$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: ljSzACGEpXGjoOO8d0XrMz136KlmQGFUY8SD9a8SlQs= Subject key identifier: 5E:D8:D7:84:AF:9F:DC:CB:F6:99:04:11:B7:A0:7A:45:FF:FD:B1:A7 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3EE4B5DDB49FD50CDA6B8CE09EE2D7B09BDCE722 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Tue 26 Aug 2025 00:50:06 +0000 ROA not before: Tue 26 Aug 2025 00:50:06 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:03:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:e4:b5:dd:b4:9f:d5:0c:da:6b:8c:e0:9e:e2:d7:b0:9b:dc:e7:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 26 00:50:06 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=6d34c546b4b956cc0579f69cc0e92de152ebe53268b0550f32d1fd8b45822600, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:44:ce:5a:43:22:3f:34:47:5d:12:fd:0e:07: 5f:fd:79:72:a3:f5:2c:e9:9b:39:d9:7f:b0:bb:25: 38:13:79:65:b7:85:2c:a2:1b:06:60:68:90:ce:fe: f2:d2:56:41:26:e5:a8:4c:24:79:c0:de:1d:c5:af: a7:fa:b2:3c:12:6e:18:37:9f:2b:15:f5:14:6c:d0: e3:8a:35:23:be:a7:da:22:26:52:9e:12:23:08:3c: 54:16:a4:de:96:7a:88:b5:f4:8a:06:3a:d5:e1:ee: 05:f2:28:c2:e7:6c:5a:99:ef:2e:83:cd:5e:59:9b: dd:45:6a:a4:40:cf:4b:87:eb:72:9d:91:53:1e:bc: 8b:d7:d1:bb:68:e0:e3:a3:a1:05:5b:f0:bc:f6:1e: 10:42:ea:98:da:16:a5:71:a0:e0:58:df:c4:2f:f4: 6c:ac:2c:82:1e:62:99:34:40:ed:c3:8d:f9:e2:11: 40:5f:6b:fe:de:71:19:fb:08:aa:50:0b:88:80:f9: 36:fe:6b:4a:4e:34:5e:b0:c5:21:74:95:04:fe:d1: a6:49:51:80:c9:3e:29:ff:57:03:4c:20:59:2b:64: c5:48:e3:54:92:b3:17:f1:2e:54:4b:03:3f:f9:42: 61:f9:87:91:e4:8f:d4:db:c8:ce:01:9e:6f:b9:a2: 21:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:D8:D7:84:AF:9F:DC:CB:F6:99:04:11:B7:A0:7A:45:FF:FD:B1:A7 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 16:91:de:2a:ac:b7:8d:20:fd:41:bd:17:a6:de:84:e5:0b:35: a2:5c:74:ab:63:d3:66:ff:8f:23:08:c0:2a:8d:bf:83:31:86: e4:c4:a7:13:c8:d1:40:09:c9:5d:f4:95:52:3a:d7:a3:f4:3c: 77:3e:4a:9b:c5:81:ca:01:c5:c7:54:29:c6:e0:ec:6d:db:6e: 83:09:1e:c0:29:19:62:40:fc:a3:e0:0f:e5:8a:76:95:5d:b0: b7:cb:3a:00:89:b5:20:a1:15:55:8b:5f:03:b3:d8:82:a5:39: 38:ef:d2:8a:27:c8:e9:b5:d2:3b:7d:f5:ac:60:36:a1:1e:9b: ca:50:bd:fc:5e:7d:80:03:55:57:0a:f8:1b:ad:57:1e:f7:52: 09:c2:2c:00:55:39:51:e8:b8:b9:68:66:6d:f3:48:dd:7f:0c: 3e:98:dd:15:7b:d8:23:e5:79:1d:37:af:06:e0:bc:50:34:e0: f2:c2:e7:37:d0:ca:f3:98:87:a5:59:05:9f:b8:12:b9:bf:67: 98:1a:db:e0:63:16:54:91:d7:6b:18:76:12:58:00:82:90:52: 50:a7:ee:b6:46:d8:38:b5:55:5e:71:25:05:d1:7c:5a:ae:02: 88:d1:7b:d6:ae:83:62:4f:05:9e:d7:39:9d:bc:b2:22:e8:9c: 19:d2:0b:78 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPuS13bSf1Qzaa4zgnuLXsJvc5yIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgyNjAwNTAwNloX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNANmQzNGM1NDZiNGI5NTZjYzA1Nzlm NjljYzBlOTJkZTE1MmViZTUzMjY4YjA1NTBmMzJkMWZkOGI0NTgyMjYwMDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjETOWkMiPzRHXRL9Dgdf/Xlyo/Us 6Zs52X+wuyU4E3llt4UsohsGYGiQzv7y0lZBJuWoTCR5wN4dxa+n+rI8Em4YN58r FfUUbNDjijUjvqfaIiZSnhIjCDxUFqTelnqItfSKBjrV4e4F8ijC52xame8ug81e WZvdRWqkQM9Lh+tynZFTHryL19G7aODjo6EFW/C89h4QQuqY2halcaDgWN/EL/Rs rCyCHmKZNEDtw4354hFAX2v+3nEZ+wiqUAuIgPk2/mtKTjResMUhdJUE/tGmSVGA yT4p/1cDTCBZK2TFSONUkrMX8S5USwM/+UJh+YeR5I/U28jOAZ5vuaIh9wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF7Y14Svn9zL9pkEEbegekX//bGnMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBABaR3iqst40g/UG9F6be hOULNaJcdKtj02b/jyMIwCqNv4MxhuTEpxPI0UAJyV30lVI616P0PHc+SpvFgcoB xcdUKcbg7G3bboMJHsApGWJA/KPgD+WKdpVdsLfLOgCJtSChFVWLXwOz2IKlOTjv 0oonyOm10jt99axgNqEem8pQvfxefYADVVcK+ButVx73UgnCLABVOVHouLloZm3z SN1/DD6Y3RV72CPleR03rwbgvFA04PLC5zfQyvOYh6VZBZ+4Erm/Z5ga2+BjFlSR 12sYdhJYAIKQUlCn7rZG2Di1VV5xJQXRfFquAojRe9aug2JPBZ7XOZ28siLonBnS C3g= -----END CERTIFICATE-----Generated at Thu Sep 18 01:32:58 2025 by rpki-client