$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa File: 453c01e0-c333-4283-987c-be2c8b71798c.roa (raw, json) Hash identifier: y6+2MYjQAXFd+FYxGqTjwmpOgbTAq0NTWMXIVEwwI3U= Subject key identifier: 75:0F:FF:99:0A:53:EF:8B:70:B2:F7:C1:B3:3A:17:A3:6C:8E:0A:D3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 26A62EF9CBA8202CE3B0630A6668FC30CF525518 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa Signing time: Mon 04 Aug 2025 15:00:32 +0000 ROA not before: Mon 04 Aug 2025 15:00:32 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:a6:2e:f9:cb:a8:20:2c:e3:b0:63:0a:66:68:fc:30:cf:52:55:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:32 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=b635976560f026f70e6a64f4bf07d6f64d64738c8ed770ae88d408b9eedf9a21, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f0:e9:50:a6:95:e6:7b:55:d0:44:45:95:be: 65:cb:40:ae:1d:3a:9d:72:51:8d:bd:e9:05:7a:66: 64:fa:05:e8:3d:d1:f5:f7:fd:36:20:40:ad:02:8d: aa:8e:83:45:43:da:e4:fb:dc:30:4c:c3:9b:54:e6: 6b:61:d5:fa:36:71:6b:75:f0:13:a8:0a:0a:0a:5e: 25:b8:f5:2d:eb:f9:b9:2c:b5:33:ec:b5:38:4a:ab: 9e:89:da:a7:af:4b:fa:18:33:57:22:d6:75:c8:bb: 32:62:16:3c:c7:b3:7b:d0:b5:f1:bb:1b:1f:6b:ff: 6f:2b:b1:6e:9c:85:da:46:3f:92:82:1a:c0:47:5b: 32:87:9d:a7:9f:09:1d:b1:15:e9:74:bc:0b:fd:43: 87:da:9b:13:0c:0e:b7:3c:ec:7f:6c:5d:b4:2e:de: 9f:c5:4e:41:3d:2f:e0:c2:ec:90:b9:be:01:91:47: 03:f1:a9:9d:d1:c8:cf:00:98:64:dc:fc:83:46:b4: c0:fb:c2:3a:2f:a6:e0:01:7f:ba:d9:fa:ed:8f:d3: bd:1f:f2:b3:83:be:a0:8a:05:ce:90:ae:1c:07:86: c9:73:e7:da:42:7c:60:90:1b:84:86:c4:9e:8f:96: 55:a3:19:6c:20:a1:17:8b:7d:4a:a1:45:b0:fe:90: fd:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:0F:FF:99:0A:53:EF:8B:70:B2:F7:C1:B3:3A:17:A3:6C:8E:0A:D3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 26:e5:9a:d8:ca:b2:3d:27:9b:54:13:df:30:58:99:d7:3b:fe: ed:76:a4:15:ad:7b:3e:3e:27:76:9b:0b:a7:f9:67:fc:06:aa: d5:17:b7:2d:d5:17:cf:94:23:ef:15:0c:0b:17:22:27:63:13: 89:17:86:b3:1d:ad:42:0f:56:c0:c2:b1:e8:5f:a5:23:d8:05: f8:6f:dd:0c:e2:33:26:38:57:2b:0e:18:e0:f3:7a:c5:d2:bd: cf:ad:ea:34:8a:fb:10:33:16:65:b8:59:09:d7:6d:43:f8:6b: 28:7a:26:13:06:ea:8d:97:67:fe:b3:38:54:21:f9:43:b8:0b: 9d:47:ba:7c:8e:3b:91:6c:d3:c5:ab:58:11:02:a1:36:3e:bd: 6a:c3:35:d5:e5:58:ec:49:fe:ed:ec:78:51:8f:43:c1:ba:5c: b6:03:c5:47:17:8a:5a:66:23:27:77:0e:47:84:c7:96:f0:32: 3d:94:01:5a:7f:6b:28:bf:e9:fe:31:99:89:50:00:e4:1a:09: af:3c:9f:cb:de:a7:d7:82:ed:f7:15:fe:78:73:04:5a:85:ef: dc:c3:b0:95:a3:2f:1b:07:56:94:d0:21:be:c2:73:0a:dc:78: 85:3f:19:eb:93:7c:00:c3:04:e9:71:3b:7d:7c:c4:2c:21:ec: fd:a4:52:bf -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJqYu+cuoICzjsGMKZmj8MM9SVRgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAzMloX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAYjYzNTk3NjU2MGYwMjZmNzBlNmE2 NGY0YmYwN2Q2ZjY0ZDY0NzM4YzhlZDc3MGFlODhkNDA4YjllZWRmOWEyMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvDpUKaV5ntV0ERFlb5ly0CuHTqd clGNvekFemZk+gXoPdH19/02IECtAo2qjoNFQ9rk+9wwTMObVOZrYdX6NnFrdfAT qAoKCl4luPUt6/m5LLUz7LU4Squeidqnr0v6GDNXItZ1yLsyYhY8x7N70LXxuxsf a/9vK7FunIXaRj+SghrAR1syh52nnwkdsRXpdLwL/UOH2psTDA63POx/bF20Lt6f xU5BPS/gwuyQub4BkUcD8amd0cjPAJhk3PyDRrTA+8I6L6bgAX+62frtj9O9H/Kz g76gigXOkK4cB4bJc+faQnxgkBuEhsSej5ZVoxlsIKEXi31KoUWw/pD9zwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHUP/5kKU++LcLL3wbM6F6NsjgrTMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzQ1M2MwMWUwLWMzMzMtNDI4My05ODdjLWJlMmM4YjcxNzk4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4DAMA0GCSqGSIb3DQEBCwUAA4IBAQAm5ZrYyrI9J5tUE98w WJnXO/7tdqQVrXs+Pid2mwun+Wf8BqrVF7ct1RfPlCPvFQwLFyInYxOJF4azHa1C D1bAwrHoX6Uj2AX4b90M4jMmOFcrDhjg83rF0r3Preo0ivsQMxZluFkJ121D+Gso eiYTBuqNl2f+szhUIflDuAudR7p8jjuRbNPFq1gRAqE2Pr1qwzXV5VjsSf7t7HhR j0PBuly2A8VHF4paZiMndw5HhMeW8DI9lAFaf2sov+n+MZmJUADkGgmvPJ/L3qfX gu33Ff54cwRahe/cw7CVoy8bB1aU0CG+wnMK3HiFPxnrk3wAwwTpcTt9fMQsIez9 pFK/ -----END CERTIFICATE-----Generated at Mon Aug 4 21:40:17 2025 by rpki-client