$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json) Hash identifier: tp4E3yB+cB/RJwazrkFuLpGR9LDH+vVcfd9EWPQli34= Subject key identifier: 53:36:E1:08:77:DF:4E:0F:48:6D:BB:D5:09:A6:64:1D:16:48:56:88 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2426E6575DEE92FB54E2D086F644FA1E0BF48855 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa Signing time: Tue 26 Aug 2025 00:50:11 +0000 ROA not before: Tue 26 Aug 2025 00:50:11 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:03:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:26:e6:57:5d:ee:92:fb:54:e2:d0:86:f6:44:fa:1e:0b:f4:88:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 26 00:50:11 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=e9edae0adb7b18edb1760028189d5085741a75b294026ac0b2274b2b270b8739, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:99:97:03:35:17:2d:e4:53:62:db:0c:f8:14: 8a:ca:0e:29:10:87:27:02:73:04:d4:ee:20:56:3e: 12:e9:a9:74:3e:0e:ef:bd:a4:27:68:e1:63:b3:d4: e0:82:51:22:1f:a8:ef:5d:9a:69:bb:2c:0d:24:b4: 5e:5e:88:65:71:69:27:27:83:29:2e:ae:e6:01:44: 23:e1:e0:3b:34:9e:da:42:46:2c:1d:dd:a5:62:21: 7b:26:f8:8c:e0:9a:80:43:c6:52:91:7a:36:fe:0f: 50:ec:7f:14:af:ce:8a:bd:99:9f:f2:18:33:db:b9: 74:71:e4:7c:b4:96:fd:86:38:f3:d3:6d:d8:1e:c0: 01:d9:8f:d2:dc:2b:0e:dc:43:c2:21:be:d0:a8:45: 45:ff:0c:8c:71:34:48:31:01:11:aa:b0:40:b7:e6: f5:20:af:37:a5:d7:8e:14:37:58:b3:52:eb:24:61: dc:dd:fb:db:4b:dc:54:bf:de:b7:08:49:b7:e0:13: b5:68:59:7e:99:88:3e:84:48:6c:13:88:fc:39:39: 25:9c:4c:67:de:ac:7a:a6:6e:6b:de:95:4c:31:03: 7f:30:5f:bd:85:b8:c8:aa:45:1a:44:6c:41:bb:5a: 8a:1c:8d:27:a2:20:fc:84:49:66:9b:90:4e:e0:d1: 04:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:36:E1:08:77:DF:4E:0F:48:6D:BB:D5:09:A6:64:1D:16:48:56:88 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:4000::/40 Signature Algorithm: sha256WithRSAEncryption a9:26:45:60:c0:46:3d:f8:d1:cd:4d:53:7a:9d:87:d5:4a:94: 02:f0:2b:06:92:32:e9:1e:ab:fc:f2:33:71:f7:51:b7:31:a1: 61:99:30:7e:3d:99:0c:20:63:5c:10:a3:53:6e:fa:37:9b:7e: 61:a3:ed:12:63:02:da:40:fe:09:c2:44:62:28:02:46:8b:c7: 0f:bc:66:c2:b6:55:9c:78:cc:85:d2:69:13:e3:54:8d:ca:0e: 31:e8:26:30:00:34:c2:12:f3:26:41:62:0b:bd:96:af:43:00: f2:c5:2f:9b:01:a3:03:01:55:07:77:90:42:79:b6:16:e8:51: 6d:1b:7d:44:e5:5c:82:a2:78:0d:fb:8b:dc:1c:23:aa:2e:f5: f0:00:61:9f:3b:43:93:0e:8f:82:4c:64:54:51:f2:04:64:02: a6:a1:42:03:e0:4f:88:d7:5b:d7:0c:5b:17:12:93:b7:b2:2e: 94:bc:01:54:c6:b5:d3:6f:04:f7:7e:bf:5a:68:ad:90:61:99: 23:0f:90:85:25:b0:f8:69:69:5a:52:6e:91:8f:43:de:3e:89: de:c5:f1:5f:08:a3:b8:3c:59:d8:e3:89:2e:69:8f:9b:ec:74: 8f:91:f5:14:15:f0:85:98:e3:e1:7b:a7:12:0e:ce:2f:69:4d: 2a:bb:89:be -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJCbmV13ukvtU4tCG9kT6Hgv0iFUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgyNjAwNTAxMVoX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAZTllZGFlMGFkYjdiMThlZGIxNzYw MDI4MTg5ZDUwODU3NDFhNzViMjk0MDI2YWMwYjIyNzRiMmIyNzBiODczOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5mXAzUXLeRTYtsM+BSKyg4pEIcn AnME1O4gVj4S6al0Pg7vvaQnaOFjs9TgglEiH6jvXZppuywNJLReXohlcWknJ4Mp Lq7mAUQj4eA7NJ7aQkYsHd2lYiF7JviM4JqAQ8ZSkXo2/g9Q7H8Ur86KvZmf8hgz 27l0ceR8tJb9hjjz023YHsAB2Y/S3CsO3EPCIb7QqEVF/wyMcTRIMQERqrBAt+b1 IK83pdeOFDdYs1LrJGHc3fvbS9xUv963CEm34BO1aFl+mYg+hEhsE4j8OTklnExn 3qx6pm5r3pVMMQN/MF+9hbjIqkUaRGxBu1qKHI0noiD8hElmm5BO4NEEywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFM24Qh3304PSG271QmmZB0WSFaIMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBAKkmRWDARj340c1NU3qd h9VKlALwKwaSMukeq/zyM3H3UbcxoWGZMH49mQwgY1wQo1Nu+jebfmGj7RJjAtpA /gnCRGIoAkaLxw+8ZsK2VZx4zIXSaRPjVI3KDjHoJjAANMIS8yZBYgu9lq9DAPLF L5sBowMBVQd3kEJ5thboUW0bfUTlXIKieA37i9wcI6ou9fAAYZ87Q5MOj4JMZFRR 8gRkAqahQgPgT4jXW9cMWxcSk7eyLpS8AVTGtdNvBPd+v1porZBhmSMPkIUlsPhp aVpSbpGPQ94+id7F8V8Io7g8WdjjiS5pj5vsdI+R9RQV8IWY4+F7pxIOzi9pTSq7 ib4= -----END CERTIFICATE-----Generated at Thu Sep 18 11:53:21 2025 by rpki-client