$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/62639af2-026a-4677-b13e-0aeb266620d5.roa File: 62639af2-026a-4677-b13e-0aeb266620d5.roa (raw, json) Hash identifier: 00lORn7KgTnB3HIa1HT0MVkZD8t/nVUt7VigzMZSJ6w= Subject key identifier: 84:5F:BB:FF:E6:E5:B9:56:17:A1:6D:EC:CF:BC:C0:59:0F:15:1A:E9 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 29EF791C3F765D5AEA199AEAEF4DE1E14B68D7BF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/62639af2-026a-4677-b13e-0aeb266620d5.roa Signing time: Sat 14 Jun 2025 00:00:09 +0000 ROA not before: Sat 14 Jun 2025 00:00:09 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:ef:79:1c:3f:76:5d:5a:ea:19:9a:ea:ef:4d:e1:e1:4b:68:d7:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:09 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=9099a406e780375841bbe2bb04f181a9ebde7222015accb394923862ec25c4e5, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:67:0d:3f:79:7d:c8:ef:40:98:6b:6d:58:84: 3f:4b:47:00:d4:b3:6a:12:6c:38:3f:33:a0:84:68: 96:3c:5a:05:1c:4e:28:34:73:ce:d6:96:00:a4:9c: 08:4e:7f:dd:df:bb:80:52:05:8a:88:8f:2d:27:f7: 64:e0:49:27:f8:9f:85:19:b5:20:3b:7e:65:f5:99: b6:e3:df:8a:9b:9c:81:49:51:b0:2c:c4:16:40:11: be:a4:08:fa:eb:38:51:8a:cf:11:8e:13:ac:65:0f: f7:a4:2c:1e:a1:48:0b:bf:56:94:a8:ae:55:2d:55: f5:a7:85:24:7a:96:5b:e7:0c:28:58:96:b5:70:63: ce:26:74:20:ac:72:d0:bd:c7:6b:18:60:9b:29:7c: 45:7f:ac:7b:c6:5e:ea:ff:f3:d7:75:1f:93:48:4c: 8e:de:62:c1:25:2e:ac:26:eb:58:92:77:80:99:d5: cd:0b:ff:1e:94:f6:e2:6e:ee:05:7a:2f:19:cf:9c: 66:2d:38:d9:e7:f4:9a:bf:a9:d3:ee:45:f4:43:fd: 7f:96:80:4c:b8:48:d7:e1:5e:fb:1c:0f:3f:6d:1b: bb:ee:8e:da:eb:fb:18:35:62:6f:8e:13:f2:44:10: 84:14:99:f2:51:ab:19:1c:fb:b8:9d:5b:30:80:63: d5:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:5F:BB:FF:E6:E5:B9:56:17:A1:6D:EC:CF:BC:C0:59:0F:15:1A:E9 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/62639af2-026a-4677-b13e-0aeb266620d5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8040::/48 Signature Algorithm: sha256WithRSAEncryption 80:eb:d6:11:0f:1c:6d:26:62:98:99:6d:62:d1:9c:7f:b8:85: 82:05:5a:f0:90:58:79:a3:39:82:fa:af:c0:85:bb:8d:52:e3: 06:88:f2:bb:df:8c:47:3b:10:c0:6c:ed:18:8a:7b:96:52:76: e1:80:90:d8:3c:a9:cd:e2:30:04:2f:50:97:eb:cb:3a:32:17: 94:46:b5:d7:a9:ee:4c:a3:d1:70:b7:5d:04:13:8d:0e:07:64: 04:85:47:8c:b3:00:4b:5a:ec:12:52:0d:02:9f:f5:b3:77:e3: 11:7d:b5:44:ed:76:f4:a6:57:90:d2:ee:36:d4:63:e0:cc:8a: 77:6d:6e:0e:e8:ea:72:b4:1c:4a:49:85:74:36:d4:c0:9d:e2: 47:2a:03:ef:bb:0d:59:df:0a:7b:a5:cb:ca:09:90:59:37:3b: db:57:d6:58:7d:75:b2:5f:21:d5:0b:7e:1b:3c:b9:77:69:0d: 2f:37:81:74:cb:13:e3:b5:d4:e5:04:cd:42:04:9f:c6:bd:ab: dd:04:fa:87:8a:6a:38:fd:78:4f:9f:38:0e:80:81:fe:ed:5e: 49:b2:c4:0d:38:b4:0b:ff:10:b2:15:f9:c1:8a:f5:7f:4b:d8: 87:07:f4:1f:99:34:b5:3d:6b:e1:45:d0:ea:86:e6:88:e8:eb: bd:7f:f0:88 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKe95HD92XVrqGZrq703h4Uto178wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAwOVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAOTA5OWE0MDZlNzgwMzc1ODQxYmJl MmJiMDRmMTgxYTllYmRlNzIyMjAxNWFjY2IzOTQ5MjM4NjJlYzI1YzRlNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWcNP3l9yO9AmGttWIQ/S0cA1LNq Emw4PzOghGiWPFoFHE4oNHPO1pYApJwITn/d37uAUgWKiI8tJ/dk4Ekn+J+FGbUg O35l9Zm249+Km5yBSVGwLMQWQBG+pAj66zhRis8RjhOsZQ/3pCweoUgLv1aUqK5V LVX1p4UkepZb5wwoWJa1cGPOJnQgrHLQvcdrGGCbKXxFf6x7xl7q//PXdR+TSEyO 3mLBJS6sJutYkneAmdXNC/8elPbibu4Fei8Zz5xmLTjZ5/Sav6nT7kX0Q/1/loBM uEjX4V77HA8/bRu77o7a6/sYNWJvjhPyRBCEFJnyUasZHPu4nVswgGPVHwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIRfu//m5blWF6Ft7M+8wFkPFRrpMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzYyNjM5YWYyLTAyNmEtNDY3Ny1iMTNlLTBhZWIyNjY2MjBkNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4BAMA0GCSqGSIb3DQEBCwUAA4IBAQCA69YRDxxtJmKYmW1i 0Zx/uIWCBVrwkFh5ozmC+q/AhbuNUuMGiPK734xHOxDAbO0YinuWUnbhgJDYPKnN 4jAEL1CX68s6MheURrXXqe5Mo9Fwt10EE40OB2QEhUeMswBLWuwSUg0Cn/Wzd+MR fbVE7Xb0pleQ0u421GPgzIp3bW4O6OpytBxKSYV0NtTAneJHKgPvuw1Z3wp7pcvK CZBZNzvbV9ZYfXWyXyHVC34bPLl3aQ0vN4F0yxPjtdTlBM1CBJ/GvavdBPqHimo4 /XhPnzgOgIH+7V5JssQNOLQL/xCyFfnBivV/S9iHB/QfmTS1PWvhRdDqhuaI6Ou9 f/CI -----END CERTIFICATE-----Generated at Sat Jun 14 06:13:01 2025 by rpki-client