$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa File: 2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa (raw, json) Hash identifier: qpczpmN8Zu+al6ESsxgmpHE2VKzhxJzy6pF3C9yiWKs= Subject key identifier: BF:4D:17:CE:2A:1D:39:8D:54:A3:B5:8D:34:A4:D3:90:4F:9A:9F:39 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 66AD533C5F1277EE0F8D4C49D1900929016F4716 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa Signing time: Tue 10 Jun 2025 16:00:06 +0000 ROA not before: Tue 10 Jun 2025 16:00:06 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:ad:53:3c:5f:12:77:ee:0f:8d:4c:49:d1:90:09:29:01:6f:47:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 10 16:00:06 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=8692523b8caa4635e2615ea1f88cc5f7b3429213268af25cb2d8810f81e032e8, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:c4:39:52:9d:4f:ea:47:f8:32:72:f5:e6:28: 85:3f:16:46:a5:b7:72:4c:d6:b6:51:69:2a:55:a8: ac:3a:fb:e4:e7:d0:2e:40:64:f6:59:73:44:14:40: 6d:de:90:ae:6c:d6:75:ee:9a:1c:e0:55:ae:cb:71: 2b:9c:cc:be:c4:bf:a9:bc:08:6b:0a:8f:91:7d:47: ac:96:63:f0:c6:a6:81:70:9c:29:78:b4:7b:33:8e: 03:e1:60:15:a0:08:ae:68:40:a1:b6:f1:6f:a9:50: ae:68:4c:19:71:16:a7:9e:e1:73:24:8d:5d:93:b0: b4:67:b3:ca:99:a5:3b:31:d8:b1:6e:48:ee:8e:b1: 9b:48:7f:79:25:0a:d7:55:75:ee:9e:ab:69:f0:94: 9d:df:77:3e:74:ae:c7:03:a6:d3:c4:c3:cb:4c:63: 9f:50:5f:6b:12:94:b6:3f:b8:26:80:47:20:e3:92: b2:b6:fe:de:aa:d5:eb:0c:06:f9:71:a3:1a:06:a9: c6:77:48:b2:0a:e8:03:f9:cd:70:b0:64:07:35:cf: 5c:cc:a5:97:59:f0:5c:60:c4:64:2e:1d:14:f0:a0: 2b:cb:42:ef:2c:f1:64:5d:0d:0f:c1:de:b1:55:71: 1d:65:c8:9d:0f:26:47:9c:f7:e0:68:dd:75:1d:c4: f2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:4D:17:CE:2A:1D:39:8D:54:A3:B5:8D:34:A4:D3:90:4F:9A:9F:39 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:8000::/40 Signature Algorithm: sha256WithRSAEncryption 14:79:2c:fc:43:7f:d6:a2:3a:b4:a1:dd:1f:8b:7b:48:8f:25: 91:a2:47:18:1e:f8:f8:41:24:4b:c4:36:bf:00:3c:19:53:aa: ae:50:5f:09:7c:ff:c0:f0:f7:fe:a5:77:9a:6a:b5:d9:2c:ed: 48:94:ab:49:24:c4:0e:89:6d:46:c1:81:07:dc:67:e2:de:7f: 6d:ae:a5:3c:ae:b2:5c:87:64:a8:de:c8:ce:d5:09:c3:41:51: a0:56:0f:a6:93:64:5c:c5:57:72:75:9e:d2:ea:49:0a:1d:c5: 94:6e:5a:53:b5:ac:14:98:05:ae:97:bf:b9:1d:62:d6:81:21: 2f:fb:00:84:18:88:6d:f4:e1:33:1c:d0:11:0c:22:a6:76:b1: 74:79:89:41:39:02:0f:14:d0:a5:7f:4f:14:c2:36:6b:f2:ae: 64:80:ca:c1:83:49:51:5a:7b:b8:f8:cf:39:40:de:d2:f2:cd: e4:95:a8:7a:bb:fc:73:61:0d:21:41:5c:34:23:b9:48:37:b9: ee:53:7a:b9:b0:70:01:cd:95:66:cc:90:72:8d:48:ee:7b:be: 59:d9:a1:95:5b:a0:d5:cb:98:96:6c:e9:e5:59:07:ce:d7:c9: ea:e5:d3:0d:5a:64:ca:48:27:32:6a:8d:59:6e:6a:a8:6c:70: 01:28:a3:84 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZq1TPF8Sd+4PjUxJ0ZAJKQFvRxYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxMDE2MDAwNloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAODY5MjUyM2I4Y2FhNDYzNWUyNjE1 ZWExZjg4Y2M1ZjdiMzQyOTIxMzI2OGFmMjVjYjJkODgxMGY4MWUwMzJlODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28Q5Up1P6kf4MnL15iiFPxZGpbdy TNa2UWkqVaisOvvk59AuQGT2WXNEFEBt3pCubNZ17poc4FWuy3ErnMy+xL+pvAhr Co+RfUeslmPwxqaBcJwpeLR7M44D4WAVoAiuaEChtvFvqVCuaEwZcRannuFzJI1d k7C0Z7PKmaU7MdixbkjujrGbSH95JQrXVXXunqtp8JSd33c+dK7HA6bTxMPLTGOf UF9rEpS2P7gmgEcg45Kytv7eqtXrDAb5caMaBqnGd0iyCugD+c1wsGQHNc9czKWX WfBcYMRkLh0U8KAry0LvLPFkXQ0Pwd6xVXEdZcidDyZHnPfgaN11HcTyRQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL9NF84qHTmNVKO1jTSk05BPmp85MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIyNDdmMzRmLWU1YjEtNDIzYy1hYzBmLTcxNDJhZDg2YmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+YAwDQYJKoZIhvcNAQELBQADggEBABR5LPxDf9aiOrSh3R+L e0iPJZGiRxge+PhBJEvENr8APBlTqq5QXwl8/8Dw9/6ld5pqtdks7UiUq0kkxA6J bUbBgQfcZ+Lef22upTyuslyHZKjeyM7VCcNBUaBWD6aTZFzFV3J1ntLqSQodxZRu WlO1rBSYBa6Xv7kdYtaBIS/7AIQYiG304TMc0BEMIqZ2sXR5iUE5Ag8U0KV/TxTC NmvyrmSAysGDSVFae7j4zzlA3tLyzeSVqHq7/HNhDSFBXDQjuUg3ue5TermwcAHN lWbMkHKNSO57vlnZoZVboNXLmJZs6eVZB87Xyerl0w1aZMpIJzJqjVluaqhscAEo o4Q= -----END CERTIFICATE-----Generated at Sat Jun 14 05:42:29 2025 by rpki-client