$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa File: 64aa0337-4cf9-42c7-b236-4cd36e69005e.roa (raw, json) Hash identifier: PiZhs0YFjo7v7f5xnF9BMZll+jEdxuYzZOtG4S8NJis= Subject key identifier: 0E:D4:76:26:93:92:A6:BF:DF:EE:A6:A9:5F:83:BF:1B:74:99:05:D8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6B877D8946A89E11ED0535FD233692D0015AD102 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa Signing time: Mon 04 Aug 2025 15:00:13 +0000 ROA not before: Mon 04 Aug 2025 15:00:13 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:87:7d:89:46:a8:9e:11:ed:05:35:fd:23:36:92:d0:01:5a:d1:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:13 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=69e0b4dcaa5b37dabec46f25b5ee5fa41940b8521e46d138b1ecb35b6d09870d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:67:5b:53:e2:1c:9c:c9:c5:86:a1:89:7a:f4: 32:8b:1e:72:8e:de:e7:6e:13:3a:bc:55:3e:8b:78: 7c:a3:ce:46:92:c3:8a:df:54:e8:6e:a8:d1:f6:48: 64:6c:93:58:a1:00:6a:7a:e5:3f:77:be:19:f2:44: f6:82:92:02:cd:25:d8:09:78:81:e5:d6:4c:30:b2: a2:f4:7a:b3:fc:d0:db:bd:d1:a7:75:53:ec:18:d3: 06:97:5b:f9:2b:77:55:ec:c5:95:26:80:7a:f9:1c: a3:4b:b5:63:09:9f:ce:23:ff:31:d5:f6:ca:d8:b5: 08:b8:44:5b:89:a5:e8:d7:52:7b:3b:01:46:0d:20: 97:04:95:5a:9d:5d:ef:d4:7f:84:8f:0f:bb:96:e4: 45:4a:84:63:25:58:99:1d:25:0c:1b:37:ea:4d:e3: 5f:0a:a4:27:d9:3c:45:a4:80:64:28:92:c8:ed:a6: 3f:2a:8f:72:9a:0b:22:78:d9:e7:e5:01:45:f9:b3: fa:85:1a:7a:5c:eb:e5:8a:e7:94:3a:f3:89:42:c9: a8:c2:2a:e0:2d:35:17:1c:ee:19:09:87:4d:0a:69: 75:02:38:64:a1:d0:0a:1f:76:9e:4c:f4:07:7e:7d: e7:2a:1e:02:03:8d:4e:4b:01:11:85:58:d3:52:96: f2:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:D4:76:26:93:92:A6:BF:DF:EE:A6:A9:5F:83:BF:1B:74:99:05:D8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f1::/32 Signature Algorithm: sha256WithRSAEncryption 2f:07:02:54:bf:9c:dc:8f:68:97:f4:43:54:75:db:9f:d6:49: be:4a:eb:6f:79:ee:3b:4d:ee:f7:da:c6:07:be:75:ad:2e:56: ed:41:e7:a7:c5:35:96:5d:18:c0:84:9f:17:12:d3:f2:ed:1b: 13:8b:7f:d9:dd:11:16:1c:1c:18:17:7d:ab:3a:00:7f:54:f2: ef:ba:9e:66:50:8e:d7:2b:cf:e4:db:40:58:97:5c:2f:b4:fc: 59:71:22:0e:6e:4b:6f:37:a8:a2:fd:a4:40:4e:8a:b3:c9:35: 70:55:e5:3f:8f:fb:33:be:bf:af:43:6b:56:ee:ab:27:4b:07: bb:2f:aa:59:89:be:92:04:a4:f9:df:46:95:cb:ac:37:23:7e: ff:a3:5a:69:ff:f8:25:58:7f:3e:90:57:be:30:6d:4c:55:c2: e8:84:53:1c:51:2f:a1:9c:df:db:93:7d:e2:cf:29:96:e3:24: c3:5e:2f:35:ea:5a:a2:bd:b2:a5:e8:37:f8:eb:91:3e:20:92: 98:bf:1b:7e:5c:01:14:3e:9d:9a:43:3b:4f:05:98:d0:91:6c: 3a:47:70:6a:d4:a7:92:e8:9c:ec:13:3b:28:a8:8b:bb:18:83: 93:9f:ef:e0:98:28:58:e2:d1:fe:4a:63:a8:7f:23:ed:d3:e2: 3b:33:8e:da -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUa4d9iUaonhHtBTX9IzaS0AFa0QIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAxM1oX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNANjllMGI0ZGNhYTViMzdkYWJlYzQ2 ZjI1YjVlZTVmYTQxOTQwYjg1MjFlNDZkMTM4YjFlY2IzNWI2ZDA5ODcwZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2dbU+IcnMnFhqGJevQyix5yjt7n bhM6vFU+i3h8o85GksOK31TobqjR9khkbJNYoQBqeuU/d74Z8kT2gpICzSXYCXiB 5dZMMLKi9Hqz/NDbvdGndVPsGNMGl1v5K3dV7MWVJoB6+RyjS7VjCZ/OI/8x1fbK 2LUIuERbiaXo11J7OwFGDSCXBJVanV3v1H+Ejw+7luRFSoRjJViZHSUMGzfqTeNf CqQn2TxFpIBkKJLI7aY/Ko9ymgsieNnn5QFF+bP6hRp6XOvliueUOvOJQsmowirg LTUXHO4ZCYdNCml1AjhkodAKH3aeTPQHfn3nKh4CA41OSwERhVjTUpbyOwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFA7UdiaTkqa/3+6mqV+Dvxt0mQXYMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzY0YWEwMzM3LTRjZjktNDJjNy1iMjM2LTRjZDM2ZTY5MDA1ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8TANBgkqhkiG9w0BAQsFAAOCAQEALwcCVL+c3I9ol/RDVHXb n9ZJvkrrb3nuO03u99rGB751rS5W7UHnp8U1ll0YwISfFxLT8u0bE4t/2d0RFhwc GBd9qzoAf1Ty77qeZlCO1yvP5NtAWJdcL7T8WXEiDm5Lbzeoov2kQE6Ks8k1cFXl P4/7M76/r0NrVu6rJ0sHuy+qWYm+kgSk+d9GlcusNyN+/6Naaf/4JVh/PpBXvjBt TFXC6IRTHFEvoZzf25N94s8pluMkw14vNepaor2ypeg3+OuRPiCSmL8bflwBFD6d mkM7TwWY0JFsOkdwatSnkuic7BM7KKiLuxiDk5/v4JgoWOLR/kpjqH8j7dPiOzOO 2g== -----END CERTIFICATE-----Generated at Mon Aug 4 21:35:38 2025 by rpki-client