$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa File: 0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa (raw, json) Hash identifier: DQLhdi8U7N2mWPy0YCY+pLC2qk1ss6I+kdBU6zDYQkw= Subject key identifier: B3:2D:37:A7:57:E7:86:25:75:02:C4:EA:4C:0F:F3:82:66:CC:EC:F0 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 33A3D61FDD421B1BDA9426779F13C73E115507FE Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa Signing time: Mon 04 Aug 2025 15:00:48 +0000 ROA not before: Mon 04 Aug 2025 15:00:48 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:a3:d6:1f:dd:42:1b:1b:da:94:26:77:9f:13:c7:3e:11:55:07:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:48 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=0b219dde9ea1a712a6d1786988956b8d8fe645f37870aa0f91b64b47a6b64199, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:2c:27:34:61:93:70:82:b4:a6:7a:43:8e:f0: 33:68:81:0b:2f:f1:14:b6:42:05:f7:47:66:4b:85: 41:e8:a2:02:fe:1f:0b:11:3a:42:1c:41:91:23:14: 4d:7a:5a:4b:38:19:23:7c:5e:c9:57:48:19:a3:4d: 2f:85:80:60:ae:fa:07:fc:0e:d4:ed:1a:35:16:85: 5e:8a:cb:59:58:66:0d:63:2b:55:5a:af:0a:18:56: 25:e0:5d:42:c5:15:69:be:27:84:a2:37:80:c0:5c: 3a:d3:73:af:f5:8f:ad:fa:a5:fc:1d:80:0d:58:be: 21:a9:93:db:24:9b:fd:c4:33:11:bf:93:a1:a6:29: 05:1e:b4:5e:ca:c3:9e:f7:10:e5:31:18:f8:3c:fb: 40:e3:0b:ab:a7:0f:65:b7:ce:dc:6d:4b:04:6a:0f: 86:bf:d7:a4:7c:f9:9a:03:7e:ed:00:51:dd:95:64: ca:3f:be:57:b8:3d:d1:6b:90:7c:b1:48:7d:0f:10: 81:00:27:9c:41:33:8e:d3:a0:34:c3:8d:27:e5:cf: 46:e2:f1:73:80:c0:0e:5b:f3:ea:b5:fd:06:d6:a9: 4f:0e:5b:39:0c:c9:d9:6d:2a:7d:3c:37:56:06:cc: 95:4c:a5:09:87:56:ea:ca:7d:4b:fd:96:c4:28:05: 47:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:2D:37:A7:57:E7:86:25:75:02:C4:EA:4C:0F:F3:82:66:CC:EC:F0 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014::/36 Signature Algorithm: sha256WithRSAEncryption 2e:83:7d:94:7e:f8:86:d3:6f:8f:bb:e4:72:22:5a:c3:5d:3f: af:1d:3c:f4:fc:ca:c5:70:c0:70:40:e0:da:5c:29:a1:61:02: 1f:e1:9b:38:d2:ad:9d:f6:7b:a3:75:1c:97:0a:02:ec:94:bc: 6e:63:dd:48:f9:0c:cb:dd:2c:dd:3f:19:50:89:9a:a9:0c:90: 8b:e2:0c:c0:32:7a:71:41:85:16:4a:2a:fa:b3:d0:7a:21:f8: f7:3e:17:ac:ce:ff:ff:02:ed:44:f9:5c:76:9e:41:bd:a4:93: b4:03:82:2b:df:3a:f4:a4:04:b8:4d:7d:40:7a:dc:6a:f8:62: 1f:48:e2:cd:59:94:97:05:ea:dd:d4:0c:eb:f5:88:d8:5e:35: 1a:d8:f9:ab:37:a8:76:da:2c:84:70:91:81:bc:c5:bf:6b:b4: a7:57:33:7e:1a:c9:f1:00:42:21:d4:99:12:91:71:0b:c4:bb: a5:a9:99:0c:71:26:6f:af:37:f9:be:0d:06:c0:b1:3a:10:c4: f9:f3:c2:2b:8d:12:75:34:c4:d3:da:1b:d3:77:1f:be:00:23: 37:db:2b:b9:7a:e0:f6:56:18:10:de:e9:05:c9:10:0c:c9:ef: 4f:f1:13:4e:a2:d5:1c:53:7b:c1:85:b5:97:ba:2c:66:58:0f: 4d:0a:04:b4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM6PWH91CGxvalCZ3nxPHPhFVB/4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA0OFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAMGIyMTlkZGU5ZWExYTcxMmE2ZDE3 ODY5ODg5NTZiOGQ4ZmU2NDVmMzc4NzBhYTBmOTFiNjRiNDdhNmI2NDE5OTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiwnNGGTcIK0pnpDjvAzaIELL/EU tkIF90dmS4VB6KIC/h8LETpCHEGRIxRNelpLOBkjfF7JV0gZo00vhYBgrvoH/A7U 7Ro1FoVeistZWGYNYytVWq8KGFYl4F1CxRVpvieEojeAwFw603Ov9Y+t+qX8HYAN WL4hqZPbJJv9xDMRv5OhpikFHrReysOe9xDlMRj4PPtA4wurpw9lt87cbUsEag+G v9ekfPmaA37tAFHdlWTKP75XuD3Ra5B8sUh9DxCBACecQTOO06A0w40n5c9G4vFz gMAOW/Pqtf0G1qlPDls5DMnZbSp9PDdWBsyVTKUJh1bqyn1L/ZbEKAVHrwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLMtN6dX54YldQLE6kwP84JmzOzwMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBkNmY1Yzg2LTU3ZDgtNGUwZC04NDQ1LTMwY2IxMjJiYjRkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AFAAwDQYJKoZIhvcNAQELBQADggEBAC6DfZR++IbTb4+75HIi WsNdP68dPPT8ysVwwHBA4NpcKaFhAh/hmzjSrZ32e6N1HJcKAuyUvG5j3Uj5DMvd LN0/GVCJmqkMkIviDMAyenFBhRZKKvqz0Hoh+Pc+F6zO//8C7UT5XHaeQb2kk7QD givfOvSkBLhNfUB63Gr4Yh9I4s1ZlJcF6t3UDOv1iNheNRrY+as3qHbaLIRwkYG8 xb9rtKdXM34ayfEAQiHUmRKRcQvEu6WpmQxxJm+vN/m+DQbAsToQxPnzwiuNEnU0 xNPaG9N3H74AIzfbK7l64PZWGBDe6QXJEAzJ70/xE06i1RxTe8GFtZe6LGZYD00K BLQ= -----END CERTIFICATE-----Generated at Mon Aug 4 21:49:58 2025 by rpki-client