$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa File: 3537691c-1a10-4699-a8a0-4cec50a35534.roa (raw, json) Hash identifier: nKpVJAWiRwtQjBWWybm61WYeKTVmx6+lqFzGOIw7pJE= Subject key identifier: FF:4F:4A:C9:6B:DB:4E:04:DE:2D:E6:CC:70:51:E8:2C:9F:B9:9F:D4 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6A6EF318C4FA82B33F69824E423751595DD4D184 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa Signing time: Fri 01 Aug 2025 00:50:08 +0000 ROA not before: Fri 01 Aug 2025 00:50:08 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:6e:f3:18:c4:fa:82:b3:3f:69:82:4e:42:37:51:59:5d:d4:d1:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 1 00:50:08 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=dc4ba7bd6742add7473cb046e3cd8c42a3b9baad5a3f995cc363c462e5503f10, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4a:70:85:55:3b:7b:a1:d7:9f:a7:1e:7c:a9: d7:d2:47:f3:b1:3d:c6:39:cd:60:af:42:0d:47:59: 8a:5f:12:70:fd:2d:d0:4a:f2:9b:93:fb:bc:58:82: 7d:b7:51:2d:37:8c:cb:93:74:b5:87:44:02:b9:d6: 95:63:2e:5a:6c:b7:82:36:90:ad:08:91:c1:dc:95: 95:0b:62:54:1b:6a:99:71:a2:b0:62:65:bf:4b:31: 27:76:f8:0f:e1:e6:53:7a:44:0a:50:db:23:7c:88: d8:c2:14:1c:7f:46:a7:b6:90:16:c1:0d:53:dd:12: 67:b3:5f:24:e2:fe:67:55:d6:a9:cd:a6:cb:4a:26: e3:80:d5:f8:26:12:32:db:67:71:b8:07:5f:15:38: 3d:b3:61:47:1e:f8:ec:48:5b:f8:81:ac:9a:45:1d: 3d:0f:12:10:75:2e:9f:58:62:cd:31:35:89:c0:3c: a3:39:78:5f:2e:94:39:ad:50:87:f9:d8:9d:5e:05: de:36:16:58:92:75:b2:a0:f8:7a:c1:3d:fc:a1:65: 6d:dc:70:af:41:c9:e7:83:c4:4e:62:9a:fc:3a:04: ba:33:2e:a8:b2:46:71:a0:46:04:ab:cf:56:b2:d4: be:5a:90:54:53:24:12:71:89:59:50:be:b9:00:49: 33:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:4F:4A:C9:6B:DB:4E:04:DE:2D:E6:CC:70:51:E8:2C:9F:B9:9F:D4 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:8000::/40 Signature Algorithm: sha256WithRSAEncryption 8e:54:70:67:29:27:9f:79:62:7d:0a:9a:43:bd:52:c3:21:20: 2b:11:99:10:05:4f:a9:35:e9:1a:74:97:71:be:d4:1c:d0:2d: f6:e7:1e:b8:47:34:b9:11:9d:44:aa:2a:c1:9a:22:ed:a8:14: c7:14:f3:a8:26:d8:00:74:cc:22:c0:63:14:b7:66:91:b1:07: ab:ed:8b:4d:05:10:27:55:0b:91:b3:bc:5d:ee:a7:32:f3:fa: f7:45:84:fe:29:72:01:29:3b:a4:7d:f5:c4:45:27:a1:34:7b: 43:2e:3f:3d:49:1f:22:72:ac:17:ff:90:ef:62:e9:08:01:ba: a9:cf:41:d4:61:37:c5:0c:aa:16:18:54:90:21:89:cb:93:a7: c9:6d:45:7a:cf:d7:fe:c7:4e:5e:a4:44:f0:ca:f4:32:ac:c8: be:40:a0:f9:2d:9b:ad:f9:47:1a:93:89:dc:48:98:01:56:70: 8a:69:e8:19:c5:12:15:8e:e6:68:a3:03:fd:81:b8:e6:43:af: 8d:87:8d:30:a5:c2:a0:ac:39:ec:82:44:e4:0d:b0:e3:23:dc: 28:b5:db:02:03:59:8c:e9:62:83:57:fa:a8:06:d5:54:a2:a3: 40:59:d5:f1:c3:cf:f1:81:7e:ef:f5:48:7b:3c:e4:2e:ed:20: 56:e0:33:3d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUam7zGMT6grM/aYJOQjdRWV3U0YQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwMTAwNTAwOFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAZGM0YmE3YmQ2NzQyYWRkNzQ3M2Ni MDQ2ZTNjZDhjNDJhM2I5YmFhZDVhM2Y5OTVjYzM2M2M0NjJlNTUwM2YxMDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00pwhVU7e6HXn6cefKnX0kfzsT3G Oc1gr0INR1mKXxJw/S3QSvKbk/u8WIJ9t1EtN4zLk3S1h0QCudaVYy5abLeCNpCt CJHB3JWVC2JUG2qZcaKwYmW/SzEndvgP4eZTekQKUNsjfIjYwhQcf0antpAWwQ1T 3RJns18k4v5nVdapzabLSibjgNX4JhIy22dxuAdfFTg9s2FHHvjsSFv4gayaRR09 DxIQdS6fWGLNMTWJwDyjOXhfLpQ5rVCH+didXgXeNhZYknWyoPh6wT38oWVt3HCv Qcnng8ROYpr8OgS6My6oskZxoEYEq89WstS+WpBUUyQScYlZUL65AEkzpQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP9PSslr204E3i3mzHBR6CyfuZ/UMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1Mzc2OTFjLTFhMTAtNDY5OS1hOGEwLTRjZWM1MGEzNTUzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+oAwDQYJKoZIhvcNAQELBQADggEBAI5UcGcpJ595Yn0KmkO9 UsMhICsRmRAFT6k16Rp0l3G+1BzQLfbnHrhHNLkRnUSqKsGaIu2oFMcU86gm2AB0 zCLAYxS3ZpGxB6vti00FECdVC5GzvF3upzLz+vdFhP4pcgEpO6R99cRFJ6E0e0Mu Pz1JHyJyrBf/kO9i6QgBuqnPQdRhN8UMqhYYVJAhicuTp8ltRXrP1/7HTl6kRPDK 9DKsyL5AoPktm635RxqTidxImAFWcIpp6BnFEhWO5mijA/2BuOZDr42HjTClwqCs OeyCROQNsOMj3Ci12wIDWYzpYoNX+qgG1VSio0BZ1fHDz/GBfu/1SHs85C7tIFbg Mz0= -----END CERTIFICATE-----Generated at Mon Aug 4 21:44:25 2025 by rpki-client