$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa File: 5484d331-446c-4042-9500-dd3002e6a910.roa (raw, json) Hash identifier: TLcwVDUBFLyEJZTPlZZECCVeQOCy+ktPGxX5GZYT7EA= Subject key identifier: 5B:EE:37:31:31:9E:22:39:AC:9D:06:EF:AB:06:E6:B1:34:AA:18:45 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2CA7BB632B81582C7FE8F4B05C2356F00D242CD8 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa Signing time: Mon 04 Aug 2025 15:00:47 +0000 ROA not before: Mon 04 Aug 2025 15:00:47 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:a7:bb:63:2b:81:58:2c:7f:e8:f4:b0:5c:23:56:f0:0d:24:2c:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:47 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=89923e7c05251b21d1422697e4dbf0a4a25e7429ebac1729a8f9310e2bb3b61e, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:04:11:bb:6e:02:f7:af:c2:ce:08:d3:58:80: 8b:3e:4c:e7:01:b9:2e:6c:b4:b5:a0:ca:d4:91:6b: 3b:37:42:48:c4:31:5d:fc:59:0d:9d:16:24:82:ac: a2:dc:35:f6:12:47:56:ee:b4:24:cf:c8:e7:8a:0c: a4:c9:8d:76:d4:c6:9b:a4:c1:5f:93:52:69:2b:fd: a0:bc:6b:50:5f:90:35:71:dc:dd:b9:d4:25:5c:38: 0a:5a:61:42:7e:ba:41:42:95:ab:59:0b:81:e1:0d: 3e:0d:2c:2c:e0:5f:4a:00:4e:74:84:c9:ef:3d:32: cf:bd:d9:b3:5a:78:f8:8e:a1:84:bd:03:b8:de:bb: 87:e2:54:88:2e:39:dd:ae:a0:15:a5:b7:e6:26:e9: 70:60:7b:53:d7:cc:36:55:5c:25:8f:cc:8d:62:a3: 4d:0c:68:fa:ae:42:e3:0f:6d:32:0b:77:a2:da:cc: d5:5a:bf:8c:c5:89:84:5a:fe:ce:50:0a:25:2a:f8: 53:db:64:eb:a5:93:f8:90:3b:48:87:18:d2:31:ed: 78:82:3e:a3:16:cb:4e:cd:fa:70:5c:42:9e:70:97: bc:b6:b2:82:33:07:65:2f:70:c8:ec:b0:16:b6:07: 3e:c1:81:9a:c0:43:ef:85:73:e0:92:77:91:eb:67: 5c:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:EE:37:31:31:9E:22:39:AC:9D:06:EF:AB:06:E6:B1:34:AA:18:45 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:c00::/38 Signature Algorithm: sha256WithRSAEncryption b2:98:f4:09:df:15:7c:7d:ad:ba:0d:6e:9c:ae:5e:ee:ab:4e: 2d:4a:2f:83:a0:80:0e:55:27:fe:27:b6:e8:a1:9d:88:86:b9: 2f:20:db:48:df:da:7f:a8:a7:25:68:8d:e9:1d:f2:0e:42:a5: 7b:b2:6e:3e:32:b4:0a:08:d3:51:06:16:49:6c:db:7d:78:89: f9:ec:2e:58:ae:60:62:1a:77:e1:5c:8e:a2:f2:86:fe:8e:ce: 05:6a:56:5c:8b:21:01:a0:cb:11:8b:eb:a6:a1:8b:e7:da:8a: 7c:43:99:86:3d:0d:e7:4c:f1:c3:b8:38:40:f0:1e:50:bc:72: 01:f5:1c:0f:49:92:9c:e8:3f:a2:21:b4:57:56:55:3b:3a:a1: b6:88:54:b7:97:41:6d:c9:16:31:cb:17:ac:f9:df:fd:e6:e6: 40:57:7b:80:57:45:12:4e:98:c1:e7:19:86:00:04:e1:cf:89: 09:63:a9:6a:46:2c:7c:89:74:33:ba:86:0e:dd:d4:9a:c8:ee: d2:b5:b6:de:84:bd:30:7c:48:f1:1b:58:7d:fb:84:ac:0d:e5: 69:94:9b:61:94:2d:ee:c2:00:93:3f:9a:e8:65:50:87:68:da: 38:3c:7f:71:ac:6f:38:1e:d1:2b:68:c1:10:b1:74:27:76:b9: 79:0d:9c:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULKe7YyuBWCx/6PSwXCNW8A0kLNgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA0N1oX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAODk5MjNlN2MwNTI1MWIyMWQxNDIy Njk3ZTRkYmYwYTRhMjVlNzQyOWViYWMxNzI5YThmOTMxMGUyYmIzYjYxZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAQRu24C96/CzgjTWICLPkznAbku bLS1oMrUkWs7N0JIxDFd/FkNnRYkgqyi3DX2EkdW7rQkz8jnigykyY121MabpMFf k1JpK/2gvGtQX5A1cdzdudQlXDgKWmFCfrpBQpWrWQuB4Q0+DSws4F9KAE50hMnv PTLPvdmzWnj4jqGEvQO43ruH4lSILjndrqAVpbfmJulwYHtT18w2VVwlj8yNYqNN DGj6rkLjD20yC3ei2szVWr+MxYmEWv7OUAolKvhT22TrpZP4kDtIhxjSMe14gj6j FstOzfpwXEKecJe8trKCMwdlL3DI7LAWtgc+wYGawEPvhXPgkneR62dc1QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFvuNzExniI5rJ0G76sG5rE0qhhFMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU0ODRkMzMxLTQ0NmMtNDA0Mi05NTAwLWRkMzAwMmU2YTkxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAwwDQYJKoZIhvcNAQELBQADggEBALKY9AnfFXx9rboNbpyu Xu6rTi1KL4OggA5VJ/4ntuihnYiGuS8g20jf2n+opyVojekd8g5CpXuybj4ytAoI 01EGFkls2314ifnsLliuYGIad+FcjqLyhv6OzgVqVlyLIQGgyxGL66ahi+fainxD mYY9DedM8cO4OEDwHlC8cgH1HA9JkpzoP6IhtFdWVTs6obaIVLeXQW3JFjHLF6z5 3/3m5kBXe4BXRRJOmMHnGYYABOHPiQljqWpGLHyJdDO6hg7d1JrI7tK1tt6EvTB8 SPEbWH37hKwN5WmUm2GULe7CAJM/muhlUIdo2jg8f3Gsbzge0StowRCxdCd2uXkN nFQ= -----END CERTIFICATE-----Generated at Mon Aug 4 22:17:47 2025 by rpki-client