$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa File: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (raw, json) Hash identifier: LEsHZlVqR+UOPTAuaWcImB/YeNRHz81Qh5sqUAvk0o0= Subject key identifier: 04:CD:0B:F6:E8:CF:BB:4F:9A:FC:65:6F:C7:9A:AB:B1:4A:24:76:DE Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 125DC2537B43F3BC8FAA39583940C0E16D75BEA6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa Signing time: Fri 01 Aug 2025 00:50:10 +0000 ROA not before: Fri 01 Aug 2025 00:50:10 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:5d:c2:53:7b:43:f3:bc:8f:aa:39:58:39:40:c0:e1:6d:75:be:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 1 00:50:10 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=05b3501a308b690e91b8afdedc18f9f8dee6c4c54c7fc6c82726d3c0a878f3c8, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:ef:e5:d1:a6:59:c5:1f:51:27:4a:95:ce:3a: 29:26:de:9a:84:4b:0a:93:cb:15:68:11:6e:5e:70: f2:94:0d:4f:ed:55:7a:63:21:3b:5f:5f:fd:89:74: 41:e3:79:a0:91:15:6c:da:60:22:e3:49:d0:46:a9: 7f:01:04:e8:b7:ee:c6:f1:fd:0b:0a:bc:be:a1:91: 84:0d:c4:33:4d:7f:00:53:8c:b9:4c:2c:a8:b4:3f: f5:89:de:fa:10:30:5a:d4:86:4b:0e:8a:9a:e4:4e: 4c:79:37:2d:6a:d8:c7:c1:f4:12:2b:e0:5c:b4:bc: 74:51:67:1b:49:77:ae:04:6d:bc:f1:a2:43:89:34: ac:22:99:ba:25:c4:ab:ce:6e:6c:2a:06:c6:27:75: da:78:43:dd:db:18:4f:b5:33:0c:29:86:59:c4:28: 67:2b:00:18:47:f1:ad:5b:2b:b4:c8:11:89:10:ae: 76:b9:6d:b2:5e:3e:e9:c3:a2:6c:42:a3:af:37:3e: b3:12:d8:02:0d:ec:17:d9:7c:e8:dc:75:0b:bd:3b: ba:3c:68:6c:d1:51:c2:77:30:37:76:ff:3e:f2:28: 3c:e7:02:64:4e:63:5b:b7:9b:ab:cb:f1:33:24:ba: 3c:26:a3:33:f5:d9:a1:ed:03:3e:a1:02:5c:ec:93: b8:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:CD:0B:F6:E8:CF:BB:4F:9A:FC:65:6F:C7:9A:AB:B1:4A:24:76:DE X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:4000::/40 Signature Algorithm: sha256WithRSAEncryption 11:8b:cf:b0:5d:1e:76:fc:e7:88:97:e2:13:c9:8f:1f:64:cc: ba:f6:14:3c:73:49:23:a3:ce:04:bd:2d:1d:82:3d:89:0a:d6: fa:30:2a:f6:18:c4:da:d9:76:63:58:3a:28:09:1f:37:6f:49: 7d:9d:7d:47:36:c6:cc:81:a9:9f:b1:2d:f4:db:7d:72:98:6e: 81:66:d7:e4:41:78:59:67:24:e1:f3:36:fa:a3:8d:0a:3d:b7: 4c:33:8c:b5:8d:0e:6d:37:91:31:5a:4b:7a:99:c2:cd:ac:27: 06:5a:f7:d6:d6:c3:29:b9:ed:0d:b2:7b:f3:e8:ec:25:e7:1c: 56:0d:7d:ac:de:12:5c:1b:95:05:ff:d0:fd:eb:5a:8a:9f:a3: 75:cd:ba:b7:c8:3b:e0:ef:1a:e9:a7:82:25:76:c8:a2:b2:4e: 42:77:c8:26:b9:ad:a0:3a:11:69:23:7c:cf:0f:12:04:67:6a: 6f:b3:a5:5d:ed:31:5c:61:99:ae:7d:f2:3d:9a:53:0e:f8:a9: 82:e0:03:c4:be:29:00:ad:b8:fa:f5:ff:13:69:f5:43:79:18: 7a:8f:bf:3c:e2:64:fd:6a:a6:9f:2d:c3:b7:36:30:7c:b4:66: de:c1:1b:55:7a:17:ff:2e:ea:ef:2b:40:0c:ab:4a:9e:ae:26: 35:00:d6:1c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEl3CU3tD87yPqjlYOUDA4W11vqYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwMTAwNTAxMFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAMDViMzUwMWEzMDhiNjkwZTkxYjhh ZmRlZGMxOGY5ZjhkZWU2YzRjNTRjN2ZjNmM4MjcyNmQzYzBhODc4ZjNjODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+/l0aZZxR9RJ0qVzjopJt6ahEsK k8sVaBFuXnDylA1P7VV6YyE7X1/9iXRB43mgkRVs2mAi40nQRql/AQTot+7G8f0L Cry+oZGEDcQzTX8AU4y5TCyotD/1id76EDBa1IZLDoqa5E5MeTctatjHwfQSK+Bc tLx0UWcbSXeuBG288aJDiTSsIpm6JcSrzm5sKgbGJ3XaeEPd2xhPtTMMKYZZxChn KwAYR/GtWyu0yBGJEK52uW2yXj7pw6JsQqOvNz6zEtgCDewX2Xzo3HULvTu6PGhs 0VHCdzA3dv8+8ig85wJkTmNbt5ury/EzJLo8JqMz9dmh7QM+oQJc7JO4IwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFATNC/boz7tPmvxlb8eaq7FKJHbeMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBhZTA1ODg5LWViNmQtNDE0Yy04OGU5LWJjMjkzMTcxZjUzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+UAwDQYJKoZIhvcNAQELBQADggEBABGLz7BdHnb854iX4hPJ jx9kzLr2FDxzSSOjzgS9LR2CPYkK1vowKvYYxNrZdmNYOigJHzdvSX2dfUc2xsyB qZ+xLfTbfXKYboFm1+RBeFlnJOHzNvqjjQo9t0wzjLWNDm03kTFaS3qZws2sJwZa 99bWwym57Q2ye/Po7CXnHFYNfazeElwblQX/0P3rWoqfo3XNurfIO+DvGumngiV2 yKKyTkJ3yCa5raA6EWkjfM8PEgRnam+zpV3tMVxhma598j2aUw74qYLgA8S+KQCt uPr1/xNp9UN5GHqPvzziZP1qpp8tw7c2MHy0Zt7BG1V6F/8u6u8rQAyrSp6uJjUA 1hw= -----END CERTIFICATE-----Generated at Mon Aug 4 21:47:03 2025 by rpki-client