$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: vEdLrhCLT8op38SlpSMnjK8xrfXwC93CrAaP7j20EXA= Subject key identifier: C5:0B:C6:BA:0E:E2:62:DF:45:F5:63:AD:10:38:F9:D2:6C:8D:4F:50 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 14B34B0ACE6E1CA7D007B5BFBA7CF27E5CA18374 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Mon 04 Aug 2025 15:00:14 +0000 ROA not before: Mon 04 Aug 2025 15:00:14 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:b3:4b:0a:ce:6e:1c:a7:d0:07:b5:bf:ba:7c:f2:7e:5c:a1:83:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:14 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=f42c775464e44a7f00a09a1575edb42e29961cff4bab58ef684ce528efd5170f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:a6:a6:7f:4e:77:0b:4c:c2:87:58:12:9b:6f: 6a:5b:5a:ba:ce:0d:5a:93:f1:23:e0:6b:d7:6b:ef: db:ed:e9:4d:39:03:8e:3d:12:48:b9:52:b5:b8:3f: 56:1b:52:eb:64:2b:6e:06:24:5f:91:89:64:83:f2: a8:b8:a1:e5:3f:9d:99:82:27:5e:c9:76:06:aa:d9: d2:72:1e:5f:99:94:a9:9d:be:3b:16:7a:f8:92:cb: 13:4c:fa:4b:bc:70:cc:19:af:4d:06:de:a1:de:ad: e1:81:db:fd:24:40:2e:c0:5f:84:3a:f0:85:12:84: e3:29:af:25:75:8e:13:fd:79:16:2e:d3:e1:f1:68: 1d:b6:4b:ca:11:e3:38:f2:7a:18:9e:f0:b2:d4:e0: 37:4f:cf:fb:d9:b9:51:bb:ed:62:71:dd:23:37:fa: b8:e0:1f:ba:f7:1b:ee:6c:24:3a:a9:ac:d2:e4:d1: 3a:37:67:30:55:74:1f:33:70:a1:97:44:41:e9:68: 0d:d3:a7:a7:0a:da:6e:79:2a:66:ec:30:aa:99:50: 7c:e4:0f:de:7e:3c:85:7a:78:7b:d0:d1:1d:0b:de: eb:26:a5:dd:b3:8f:23:6c:ba:91:c3:1f:2c:6a:27: 4f:97:4f:98:bc:58:bc:f1:ee:c5:ce:1f:3d:e9:61: 54:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:0B:C6:BA:0E:E2:62:DF:45:F5:63:AD:10:38:F9:D2:6C:8D:4F:50 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption 9e:de:08:cc:e1:ae:e9:76:68:9f:9d:89:44:f5:d1:ce:99:07: b6:ef:44:1b:e4:0d:0b:aa:17:23:6d:d2:72:e3:04:0d:f2:22: b0:75:73:f5:06:f5:bd:1d:5c:07:07:dc:80:56:ef:6f:23:13: cc:44:5f:65:72:d9:80:4e:d5:84:33:90:cb:51:b0:01:a6:3b: b9:b1:42:04:8c:f9:01:44:b2:e0:d2:5a:03:5d:c0:24:bb:2a: 8c:38:f4:26:cf:55:f7:54:20:a7:bd:8a:90:3b:f4:6b:8e:05: e3:a0:97:ff:42:0d:21:f5:dd:8d:39:47:cd:38:9b:13:70:18: 8e:c6:2a:3d:9c:32:88:7a:12:0d:0e:ca:2b:88:1c:22:ae:15: 32:20:17:44:cf:c3:5b:ab:5d:7b:6d:3f:77:16:82:4c:47:1a: 7b:77:9c:83:d6:4a:27:39:2c:ca:25:37:d7:47:ed:5f:21:1d: ee:92:cf:aa:e5:27:bd:b9:f5:af:57:b6:17:35:1e:cd:d2:7f: 93:4d:70:7c:14:40:d2:1c:f7:10:36:2f:65:97:5d:ff:5a:74: b0:4b:35:3e:7a:b4:ea:ba:80:15:46:e4:70:02:14:c7:df:1a: 3f:08:6f:91:26:48:e3:0b:a4:b1:2f:54:7f:25:6d:e7:21:9d: ba:b7:57:04 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUFLNLCs5uHKfQB7W/unzyflyhg3QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAxNFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAZjQyYzc3NTQ2NGU0NGE3ZjAwYTA5 YTE1NzVlZGI0MmUyOTk2MWNmZjRiYWI1OGVmNjg0Y2U1MjhlZmQ1MTcwZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqamf053C0zCh1gSm29qW1q6zg1a k/Ej4GvXa+/b7elNOQOOPRJIuVK1uD9WG1LrZCtuBiRfkYlkg/KouKHlP52Zgide yXYGqtnSch5fmZSpnb47Fnr4kssTTPpLvHDMGa9NBt6h3q3hgdv9JEAuwF+EOvCF EoTjKa8ldY4T/XkWLtPh8WgdtkvKEeM48noYnvCy1OA3T8/72blRu+1icd0jN/q4 4B+69xvubCQ6qazS5NE6N2cwVXQfM3Chl0RB6WgN06enCtpueSpm7DCqmVB85A/e fjyFenh70NEdC97rJqXds48jbLqRwx8saidPl0+YvFi88e7Fzh896WFUEQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFMULxroO4mLfRfVjrRA4+dJsjU9QMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAnt4IzOGu6XZon52JRPXR zpkHtu9EG+QNC6oXI23ScuMEDfIisHVz9Qb1vR1cBwfcgFbvbyMTzERfZXLZgE7V hDOQy1GwAaY7ubFCBIz5AUSy4NJaA13AJLsqjDj0Js9V91Qgp72KkDv0a44F46CX /0INIfXdjTlHzTibE3AYjsYqPZwyiHoSDQ7KK4gcIq4VMiAXRM/DW6tde20/dxaC TEcae3ecg9ZKJzksyiU310ftXyEd7pLPquUnvbn1r1e2FzUezdJ/k01wfBRA0hz3 EDYvZZdd/1p0sEs1Pnq06rqAFUbkcAIUx98aPwhvkSZI4wuksS9UfyVt5yGdurdX BA== -----END CERTIFICATE-----Generated at Mon Aug 4 22:17:33 2025 by rpki-client