$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa File: 018dea0d-42eb-4d58-8914-636d25ca3b3c.roa (raw, json) Hash identifier: nBjYVsa0XbZPEAQZobyJZl/bVPcFv8k4VRgdSbE24o0= Subject key identifier: 87:7D:DA:3B:01:8A:AB:5E:EF:72:A7:A3:1F:86:70:C3:78:E4:67:A6 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 70C44404AF3A92F8C1A8FFBCDB1F677C5C207DD2 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa Signing time: Mon 04 Aug 2025 15:00:44 +0000 ROA not before: Mon 04 Aug 2025 15:00:44 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:c4:44:04:af:3a:92:f8:c1:a8:ff:bc:db:1f:67:7c:5c:20:7d:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:44 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=0ca1687d83edfccdd09fb14318814c562a22bbb28f8888938b89f7e6b26052ab, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:8d:ab:9e:f6:64:46:ba:57:72:7f:c5:6e:2e: ab:9b:33:05:3a:17:84:39:5b:d1:6a:de:e2:77:cf: 11:9c:14:29:4b:3a:c6:ba:8e:98:4d:bc:55:f7:73: 5c:90:cd:12:30:76:ad:0c:89:b6:19:3f:e2:b6:f0: 01:32:bf:dc:92:90:19:31:d3:9e:a2:8c:d6:4e:f9: 35:e0:41:52:37:89:84:c6:c4:a0:20:87:0a:b8:72: 16:fd:59:cb:0d:5c:4e:32:4c:e6:d3:cc:cf:de:15: 5d:4f:9b:72:8b:f2:b6:8f:a4:86:2a:ef:18:65:26: bf:ef:b6:13:d9:e1:0f:bb:18:09:64:c8:c8:6b:ad: 54:aa:55:a0:a0:ea:bb:d8:ad:13:15:e7:cd:aa:d6: 3e:1a:a8:97:4e:03:e6:1e:65:f5:5c:ed:a8:68:3a: 69:56:a9:31:9c:dc:62:13:06:af:8e:1e:7b:59:dd: af:e7:85:47:24:ef:0a:76:42:8e:18:a7:84:cb:76: 91:5e:3a:d0:2b:c3:2e:ed:dd:a8:bd:a5:51:d6:2f: 12:01:85:4c:fd:31:b6:91:d0:bd:c9:df:3b:a0:48: ab:b7:0a:e9:d5:cf:84:1c:0a:72:17:14:e8:ee:77: 4f:ad:98:a3:e5:b5:c3:17:d7:e9:42:90:69:c0:7c: 76:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:7D:DA:3B:01:8A:AB:5E:EF:72:A7:A3:1F:86:70:C3:78:E4:67:A6 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:800::/38 Signature Algorithm: sha256WithRSAEncryption 32:68:fc:a1:ba:45:a8:da:74:65:f7:8d:57:9c:29:bc:b1:3f: 75:e6:3b:02:ca:b2:bc:18:e7:19:80:24:86:83:5e:0f:3e:ce: f0:99:7b:0b:09:a6:20:90:13:ab:ec:0d:56:3e:86:d9:cf:52: 49:ad:0e:e4:1d:65:82:71:fa:ad:3e:50:64:32:cf:31:2c:e1: 9c:e2:62:f1:97:58:bf:63:68:2a:07:82:9f:9f:fd:c1:81:22: 5b:45:61:78:11:c8:3b:aa:4f:41:f5:61:7d:53:17:91:e4:cf: 99:e4:9f:76:e9:ba:49:ca:0d:8e:c0:12:2a:63:57:f4:a1:47: 9b:b1:6c:0c:42:e2:a9:fa:24:7c:28:79:a7:4e:af:97:bd:42: 75:c6:ed:d9:bf:e5:92:2a:96:2b:83:6d:65:b7:6e:94:3d:87: fe:23:f2:3c:95:9c:9b:cd:8e:ad:b0:89:d3:6f:4b:84:3e:f6: bd:da:19:e9:32:66:cb:0e:7f:2d:f4:3a:50:31:78:ad:f2:26: 4c:75:bb:1c:21:01:a2:33:5e:8e:1d:33:c7:77:5c:25:89:ac: 79:b9:37:e6:4e:ba:bc:77:ae:9c:e4:5e:0f:d0:9c:4a:66:bb: 26:ae:4d:86:65:80:5b:fe:08:13:98:94:f2:ee:1b:24:be:4f: 85:cc:a3:dd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcMREBK86kvjBqP+82x9nfFwgfdIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA0NFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAMGNhMTY4N2Q4M2VkZmNjZGQwOWZi MTQzMTg4MTRjNTYyYTIyYmJiMjhmODg4ODkzOGI4OWY3ZTZiMjYwNTJhYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0o2rnvZkRrpXcn/Fbi6rmzMFOheE OVvRat7id88RnBQpSzrGuo6YTbxV93NckM0SMHatDIm2GT/itvABMr/ckpAZMdOe oozWTvk14EFSN4mExsSgIIcKuHIW/VnLDVxOMkzm08zP3hVdT5tyi/K2j6SGKu8Y ZSa/77YT2eEPuxgJZMjIa61UqlWgoOq72K0TFefNqtY+GqiXTgPmHmX1XO2oaDpp VqkxnNxiEwavjh57Wd2v54VHJO8KdkKOGKeEy3aRXjrQK8Mu7d2ovaVR1i8SAYVM /TG2kdC9yd87oEirtwrp1c+EHApyFxTo7ndPrZij5bXDF9fpQpBpwHx2bwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFId92jsBiqte73Knox+GcMN45GemMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzAxOGRlYTBkLTQyZWItNGQ1OC04OTE0LTYzNmQyNWNhM2IzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAgwDQYJKoZIhvcNAQELBQADggEBADJo/KG6RajadGX3jVec KbyxP3XmOwLKsrwY5xmAJIaDXg8+zvCZewsJpiCQE6vsDVY+htnPUkmtDuQdZYJx +q0+UGQyzzEs4ZziYvGXWL9jaCoHgp+f/cGBIltFYXgRyDuqT0H1YX1TF5Hkz5nk n3bpuknKDY7AEipjV/ShR5uxbAxC4qn6JHwoeadOr5e9QnXG7dm/5ZIqliuDbWW3 bpQ9h/4j8jyVnJvNjq2widNvS4Q+9r3aGekyZssOfy30OlAxeK3yJkx1uxwhAaIz Xo4dM8d3XCWJrHm5N+ZOurx3rpzkXg/QnEpmuyauTYZlgFv+CBOYlPLuGyS+T4XM o90= -----END CERTIFICATE-----Generated at Mon Aug 4 21:36:35 2025 by rpki-client