$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa File: 33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa (raw, json) Hash identifier: 0qEK5tXc8J1No9gfsMssGAQZMCc2Y2e7bBNRxdrJu5o= Subject key identifier: BA:58:3D:C5:1B:60:BE:8B:D2:2F:8B:6A:C3:DA:31:5F:89:16:6B:2F Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6DB47ABEBD32391AD7D6E60228151573CD525DFF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa Signing time: Mon 04 Aug 2025 15:00:39 +0000 ROA not before: Mon 04 Aug 2025 15:00:39 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:b4:7a:be:bd:32:39:1a:d7:d6:e6:02:28:15:15:73:cd:52:5d:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:39 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=e30bfa44706bf5ada13793728bd153bede6cb742b8967902c5eb2704cd72e9b9, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:05:5a:f0:de:79:5c:03:27:9e:d4:41:87:ce: c7:05:0d:c7:b7:04:4e:99:e5:a5:31:0c:08:d5:e0: 13:d3:5b:aa:47:0d:d8:05:df:99:c0:38:25:72:31: fe:b3:cd:e8:c4:9e:0f:a8:8f:93:46:f2:f1:c7:68: 4f:04:6d:d7:77:6d:fe:a0:e5:d5:ea:3b:c6:1e:a7: 85:bb:17:c6:a4:46:ef:00:d8:cb:7f:de:0d:e7:af: 9f:68:c4:64:69:7e:6c:f3:65:17:9c:b4:16:9f:ab: 78:d8:32:d9:43:ae:2b:32:1a:a3:2d:c8:4d:75:27: c8:ad:3d:a0:1d:42:01:32:0b:ec:2d:bc:e0:16:b7: 83:e4:fe:aa:be:cd:b1:b8:1a:5e:e8:30:f1:0d:f8: 7f:c5:8c:94:ba:f7:96:84:cd:26:6f:42:33:44:f4: b6:21:97:a4:11:ea:5e:41:7c:97:c8:52:bf:3d:88: 06:05:12:2d:d0:06:80:6f:aa:0e:02:d2:e2:0a:ae: 7e:3f:0f:17:a7:e0:f0:72:f6:62:fc:2d:6f:d1:8a: 02:ba:0e:c4:fb:87:19:93:67:16:d2:26:94:a9:71: a9:55:e3:a1:9d:10:43:a8:56:38:70:72:4c:29:f6: 9a:4f:3a:dd:66:4e:53:a4:b8:86:c4:ce:e1:95:05: 8e:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:58:3D:C5:1B:60:BE:8B:D2:2F:8B:6A:C3:DA:31:5F:89:16:6B:2F X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 5c:b4:a2:3f:5b:9e:7e:fd:8d:93:39:3d:ef:ff:28:65:0d:3a: 84:4b:bf:96:c7:f6:82:2d:13:57:a0:c6:d3:4a:6a:a7:f8:0f: 98:cf:71:bb:0a:e0:8d:b1:54:7d:8b:ff:d5:20:5d:36:3a:f4: 1f:ac:93:8a:93:0b:12:96:01:df:7c:7e:94:97:09:be:0b:e5: 69:e0:73:9c:e2:1a:7a:14:10:a2:b8:54:8e:48:31:e3:47:af: a4:fb:aa:3d:a7:86:b9:26:7b:44:01:3b:a2:26:b3:42:5c:41: 96:a5:54:c2:6b:50:b6:a8:9b:19:29:35:cb:8f:d2:15:2f:ee: ba:48:cd:d0:33:a3:63:a0:3e:de:ab:83:6d:8f:98:e6:42:7f: 26:5d:7f:d6:82:f8:f4:d8:4e:7e:31:d5:63:de:43:b7:f5:c4: 3e:da:f5:a6:55:15:44:e4:af:8a:e0:9b:86:bf:b0:61:65:f3: 42:05:22:9f:60:9c:d0:f7:c2:03:6f:78:df:46:dd:56:74:cc: 67:9b:b0:54:5a:d5:e9:91:55:69:ae:33:99:ed:32:d2:d1:97: 7d:c3:c9:8c:99:6b:4e:81:d4:e3:ce:6f:23:2c:8e:ed:b6:27: 28:97:72:f7:43:45:73:d6:a6:b8:19:8f:56:6f:4a:d8:d0:9b: b3:5c:c9:01 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbbR6vr0yORrX1uYCKBUVc81SXf8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAzOVoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAZTMwYmZhNDQ3MDZiZjVhZGExMzc5 MzcyOGJkMTUzYmVkZTZjYjc0MmI4OTY3OTAyYzVlYjI3MDRjZDcyZTliOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQVa8N55XAMnntRBh87HBQ3HtwRO meWlMQwI1eAT01uqRw3YBd+ZwDglcjH+s83oxJ4PqI+TRvLxx2hPBG3Xd23+oOXV 6jvGHqeFuxfGpEbvANjLf94N56+faMRkaX5s82UXnLQWn6t42DLZQ64rMhqjLchN dSfIrT2gHUIBMgvsLbzgFreD5P6qvs2xuBpe6DDxDfh/xYyUuveWhM0mb0IzRPS2 IZekEepeQXyXyFK/PYgGBRIt0AaAb6oOAtLiCq5+Pw8Xp+DwcvZi/C1v0YoCug7E +4cZk2cW0iaUqXGpVeOhnRBDqFY4cHJMKfaaTzrdZk5TpLiGxM7hlQWOJQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLpYPcUbYL6L0i+LasPaMV+JFmsvMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMzZGQzMWUwLTcwMzktNGZmOC1hYWZlLTk3ZjdiOTViMDdkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQBctKI/W55+/Y2TOT3v /yhlDTqES7+Wx/aCLRNXoMbTSmqn+A+Yz3G7CuCNsVR9i//VIF02OvQfrJOKkwsS lgHffH6Ulwm+C+Vp4HOc4hp6FBCiuFSOSDHjR6+k+6o9p4a5JntEATuiJrNCXEGW pVTCa1C2qJsZKTXLj9IVL+66SM3QM6NjoD7eq4Ntj5jmQn8mXX/Wgvj02E5+MdVj 3kO39cQ+2vWmVRVE5K+K4JuGv7BhZfNCBSKfYJzQ98IDb3jfRt1WdMxnm7BUWtXp kVVprjOZ7TLS0Zd9w8mMmWtOgdTjzm8jLI7tticol3L3Q0Vz1qa4GY9Wb0rY0Juz XMkB -----END CERTIFICATE-----Generated at Mon Aug 4 21:35:44 2025 by rpki-client