$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa File: 3537691c-1a10-4699-a8a0-4cec50a35534.roa (raw, json) Hash identifier: hm/1TBCw5PErbU+EA04cX6z+ipp1f3/5yDbVtZLtyV0= Subject key identifier: FF:28:F6:BD:17:A4:4C:C8:02:91:48:E3:61:4A:D3:6E:26:2B:34:EF Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 07936F9BB30725555303BEA3BEE37A121A5B7CC7 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa Signing time: Tue 26 Aug 2025 00:50:09 +0000 ROA not before: Tue 26 Aug 2025 00:50:09 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:03:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:93:6f:9b:b3:07:25:55:53:03:be:a3:be:e3:7a:12:1a:5b:7c:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 26 00:50:09 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=c72b31dc4e5bdfe926ee9cbae498f12bf944be70947aaa98231cc388f875d13e, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c8:18:d2:4d:15:4d:80:9a:a6:4b:ab:1c:6e: 05:bf:c6:08:fd:0e:09:43:08:72:b0:45:38:70:fe: 0a:52:8f:3a:1f:7f:4f:d0:b0:fd:d4:93:2a:32:cf: a1:13:d7:33:36:5c:c9:c0:d4:bc:0d:e1:50:c5:71: 65:a5:f0:67:9e:ff:85:51:de:39:e1:61:ba:91:c1: 41:e5:28:17:96:24:99:fd:f0:13:4e:0d:9c:5d:15: ac:33:3f:35:ce:78:f5:86:b6:f7:6f:de:8e:17:96: 85:e4:b0:9d:f5:94:84:ff:c5:9b:ae:f0:db:f7:76: bc:18:aa:8b:55:a5:a4:4b:b8:8e:42:2d:9b:b9:30: a6:ea:95:c4:07:d6:fb:ad:72:76:d9:d8:a1:2c:82: 31:cd:17:62:08:80:d3:5a:23:f9:26:3f:cb:fb:ce: 12:8c:e0:12:14:59:35:2a:e7:e5:52:d5:5c:e4:c8: 5e:4f:a1:a1:0c:fe:8e:e8:8d:23:eb:31:ba:a8:c9: 4f:03:23:c5:8a:0c:39:ee:07:43:31:31:ef:82:1b: a1:be:d5:14:41:44:ec:47:c1:e3:91:03:84:c3:36: e2:56:30:c3:fc:b2:3c:7b:7c:19:ba:83:b6:c5:12: bb:94:d5:c6:84:91:74:8f:04:00:d7:6e:5c:85:b3: 77:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:28:F6:BD:17:A4:4C:C8:02:91:48:E3:61:4A:D3:6E:26:2B:34:EF X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:8000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:0a:a5:f9:b8:5c:d5:24:18:2a:59:f9:26:2f:5d:26:8c:89: 53:eb:1a:75:d7:02:55:92:eb:c2:bf:5c:97:df:b7:9c:58:fe: 2a:95:93:da:88:cf:0b:a6:a6:cb:df:b8:4b:9d:c5:12:f9:e6: c2:a5:10:3d:d0:4e:a7:20:87:27:92:73:8d:4d:70:fa:97:c0: a6:4e:7d:74:4c:d2:5b:91:db:a5:ee:54:63:09:aa:1e:7e:6b: 77:67:84:07:6e:a2:b3:75:58:2b:e4:bc:99:75:72:31:23:21: 39:93:35:39:02:7d:20:1c:fb:2a:e6:4f:da:87:77:b7:5d:2c: 6d:0a:a4:d9:aa:48:f9:be:f6:86:d8:9e:ae:89:cc:90:8a:e4: 0c:38:31:81:b5:da:dc:e0:0c:d6:bd:74:ff:ee:3f:85:de:6c: b7:5f:41:2f:bc:16:16:1e:a0:8c:33:32:39:7c:d6:ce:4d:34: d1:41:b5:1f:fe:ef:f1:85:4b:7a:32:99:97:7a:af:5d:e0:f4: d5:db:c1:8a:ff:44:ff:47:98:11:d7:09:98:37:96:6b:a7:65: 13:1f:28:64:63:c3:d3:e0:7c:db:ab:a9:00:1c:4b:f2:d1:16: 32:46:09:6b:f1:d4:1d:6c:01:9a:e0:37:55:16:93:07:c3:d5: f8:13:f3:73 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUB5Nvm7MHJVVTA76jvuN6EhpbfMcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgyNjAwNTAwOVoX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAYzcyYjMxZGM0ZTViZGZlOTI2ZWU5 Y2JhZTQ5OGYxMmJmOTQ0YmU3MDk0N2FhYTk4MjMxY2MzODhmODc1ZDEzZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusgY0k0VTYCapkurHG4Fv8YI/Q4J QwhysEU4cP4KUo86H39P0LD91JMqMs+hE9czNlzJwNS8DeFQxXFlpfBnnv+FUd45 4WG6kcFB5SgXliSZ/fATTg2cXRWsMz81znj1hrb3b96OF5aF5LCd9ZSE/8WbrvDb 93a8GKqLVaWkS7iOQi2buTCm6pXEB9b7rXJ22dihLIIxzRdiCIDTWiP5Jj/L+84S jOASFFk1KuflUtVc5MheT6GhDP6O6I0j6zG6qMlPAyPFigw57gdDMTHvghuhvtUU QUTsR8HjkQOEwzbiVjDD/LI8e3wZuoO2xRK7lNXGhJF0jwQA125chbN3rQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP8o9r0XpEzIApFI42FK024mKzTvMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1Mzc2OTFjLTFhMTAtNDY5OS1hOGEwLTRjZWM1MGEzNTUzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+oAwDQYJKoZIhvcNAQELBQADggEBAA4Kpfm4XNUkGCpZ+SYv XSaMiVPrGnXXAlWS68K/XJfft5xY/iqVk9qIzwumpsvfuEudxRL55sKlED3QTqcg hyeSc41NcPqXwKZOfXRM0luR26XuVGMJqh5+a3dnhAduorN1WCvkvJl1cjEjITmT NTkCfSAc+yrmT9qHd7ddLG0KpNmqSPm+9obYnq6JzJCK5Aw4MYG12tzgDNa9dP/u P4XebLdfQS+8FhYeoIwzMjl81s5NNNFBtR/+7/GFS3oymZd6r13g9NXbwYr/RP9H mBHXCZg3lmunZRMfKGRjw9PgfNurqQAcS/LRFjJGCWvx1B1sAZrgN1UWkwfD1fgT 83M= -----END CERTIFICATE-----Generated at Thu Sep 18 01:19:02 2025 by rpki-client