:13:82:69:94:e4:bd:59:32:cc:75:2c:dc:aa: d1:99:be:5e:72:4d:8d:d2:b4:ac:03:23:7f:5f:f4:80:0f:f1: b0:50:c0:69:94:a6:4e:1a:bd:3f:84:65:f3:41:62:78:2d:f6: f1:25:29:9e:94:ad:a9:c3:1f:da:6d:83:51:ef:ac:48:b5:67: a0:5d:93:0b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUK8XX1MgP9cNfkYUY96BwdHPkf2QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgyNjAwNTAxMloX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAYTc4NjBhOWU2OTYxMmYxNDQ5NGMz ZmNjMDY2ZDU1YjgwOTJiMDgxNmM5NTk0MWRkN2ZlM2U2MDhjOGYyM2IzZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TrTNmtZnyY6Kz8cENhRO8z+CwLR lI1xjyietMgci67VA5E1LO4f3/DAFzh1ZKhgnbU6NIOAwHhM7ZgNQkg+DoNFKZ0w Jmiptmh5W53nVOp8QPk355xg2m/K3tTj0V6lxSy4PTZOzqNyPTCeK++u7BG9hsfN iLlOPkbHRMvdcp4AJx/Q0cqpTYAggAySTzZqQ5SedxqAf+UNbfLx7U12eTCRHiU0 Y6rbVaEfXHMAG/MsZ3r3h/cYGDqTX7H0LRDwL28cWE/4PLLYhyul0ILjlPJ3UFQn eibKazwPWFTR9ymqYPe1mrwPSYjtep7jCLsWcNjwvxWbYwTXz7SDcBHBiQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIjlnaWAqnMSLfdZvfLg6iC+53UFMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBAKzKiSRV/jUwomtJeeu/ fEqQ/cJeYghH0bIrdS+RkHj+Ie2jMfXUW3vk8zx+jfVnK28RaCm3gFI2oDnD3Yof 0fQHqUk5DIJPlDUzEBk3I+g77A28sZ5WL4BRV6Yz9RZPlfE8BCGwwTcBc7c3Qf/B 3o2/xXO7dH8zheBhrRZjpf1ipQ2eb6bs1V4y1JzlTjdxEtD9qG4BuCASOMxepQzG Oz4BX+t+Ftoa0Ww1YRkxMjV1bIDe3D1BMV1BE4JplOS9WTLMdSzcqtGZvl5yTY3S tKwDI39f9IAP8bBQwGmUpk4avT+EZfNBYngt9vElKZ6UranDH9ptg1HvrEi1Z6Bd kws= -----END CERTIFICATE-----Generated at Thu Sep 18 04:08:05 2025 by rpki-client