$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa File: 2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa (raw, json) Hash identifier: hJ/++amdxJ3Im/68p0ZMqxPx2RFwy0oxlWnKKaYwsoE= Subject key identifier: 6D:C4:F6:3A:F3:C2:5C:C1:7D:39:8A:FE:F5:80:2D:1D:EE:D3:13:40 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0E5ED842D4BC425B6D73B2741A9CE76CBC258FE6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa Signing time: Tue 10 Jun 2025 16:00:05 +0000 ROA not before: Tue 10 Jun 2025 16:00:05 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:5e:d8:42:d4:bc:42:5b:6d:73:b2:74:1a:9c:e7:6c:bc:25:8f:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 10 16:00:05 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=fc66ded900afeca56a39fd3db97c3e0b1a8f40118d87fd85eaae5944796e522d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ef:25:97:3f:be:73:64:e8:0e:e4:4c:66:d7: 71:e0:79:e3:b9:42:ef:47:2d:08:87:c2:e9:3a:66: e9:e4:bf:39:2b:68:ce:6e:ff:09:8d:45:86:25:ed: 93:4c:ee:6c:ab:88:db:00:2c:47:6a:97:0f:ce:43: e9:69:3e:46:78:18:37:64:dd:4e:cb:bc:41:71:0a: a6:9c:32:91:20:66:af:21:a4:6e:90:5c:9c:4d:ba: 93:6a:c7:de:6f:b9:c6:70:be:5c:9b:d1:ae:bb:6b: 7a:50:13:0a:9b:62:a6:88:3e:89:75:97:2c:27:ca: 08:2f:15:f5:6a:31:c9:26:a5:77:f5:70:a5:ef:63: 28:60:8d:0f:68:aa:dd:2c:6b:78:4a:68:d1:b4:bb: b6:57:2f:87:ff:52:b5:a1:2f:e0:8c:21:ba:d1:88: 71:51:1f:22:e4:61:40:97:3b:bb:ac:85:74:71:17: 74:a1:db:8b:97:db:79:0b:d7:e2:78:26:d4:dc:80: c1:f7:5e:52:0b:3a:74:01:a9:a6:d1:21:b8:be:75: f9:05:6d:de:65:85:fd:fb:ab:38:bc:a0:30:45:04: 11:99:71:56:cf:60:8d:49:8f:70:e3:4f:bc:51:71: d3:0d:d3:65:14:54:5c:2d:20:c4:64:40:eb:da:bf: d9:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:C4:F6:3A:F3:C2:5C:C1:7D:39:8A:FE:F5:80:2D:1D:EE:D3:13:40 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:4000::/40 Signature Algorithm: sha256WithRSAEncryption 57:76:fa:20:9b:84:b3:73:01:d9:3c:63:4b:ee:a1:75:16:9d: 1c:3f:51:fe:76:fb:bc:0e:e0:2c:fb:b5:8b:60:26:3b:68:67: 0e:74:fa:af:6b:c1:49:82:b4:21:80:02:c6:11:ff:03:63:df: e4:35:b3:91:15:a8:9e:7e:1f:0f:48:54:d0:88:68:2f:59:76: 65:9a:6a:96:2a:9a:1a:f7:83:15:f9:4d:60:be:e3:40:e5:9c: c0:5f:14:ed:30:ca:80:66:eb:e3:31:c5:6e:44:ba:aa:1a:9c: 38:12:c9:14:5f:e9:c2:ef:89:a8:ed:c6:b3:9f:05:14:48:d2: f2:05:e0:40:fa:39:c7:e9:b3:79:a9:38:c5:72:f6:a1:b0:69: d4:64:09:13:b7:8e:35:59:82:73:39:88:12:34:0e:68:87:00: e6:d7:ae:6c:e0:e3:a2:89:b2:be:82:91:a8:20:5e:c2:b2:dd: cb:37:0a:bd:d6:7e:e1:f9:7f:c9:66:18:fa:2a:ab:53:e0:5f: b7:71:bc:6f:37:1c:c4:d5:0b:ff:7c:20:2d:29:d5:50:90:3b: ee:4f:26:2c:fe:4b:0e:30:f9:5e:63:10:73:16:d5:8e:9a:c0: 42:8b:bd:19:4e:6e:be:06:63:fb:32:87:6e:75:13:7d:1a:5e: 10:b2:b3:a0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDl7YQtS8Qlttc7J0GpznbLwlj+YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxMDE2MDAwNVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZmM2NmRlZDkwMGFmZWNhNTZhMzlm ZDNkYjk3YzNlMGIxYThmNDAxMThkODdmZDg1ZWFhZTU5NDQ3OTZlNTIyZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte8llz++c2ToDuRMZtdx4HnjuULv Ry0Ih8LpOmbp5L85K2jObv8JjUWGJe2TTO5sq4jbACxHapcPzkPpaT5GeBg3ZN1O y7xBcQqmnDKRIGavIaRukFycTbqTasfeb7nGcL5cm9Guu2t6UBMKm2KmiD6JdZcs J8oILxX1ajHJJqV39XCl72MoYI0PaKrdLGt4SmjRtLu2Vy+H/1K1oS/gjCG60Yhx UR8i5GFAlzu7rIV0cRd0oduLl9t5C9fieCbU3IDB915SCzp0Aamm0SG4vnX5BW3e ZYX9+6s4vKAwRQQRmXFWz2CNSY9w40+8UXHTDdNlFFRcLSDEZEDr2r/ZrwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG3E9jrzwlzBfTmK/vWALR3u0xNAMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzJjN2RjOTllLTE2YzUtNDMxMi1iNjEzLWFjNDJlOGI1MmYxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+EAwDQYJKoZIhvcNAQELBQADggEBAFd2+iCbhLNzAdk8Y0vu oXUWnRw/Uf52+7wO4Cz7tYtgJjtoZw50+q9rwUmCtCGAAsYR/wNj3+Q1s5EVqJ5+ Hw9IVNCIaC9ZdmWaapYqmhr3gxX5TWC+40DlnMBfFO0wyoBm6+MxxW5EuqoanDgS yRRf6cLviajtxrOfBRRI0vIF4ED6Ocfps3mpOMVy9qGwadRkCRO3jjVZgnM5iBI0 DmiHAObXrmzg46KJsr6CkaggXsKy3cs3Cr3WfuH5f8lmGPoqq1PgX7dxvG83HMTV C/98IC0p1VCQO+5PJiz+Sw4w+V5jEHMW1Y6awEKLvRlObr4GY/syh251E30aXhCy s6A= -----END CERTIFICATE-----Generated at Sat Jun 14 05:43:15 2025 by rpki-client