$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa File: 5484d331-446c-4042-9500-dd3002e6a910.roa (raw, json) Hash identifier: Fc3c9TttMNilZbBSXXn5rkfipb/FQrneDkl5sXw3980= Subject key identifier: D9:12:84:30:FA:DD:DC:43:C4:9C:9A:4F:26:BD:90:A2:A2:FB:61:90 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 53DCE0D1B02627BD3742519E1B0517D673C65421 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa Signing time: Sat 14 Jun 2025 00:00:18 +0000 ROA not before: Sat 14 Jun 2025 00:00:18 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:dc:e0:d1:b0:26:27:bd:37:42:51:9e:1b:05:17:d6:73:c6:54:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:18 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=cb226fdd70219efa3b7deb105d4959b55d5b9e73ef5127ea51bd074349789c7d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:36:66:8b:87:37:6b:3b:ee:30:b0:33:03:98: 31:03:f8:60:7b:c1:f4:bc:ce:bc:de:23:1c:45:4f: fc:2f:af:04:d3:97:e8:44:20:76:19:6d:4c:1c:fc: de:78:94:3e:89:0e:4c:3f:df:3a:43:bf:4b:48:18: 48:07:19:c0:1c:e3:d1:a1:13:20:bf:6c:d2:80:11: e2:b8:ae:3b:b9:10:92:16:5b:57:f4:18:0a:f0:a5: 46:b5:4e:bb:eb:49:5f:0b:45:00:eb:ab:29:3e:8f: 53:9f:9d:1c:65:66:7f:48:3b:87:1b:8b:65:1d:ca: 6c:20:f4:07:29:99:7d:b7:45:10:24:9a:97:ce:6b: 73:28:d8:1b:20:28:6e:af:08:7c:98:d6:13:a3:3a: c3:1a:cf:11:64:48:7c:bd:5c:eb:43:89:02:0c:9c: 76:4e:70:d1:86:07:6b:1e:c7:48:02:fb:9c:01:9b: a8:50:6d:34:5e:b2:e1:45:72:c2:dc:60:6e:95:c1: 76:c2:d8:61:e7:d9:d5:61:0e:67:2f:e1:4e:3d:c5: 80:40:7d:42:76:5f:86:58:02:20:9c:09:a7:73:63: 44:d5:61:74:18:ad:95:19:c3:73:03:f9:de:a9:07: 20:eb:8c:4f:7d:f0:41:50:81:a2:34:d7:4a:4e:cd: 8b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:12:84:30:FA:DD:DC:43:C4:9C:9A:4F:26:BD:90:A2:A2:FB:61:90 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:c00::/38 Signature Algorithm: sha256WithRSAEncryption 95:ee:fa:fb:cf:18:1f:f6:52:c8:27:a0:26:96:53:c2:36:68: c8:7f:97:6e:6b:65:48:5c:e6:38:13:c4:9c:66:dd:3c:db:a0: 5e:4f:21:cf:7c:98:20:89:5a:63:40:04:0b:4a:50:c2:9d:eb: 4a:a4:15:9f:6a:78:dd:ff:71:77:61:74:85:7b:ea:88:f9:df: 98:ca:f1:40:1d:9e:c2:97:dd:ae:dd:55:0c:fc:44:03:55:96: db:b8:0a:27:98:5b:6f:5a:0c:26:2d:63:12:f9:ee:93:57:94: 27:d2:35:25:4e:7f:2a:08:92:b2:bc:1e:ef:87:bf:0c:c0:a6: 57:79:a2:68:29:58:55:0d:ed:d6:03:4c:69:6b:9a:2e:56:18: 3d:b2:e6:51:05:f8:f2:b8:78:48:39:67:78:f4:30:b9:e8:13: 12:1a:5a:b1:66:2f:61:ab:a5:48:b2:c3:92:ae:84:b9:e0:ec: fc:64:51:93:e5:67:aa:31:14:68:81:be:67:5f:c4:94:ed:31: cc:aa:50:59:aa:ad:61:a9:84:30:bc:b9:45:33:c3:77:e3:96: b0:2f:7e:6c:e1:99:38:63:91:9f:d4:9d:13:50:f3:4b:5c:a3: fc:4f:3d:ff:c8:52:aa:e6:c4:27:4b:8f:71:e3:b2:22:e0:99: 6d:85:e6:39 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUU9zg0bAmJ703QlGeGwUX1nPGVCEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAxOFoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAY2IyMjZmZGQ3MDIxOWVmYTNiN2Rl YjEwNWQ0OTU5YjU1ZDViOWU3M2VmNTEyN2VhNTFiZDA3NDM0OTc4OWM3ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszZmi4c3azvuMLAzA5gxA/hge8H0 vM683iMcRU/8L68E05foRCB2GW1MHPzeeJQ+iQ5MP986Q79LSBhIBxnAHOPRoRMg v2zSgBHiuK47uRCSFltX9BgK8KVGtU6760lfC0UA66spPo9Tn50cZWZ/SDuHG4tl HcpsIPQHKZl9t0UQJJqXzmtzKNgbIChurwh8mNYTozrDGs8RZEh8vVzrQ4kCDJx2 TnDRhgdrHsdIAvucAZuoUG00XrLhRXLC3GBulcF2wthh59nVYQ5nL+FOPcWAQH1C dl+GWAIgnAmnc2NE1WF0GK2VGcNzA/neqQcg64xPffBBUIGiNNdKTs2LIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNkShDD63dxDxJyaTya9kKKi+2GQMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU0ODRkMzMxLTQ0NmMtNDA0Mi05NTAwLWRkMzAwMmU2YTkxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAwwDQYJKoZIhvcNAQELBQADggEBAJXu+vvPGB/2UsgnoCaW U8I2aMh/l25rZUhc5jgTxJxm3TzboF5PIc98mCCJWmNABAtKUMKd60qkFZ9qeN3/ cXdhdIV76oj535jK8UAdnsKX3a7dVQz8RANVltu4CieYW29aDCYtYxL57pNXlCfS NSVOfyoIkrK8Hu+HvwzApld5omgpWFUN7dYDTGlrmi5WGD2y5lEF+PK4eEg5Z3j0 MLnoExIaWrFmL2GrpUiyw5KuhLng7PxkUZPlZ6oxFGiBvmdfxJTtMcyqUFmqrWGp hDC8uUUzw3fjlrAvfmzhmThjkZ/UnRNQ80tco/xPPf/IUqrmxCdLj3HjsiLgmW2F 5jk= -----END CERTIFICATE-----Generated at Sat Jun 14 06:18:25 2025 by rpki-client