$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa File: 205af9d8-3799-4d38-b1fb-da840e362ff1.roa (raw, json) Hash identifier: fz7CZxccEy0lvEauf6vErwn1K7iLh8sNuPDltZF49Qk= Subject key identifier: 07:6A:59:F1:D3:13:48:61:7C:6C:15:84:E6:A4:AA:32:F2:66:B4:73 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2526F2BAD4E01BE83617E5A0A5A3F6F2BE413D64 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa Signing time: Mon 04 Aug 2025 15:00:43 +0000 ROA not before: Mon 04 Aug 2025 15:00:43 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:26:f2:ba:d4:e0:1b:e8:36:17:e5:a0:a5:a3:f6:f2:be:41:3d:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:43 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=7aebb9d7e11e9e43ff393e36643826ef03987d5bb6cd5ee7bfb68ad2331ffcff, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:11:7f:8e:f8:32:32:ed:c5:c4:d3:5a:47:5b: 7d:01:8e:cd:8c:bd:c8:da:ce:b8:5e:2d:a4:55:f7: 70:e9:83:e6:a0:32:fc:53:55:9b:f5:45:8c:e1:df: 7e:d8:e7:16:6c:c9:a1:5e:95:17:58:8c:a0:f1:ed: 0f:30:96:d0:b3:43:10:3a:5c:cd:36:ba:77:72:9a: f4:9c:c7:51:4c:b6:d9:82:f8:f1:46:63:bc:83:ff: f1:76:be:89:db:c8:d4:3b:3f:fb:4a:7a:82:2e:71: 4f:9c:a5:4d:24:ca:bb:44:df:57:d2:98:72:aa:f1: 76:90:32:21:4b:c8:ca:49:7a:8e:88:5b:b1:ed:84: 22:3d:b5:57:ef:97:4e:32:19:43:28:aa:1a:b7:7f: d2:7a:a9:39:8b:85:94:f1:b6:ff:08:7d:22:5e:24: 9f:34:d6:73:dc:e8:c6:4b:22:fc:8d:c5:83:75:d4: 66:92:3e:c8:20:53:7c:b8:00:d5:0d:e5:7e:2c:f5: 50:3a:91:72:8d:d0:93:b7:18:6a:f4:bb:48:78:08: 47:32:e0:4f:71:8e:20:52:42:2d:af:da:fd:95:c8: 9e:30:fe:c9:3f:20:69:97:76:9b:43:1b:4a:8a:8c: ea:b5:0e:d0:bf:99:94:68:0b:b0:bd:32:c8:16:55: 69:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:6A:59:F1:D3:13:48:61:7C:6C:15:84:E6:A4:AA:32:F2:66:B4:73 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/36 Signature Algorithm: sha256WithRSAEncryption 01:0a:30:39:e5:f9:31:b4:0e:d4:b4:4e:0a:93:bd:a4:2f:1e: 96:7f:80:99:23:39:c1:69:27:a3:94:71:03:3e:23:3a:6c:02: d5:22:53:5a:e9:42:07:86:7e:71:bf:54:66:50:2f:ec:22:de: 9a:f1:79:53:e2:c9:8f:1c:bf:e2:dc:c0:8d:35:5a:73:b4:d8: 0e:4c:24:ef:9e:ff:a2:2d:fa:af:76:0f:a3:35:8b:2d:32:17: c4:b8:d8:41:48:ab:7e:b1:d6:eb:86:03:69:b3:33:16:83:18: 26:72:64:da:b2:b2:71:26:30:67:2c:50:10:f4:a8:3b:20:fb: 82:0b:24:ab:c7:87:70:50:6b:69:19:10:2d:97:dd:6d:7a:24: de:2e:55:be:2a:cc:27:b5:38:92:8d:dc:5c:be:df:0e:99:e7: f7:c3:16:23:87:f1:49:27:d2:ff:6d:32:6e:ec:4e:e2:e2:d6: 0e:32:64:03:81:98:aa:92:8a:59:80:4a:dd:a5:44:a8:10:20: 92:f4:b1:b7:56:c2:53:35:82:36:dd:31:cf:ee:1b:c0:54:bf: 32:2b:2e:06:82:ab:f2:af:bd:ec:bb:31:2c:2d:18:68:c6:ef: 0a:5d:f9:8d:a4:5c:45:ed:f0:dd:06:15:31:8b:92:96:70:a5: f8:da:17:ee -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJSbyutTgG+g2F+WgpaP28r5BPWQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA0M1oX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAN2FlYmI5ZDdlMTFlOWU0M2ZmMzkz ZTM2NjQzODI2ZWYwMzk4N2Q1YmI2Y2Q1ZWU3YmZiNjhhZDIzMzFmZmNmZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixF/jvgyMu3FxNNaR1t9AY7NjL3I 2s64Xi2kVfdw6YPmoDL8U1Wb9UWM4d9+2OcWbMmhXpUXWIyg8e0PMJbQs0MQOlzN Nrp3cpr0nMdRTLbZgvjxRmO8g//xdr6J28jUOz/7SnqCLnFPnKVNJMq7RN9X0phy qvF2kDIhS8jKSXqOiFux7YQiPbVX75dOMhlDKKoat3/Seqk5i4WU8bb/CH0iXiSf NNZz3OjGSyL8jcWDddRmkj7IIFN8uADVDeV+LPVQOpFyjdCTtxhq9LtIeAhHMuBP cY4gUkItr9r9lcieMP7JPyBpl3abQxtKiozqtQ7Qv5mUaAuwvTLIFlVpNQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAdqWfHTE0hhfGwVhOakqjLyZrRzMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIwNWFmOWQ4LTM3OTktNGQzOC1iMWZiLWRhODQwZTM2MmZmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAAEKMDnl+TG0DtS0TgqT vaQvHpZ/gJkjOcFpJ6OUcQM+IzpsAtUiU1rpQgeGfnG/VGZQL+wi3prxeVPiyY8c v+LcwI01WnO02A5MJO+e/6It+q92D6M1iy0yF8S42EFIq36x1uuGA2mzMxaDGCZy ZNqysnEmMGcsUBD0qDsg+4ILJKvHh3BQa2kZEC2X3W16JN4uVb4qzCe1OJKN3Fy+ 3w6Z5/fDFiOH8Ukn0v9tMm7sTuLi1g4yZAOBmKqSilmASt2lRKgQIJL0sbdWwlM1 gjbdMc/uG8BUvzIrLgaCq/Kvvey7MSwtGGjG7wpd+Y2kXEXt8N0GFTGLkpZwpfja F+4= -----END CERTIFICATE-----Generated at Mon Aug 4 21:36:50 2025 by rpki-client