$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json) Hash identifier: VSUADb8mo97Rzm8NNlaIq+63/2hDx0zXKB4oURcck1s= Subject key identifier: A1:DA:B5:FC:76:0D:F3:F9:78:B8:0C:FB:44:8C:0D:C1:F7:51:CB:E1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 76D6A93AA5543270501206A308C513CE321A6093 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa Signing time: Mon 04 Aug 2025 15:00:34 +0000 ROA not before: Mon 04 Aug 2025 15:00:34 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:d6:a9:3a:a5:54:32:70:50:12:06:a3:08:c5:13:ce:32:1a:60:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:34 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=1d46d700945e6aedc706ce1e930f57f7a0d137ae68bcf5d979668e24f2545514, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:1b:4f:49:91:e5:17:20:2f:e6:2a:8b:21:cf: 31:47:df:86:51:cd:49:dd:db:fe:f6:60:04:36:6a: 8b:7a:0f:cb:a5:7e:ba:09:48:6c:03:69:e1:d5:1f: 9f:3d:84:ab:b3:95:90:ac:cb:a1:67:fa:40:f5:35: 0d:b7:c2:61:90:7f:1f:ce:ea:ff:66:4f:67:5d:54: 0e:43:40:6d:0b:21:0b:8e:55:75:20:a6:b8:5d:e8: 98:ba:11:ac:78:f1:22:90:1f:f0:b4:89:af:4d:69: 62:8e:31:26:b0:85:c2:00:c8:0a:48:99:b1:c1:cf: 91:e2:d7:80:d7:ed:60:8c:80:c4:c9:76:c9:3a:16: 5a:e0:70:af:3b:a0:92:9e:ac:52:81:cf:78:91:83: 36:be:cc:d2:92:59:5e:c8:aa:b9:f6:58:a2:54:c9: 02:6c:a0:24:b7:6c:f7:b2:64:49:1b:06:a4:a3:38: 31:fa:b7:47:7a:bf:93:62:25:f2:5e:31:13:b7:78: 59:bd:e1:c2:7d:41:80:f0:e9:28:4f:3b:03:a6:c0: 8c:aa:e3:46:7e:9f:9e:0a:84:b5:a3:2b:11:77:af: 7c:e0:e9:01:66:bc:43:fc:f9:a9:6e:a1:50:81:cb: bf:0d:60:2b:0c:7d:ed:88:a7:30:7f:1e:57:4f:df: 36:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:DA:B5:FC:76:0D:F3:F9:78:B8:0C:FB:44:8C:0D:C1:F7:51:CB:E1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 11:7f:ad:2d:de:47:56:5c:8b:32:b8:eb:ea:07:3c:08:d6:26: 87:2a:89:38:a8:fb:1a:d6:00:a4:6b:5c:c0:48:25:78:fa:02: ff:ae:a3:bb:c3:51:51:00:42:a4:73:d7:8d:96:8a:40:92:cd: 52:73:be:39:78:17:07:38:3a:35:e7:6e:12:45:96:08:07:fd: c8:aa:87:8f:ca:1d:60:cf:0f:8f:d3:79:40:dd:57:96:f3:6a: 5f:76:a9:11:b0:7f:f7:d8:71:e5:70:9b:de:37:f7:ae:31:cf: 7f:08:27:d2:8d:81:1a:12:fb:c2:ad:4e:9d:66:c6:75:48:2e: 50:aa:53:e0:ee:39:d1:05:f8:29:e0:ef:75:3c:20:79:c2:d5: 4c:96:cb:8a:60:6f:4b:47:03:a4:84:32:d5:6d:7e:4e:92:59: 29:df:64:8b:73:f4:f1:ab:00:84:df:79:08:db:5c:b6:bc:d7: 26:7f:31:f3:8d:df:70:0d:43:3a:3b:6f:ab:03:d6:d7:bb:56: c7:a7:fa:44:ef:f1:eb:26:24:0c:b3:2a:7c:91:b1:9c:ea:27: 68:32:c5:e5:1d:8c:77:06:1b:d0:e4:15:fb:94:e2:aa:30:37: 90:a9:33:70:ab:b9:aa:b8:9e:a4:5d:08:64:63:76:06:cf:1d: 00:7c:ad:ef -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdtapOqVUMnBQEgajCMUTzjIaYJMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAzNFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAMWQ0NmQ3MDA5NDVlNmFlZGM3MDZj ZTFlOTMwZjU3ZjdhMGQxMzdhZTY4YmNmNWQ5Nzk2NjhlMjRmMjU0NTUxNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxtPSZHlFyAv5iqLIc8xR9+GUc1J 3dv+9mAENmqLeg/LpX66CUhsA2nh1R+fPYSrs5WQrMuhZ/pA9TUNt8JhkH8fzur/ Zk9nXVQOQ0BtCyELjlV1IKa4XeiYuhGsePEikB/wtImvTWlijjEmsIXCAMgKSJmx wc+R4teA1+1gjIDEyXbJOhZa4HCvO6CSnqxSgc94kYM2vszSklleyKq59liiVMkC bKAkt2z3smRJGwakozgx+rdHer+TYiXyXjETt3hZveHCfUGA8OkoTzsDpsCMquNG fp+eCoS1oysRd6984OkBZrxD/PmpbqFQgcu/DWArDH3tiKcwfx5XT982vQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKHatfx2DfP5eLgM+0SMDcH3UcvhMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBABF/rS3eR1ZcizK46+oH PAjWJocqiTio+xrWAKRrXMBIJXj6Av+uo7vDUVEAQqRz142WikCSzVJzvjl4Fwc4 OjXnbhJFlggH/ciqh4/KHWDPD4/TeUDdV5bzal92qRGwf/fYceVwm943964xz38I J9KNgRoS+8KtTp1mxnVILlCqU+DuOdEF+Cng73U8IHnC1UyWy4pgb0tHA6SEMtVt fk6SWSnfZItz9PGrAITfeQjbXLa81yZ/MfON33ANQzo7b6sD1te7Vsen+kTv8esm JAyzKnyRsZzqJ2gyxeUdjHcGG9DkFfuU4qowN5CpM3Cruaq4nqRdCGRjdgbPHQB8 re8= -----END CERTIFICATE-----Generated at Mon Aug 4 21:43:39 2025 by rpki-client