$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json) Hash identifier: bYaUqw9BdK8iYso8ko4DL6cTkwWVhGwGirvD8qRzSSo= Subject key identifier: 99:FD:9E:7A:32:2A:EA:6B:6E:1E:6B:6D:BF:C9:92:D7:3F:14:58:AE Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7C1A986C608C48DA2153FB03D9E85F111A5C8030 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa Signing time: Mon 04 Aug 2025 15:00:10 +0000 ROA not before: Mon 04 Aug 2025 15:00:10 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:1a:98:6c:60:8c:48:da:21:53:fb:03:d9:e8:5f:11:1a:5c:80:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:10 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=b25f9744b123d221fc17694cab59603938124b14fb12a9915987994341014ad8, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c3:57:a0:6b:8c:74:14:aa:cf:10:bb:ca:6d: 2f:18:46:39:cb:11:d3:d2:d0:8d:fe:30:7c:47:30: 5a:b2:d2:4f:74:55:a4:79:be:80:13:04:1f:3a:aa: 46:87:69:ab:ce:19:9d:7e:36:3a:ce:b7:d5:ab:83: 5f:a3:f1:57:55:b2:b3:ca:57:88:dc:7d:92:19:a7: e4:70:95:b1:6d:82:86:75:10:c5:1c:fb:9c:9b:35: fd:0e:7b:60:8a:12:ed:32:c8:1f:cf:36:c4:a9:d0: 3c:04:bd:f5:f0:07:be:f4:ea:c7:38:5a:8d:36:2b: 65:10:be:49:c3:96:d4:d3:ff:84:a8:db:89:ed:cf: 62:00:d1:3d:75:5f:3d:a8:1c:92:b2:f7:54:bd:4b: f8:9d:87:ef:8d:96:e6:42:07:5c:70:eb:64:03:20: 68:07:be:b3:51:0f:d7:85:59:db:f1:df:bd:1b:57: 7e:9f:ec:37:30:75:55:8a:27:4a:07:c3:71:2e:76: c3:5c:84:93:c3:28:db:69:1e:44:34:c6:41:81:47: 0a:64:cc:30:48:84:17:c4:9c:d5:8f:6e:6a:d2:89: d3:d5:36:61:ed:7b:b5:04:3e:84:dd:40:5a:0f:dd: ec:53:1e:d3:cf:dd:74:7a:80:d2:a0:7b:ae:23:d8: f5:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:FD:9E:7A:32:2A:EA:6B:6E:1E:6B:6D:BF:C9:92:D7:3F:14:58:AE X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fc::/32 Signature Algorithm: sha256WithRSAEncryption 79:91:88:c3:cb:d6:a3:4e:56:e0:ee:30:d7:cf:24:07:c6:d6: d5:e6:32:3d:c9:6a:88:a2:fc:aa:d9:d3:df:ca:ea:ab:5d:52: 87:74:91:e3:d4:5b:ef:b3:c6:3f:aa:9b:08:9b:ea:1d:3c:9e: 45:bf:80:e8:08:46:31:3b:2f:a1:dd:f0:d2:27:5b:fa:7d:40: 0d:21:64:59:36:09:2d:73:b3:8a:30:4c:ec:cb:bd:cf:af:21: 9b:09:88:af:cf:26:15:a8:12:7a:dc:56:3c:eb:04:e8:0b:c3: 3c:4d:77:e7:ef:25:74:5c:4f:b2:75:f2:96:c6:ad:6c:7a:8b: 66:36:72:19:11:bb:57:30:45:43:0d:5e:a7:37:68:62:5a:d7: 25:80:50:65:30:24:ea:0b:32:13:a6:bb:ca:78:3a:c7:ef:e9: 14:16:24:dc:0d:73:df:90:06:74:a8:44:90:90:d5:5e:3b:d7: 4b:a0:10:a0:93:9b:f9:39:fd:0c:8b:64:b1:9a:fc:fe:5e:08: 6c:73:f7:bd:d8:20:10:37:6c:c0:d1:f7:51:f9:26:70:ff:ca: bd:31:74:88:9f:f3:9e:cb:01:4c:16:29:8f:5e:9a:e9:95:72: df:81:44:93:a1:cb:fd:90:eb:bd:ad:e0:6c:43:0b:bd:bf:5d: fb:19:e8:53 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUfBqYbGCMSNohU/sD2ehfERpcgDAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAxMFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAYjI1Zjk3NDRiMTIzZDIyMWZjMTc2 OTRjYWI1OTYwMzkzODEyNGIxNGZiMTJhOTkxNTk4Nzk5NDM0MTAxNGFkODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMNXoGuMdBSqzxC7ym0vGEY5yxHT 0tCN/jB8RzBastJPdFWkeb6AEwQfOqpGh2mrzhmdfjY6zrfVq4Nfo/FXVbKzyleI 3H2SGafkcJWxbYKGdRDFHPucmzX9DntgihLtMsgfzzbEqdA8BL318Ae+9OrHOFqN NitlEL5Jw5bU0/+EqNuJ7c9iANE9dV89qBySsvdUvUv4nYfvjZbmQgdccOtkAyBo B76zUQ/XhVnb8d+9G1d+n+w3MHVViidKB8NxLnbDXISTwyjbaR5ENMZBgUcKZMww SIQXxJzVj25q0onT1TZh7Xu1BD6E3UBaD93sUx7Tz910eoDSoHuuI9j1FwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFJn9nnoyKuprbh5rbb/Jktc/FFiuMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAeZGIw8vWo05W4O4w188k B8bW1eYyPclqiKL8qtnT38rqq11Sh3SR49Rb77PGP6qbCJvqHTyeRb+A6AhGMTsv od3w0idb+n1ADSFkWTYJLXOzijBM7Mu9z68hmwmIr88mFagSetxWPOsE6AvDPE13 5+8ldFxPsnXylsatbHqLZjZyGRG7VzBFQw1epzdoYlrXJYBQZTAk6gsyE6a7yng6 x+/pFBYk3A1z35AGdKhEkJDVXjvXS6AQoJOb+Tn9DItksZr8/l4IbHP3vdggEDds wNH3UfkmcP/KvTF0iJ/znssBTBYpj16a6ZVy34FEk6HL/ZDrva3gbEMLvb9d+xno Uw== -----END CERTIFICATE-----Generated at Mon Aug 4 21:31:32 2025 by rpki-client