$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: WlWTEBgxWE8LtmETxc0MDBt0hiasYyK2rXr5cskdgOM= Subject key identifier: 8F:AE:B2:34:72:C9:A4:FA:EC:1F:1A:A4:F6:3E:7A:49:C9:D7:BD:9B Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 183C45E490FF2A8D725837E04C10F7DFF216852A Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Sat 14 Jun 2025 00:00:41 +0000 ROA not before: Sat 14 Jun 2025 00:00:41 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:3c:45:e4:90:ff:2a:8d:72:58:37:e0:4c:10:f7:df:f2:16:85:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:41 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=8d176e0bf025b74e0b8da2e9659bb022ff379ab03c17e985f63e0203d1375925, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:ec:b1:25:30:c2:c4:a4:a5:66:ba:31:d6:8d: 0c:b0:dc:57:00:65:9b:c5:9c:fc:b9:1d:b1:9e:e6: e1:f8:53:91:fb:2e:7e:4f:06:cd:ed:fa:47:e2:02: 87:f8:4b:90:85:63:c2:b6:f6:56:1a:35:a4:74:50: 11:4c:a4:a7:d6:22:24:84:7a:be:31:f8:84:a7:dc: d8:72:29:a0:ab:d0:9f:9d:a2:59:9f:c9:85:21:12: c6:cb:8a:aa:48:e4:5b:ee:5f:65:27:3c:0e:54:a3: c3:dd:0a:95:2e:bd:5a:7c:0a:10:e1:b3:cc:13:76: a1:50:13:3c:12:ef:09:69:b5:42:82:da:95:55:ac: e4:31:66:91:88:bd:19:e1:f7:27:5a:6f:db:21:a6: f6:95:51:c4:38:3b:0f:24:58:97:70:d5:f0:17:69: 3d:39:0a:2a:b8:3b:57:31:b1:7f:58:de:fe:77:1b: 66:7e:1c:68:a8:b1:87:11:2e:3d:97:e5:16:55:80: b4:ea:6a:28:04:f3:62:36:91:23:83:de:9b:bd:29: 4c:db:27:cf:a1:e1:ab:04:a1:cf:48:46:f8:cb:5f: 89:45:0b:de:05:c7:d5:aa:5c:ee:e4:a7:de:5b:ff: 9e:b3:05:65:b7:ea:38:fb:89:c5:48:3f:45:7b:b2: 33:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:AE:B2:34:72:C9:A4:FA:EC:1F:1A:A4:F6:3E:7A:49:C9:D7:BD:9B X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption 6e:84:24:a0:a3:f4:30:a6:69:cd:75:bf:56:36:29:43:75:93: 63:13:0a:ee:bc:10:61:c2:fb:a4:9f:a2:01:97:71:b1:d6:74: 56:7b:32:7e:ee:b0:a1:80:f4:91:70:cd:3e:57:cc:3a:29:3e: 69:30:0f:ab:63:fe:4f:52:ba:ae:76:ee:41:a3:b9:d9:74:37: 42:85:ac:34:5f:4e:80:93:d5:7a:19:a4:6a:fb:39:53:59:22: 26:55:9c:c9:bb:73:07:d4:91:4e:19:88:4c:cf:de:42:71:4d: e0:ab:b6:93:4a:4e:36:08:5a:a2:6b:66:0a:fb:de:3f:d1:76: 20:e6:f8:e0:6c:7c:a6:b4:db:b8:8c:90:51:2e:a5:87:04:84: b7:84:85:0b:54:94:6d:29:60:57:f8:f2:72:57:57:e1:e4:25: 45:e3:f3:a1:e1:b9:36:e9:40:91:76:51:eb:bf:8e:52:6f:83: 6e:23:d1:aa:1f:13:f9:e0:e0:62:37:c1:59:a9:8d:1f:bc:93: 8b:7d:99:5f:ca:09:29:d8:be:76:dd:52:f4:2e:07:41:d8:be: 1b:7d:90:50:db:b8:fb:99:f0:5d:9f:04:f7:0b:a5:28:bc:f7: 15:58:bd:4a:c4:64:a9:f6:84:f9:89:c3:ec:55:3b:ab:8d:ba: 39:e1:cf:c8 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUGDxF5JD/Ko1yWDfgTBD33/IWhSowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDA0MVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAOGQxNzZlMGJmMDI1Yjc0ZTBiOGRh MmU5NjU5YmIwMjJmZjM3OWFiMDNjMTdlOTg1ZjYzZTAyMDNkMTM3NTkyNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uyxJTDCxKSlZrox1o0MsNxXAGWb xZz8uR2xnubh+FOR+y5+TwbN7fpH4gKH+EuQhWPCtvZWGjWkdFARTKSn1iIkhHq+ MfiEp9zYcimgq9CfnaJZn8mFIRLGy4qqSORb7l9lJzwOVKPD3QqVLr1afAoQ4bPM E3ahUBM8Eu8JabVCgtqVVazkMWaRiL0Z4fcnWm/bIab2lVHEODsPJFiXcNXwF2k9 OQoquDtXMbF/WN7+dxtmfhxoqLGHES49l+UWVYC06mooBPNiNpEjg96bvSlM2yfP oeGrBKHPSEb4y1+JRQveBcfVqlzu5KfeW/+eswVlt+o4+4nFSD9Fe7IzBQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFI+usjRyyaT67B8apPY+eknJ172bMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAboQkoKP0MKZpzXW/VjYp Q3WTYxMK7rwQYcL7pJ+iAZdxsdZ0Vnsyfu6woYD0kXDNPlfMOik+aTAPq2P+T1K6 rnbuQaO52XQ3QoWsNF9OgJPVehmkavs5U1kiJlWcybtzB9SRThmITM/eQnFN4Ku2 k0pONghaomtmCvveP9F2IOb44Gx8prTbuIyQUS6lhwSEt4SFC1SUbSlgV/jycldX 4eQlRePzoeG5NulAkXZR67+OUm+DbiPRqh8T+eDgYjfBWamNH7yTi32ZX8oJKdi+ dt1S9C4HQdi+G32QUNu4+5nwXZ8E9wulKLz3FVi9SsRkqfaE+YnD7FU7q426OeHP yA== -----END CERTIFICATE-----Generated at Sat Jun 14 06:18:23 2025 by rpki-client