$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa File: 453c01e0-c333-4283-987c-be2c8b71798c.roa (raw, json) Hash identifier: k2q8k7B/sGwgsLwIMaTsN+cJN6/IUWlVtMWi3VbZVrk= Subject key identifier: E9:D9:96:2F:EA:18:16:6D:75:A9:45:60:43:D3:CD:6F:1E:97:DA:67 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 23BD75FA7CF058D1BFF40F9C15AB9788E9DA0E53 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa Signing time: Sat 14 Jun 2025 00:00:02 +0000 ROA not before: Sat 14 Jun 2025 00:00:02 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:bd:75:fa:7c:f0:58:d1:bf:f4:0f:9c:15:ab:97:88:e9:da:0e:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:02 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=dc03bfc727f503a57ee29e2b8eaf34b57669273f5cdc9a02d41e318b25c39cc6, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:da:7c:ff:e6:e2:a7:86:d6:a4:b5:b2:84:b2: 8b:2d:08:c3:7e:1c:b1:af:b2:21:e0:c5:f8:4b:2e: 38:fd:02:7c:a5:00:20:7d:f2:79:6f:70:73:ae:bb: 52:97:59:63:4a:96:15:c4:dc:dd:d8:22:76:f5:20: 24:26:3f:53:69:5e:2d:d9:c5:43:be:80:11:4c:b6: 48:d1:84:b0:97:ba:18:18:c3:f5:7e:88:60:48:94: ce:23:6d:a8:c1:99:3c:da:e5:cd:de:16:a9:7e:4c: bf:10:1a:1d:6c:67:ee:8c:79:af:44:89:4d:54:d7: f9:43:7e:6c:83:49:1f:44:88:7f:96:4a:ed:a9:a8: 14:c6:f1:3f:47:9b:58:85:36:d8:4e:18:55:1e:58: 00:97:26:0c:fa:2f:c4:8c:85:fe:31:b9:9f:51:85: d4:01:e5:96:4d:f0:76:8f:c3:ba:aa:90:01:1f:41: 14:78:5e:cd:e2:d5:23:9d:14:37:8f:6e:e0:b0:d4: f6:4c:15:f2:fb:1d:fe:6f:f0:06:e2:5b:55:28:c8: 14:ec:5c:f0:b1:72:cf:e5:ad:fa:41:9c:2b:30:39: 88:c4:6c:ce:06:17:67:01:cb:89:87:82:9b:d9:66: 58:42:87:68:90:a7:3b:64:a2:29:86:ce:7c:ec:c0: 19:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:D9:96:2F:EA:18:16:6D:75:A9:45:60:43:D3:CD:6F:1E:97:DA:67 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 85:1d:09:24:95:36:d5:31:f6:74:61:e9:67:58:96:10:d6:c3: 65:be:61:17:c7:39:9e:9e:ea:3e:48:76:af:83:34:3f:27:5b: b3:fe:ed:d8:99:5a:26:5e:77:38:cd:ca:40:9a:55:8d:f8:c7: bf:40:d6:8e:e2:ea:48:c5:9c:3c:e7:d5:bf:e4:42:68:8f:45: 9a:9c:29:02:ae:ff:61:5e:17:28:3b:a1:44:e2:fb:21:44:07: 10:02:0e:7f:b1:42:67:71:6d:ca:44:3a:64:fa:d8:27:d3:80: 07:00:01:42:c4:2e:41:76:bb:72:03:50:44:40:01:ab:eb:a5: b6:bf:d8:45:31:02:0f:8a:ec:c2:30:6c:b2:89:ac:9b:c7:65: d9:de:3f:9b:f6:6a:3e:db:db:2d:9e:34:8d:dc:02:e2:3b:10: e8:0c:1e:9f:ae:e1:86:3b:c2:d5:94:ed:5e:b6:cc:e8:7d:94: ac:0d:aa:65:01:dc:04:84:bb:cc:60:fe:21:cf:2d:33:de:28: b3:1f:7c:b1:cd:63:e5:60:76:6a:c3:0c:2f:95:ed:37:7b:03: d4:3c:20:f1:4e:ab:8a:17:b7:19:b3:bd:6b:43:30:85:32:ae: a4:02:1e:4f:50:0b:00:d4:21:10:fe:1e:c3:ff:d2:83:94:87: 63:aa:1e:b1 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUI711+nzwWNG/9A+cFauXiOnaDlMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAwMloX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAZGMwM2JmYzcyN2Y1MDNhNTdlZTI5 ZTJiOGVhZjM0YjU3NjY5MjczZjVjZGM5YTAyZDQxZTMxOGIyNWMzOWNjNjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9p8/+bip4bWpLWyhLKLLQjDfhyx r7Ih4MX4Sy44/QJ8pQAgffJ5b3BzrrtSl1ljSpYVxNzd2CJ29SAkJj9TaV4t2cVD voARTLZI0YSwl7oYGMP1fohgSJTOI22owZk82uXN3hapfky/EBodbGfujHmvRIlN VNf5Q35sg0kfRIh/lkrtqagUxvE/R5tYhTbYThhVHlgAlyYM+i/EjIX+MbmfUYXU AeWWTfB2j8O6qpABH0EUeF7N4tUjnRQ3j27gsNT2TBXy+x3+b/AG4ltVKMgU7Fzw sXLP5a36QZwrMDmIxGzOBhdnAcuJh4Kb2WZYQodokKc7ZKIphs587MAZ4QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOnZli/qGBZtdalFYEPTzW8el9pnMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzQ1M2MwMWUwLWMzMzMtNDI4My05ODdjLWJlMmM4YjcxNzk4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4DAMA0GCSqGSIb3DQEBCwUAA4IBAQCFHQkklTbVMfZ0Yeln WJYQ1sNlvmEXxzmenuo+SHavgzQ/J1uz/u3YmVomXnc4zcpAmlWN+Me/QNaO4upI xZw859W/5EJoj0WanCkCrv9hXhcoO6FE4vshRAcQAg5/sUJncW3KRDpk+tgn04AH AAFCxC5BdrtyA1BEQAGr66W2v9hFMQIPiuzCMGyyiaybx2XZ3j+b9mo+29stnjSN 3ALiOxDoDB6fruGGO8LVlO1etszofZSsDaplAdwEhLvMYP4hzy0z3iizH3yxzWPl YHZqwwwvle03ewPUPCDxTquKF7cZs71rQzCFMq6kAh5PUAsA1CEQ/h7D/9KDlIdj qh6x -----END CERTIFICATE-----Generated at Sat Jun 14 05:52:53 2025 by rpki-client