$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json) Hash identifier: d/GvIs95HKxgd5MYMY8S3fcCsbmaZnv0V7yIaUg/0Dc= Subject key identifier: 2D:80:34:C5:AD:DE:1E:6E:69:06:F9:EC:49:68:1A:69:7B:AD:13:8F Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 27642A368ACEE05EB421051505D52684C9B7A182 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa Signing time: Sat 14 Jun 2025 00:00:05 +0000 ROA not before: Sat 14 Jun 2025 00:00:05 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:64:2a:36:8a:ce:e0:5e:b4:21:05:15:05:d5:26:84:c9:b7:a1:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:05 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=87ddc10c2c007e9f3c17aa4f31daab589b8ca40911cca157d5469bd449c7be13, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:92:6c:c5:14:e6:9c:f5:ea:d8:dd:b0:97:d0: a2:d8:e8:70:4d:95:20:76:36:ca:d6:26:71:37:6b: 15:2a:02:12:59:6a:18:15:20:97:cc:f1:c4:b0:95: 99:2a:8a:ef:56:21:e2:fd:d6:c0:fc:d5:48:2b:6d: a5:32:29:0b:c9:cf:f6:72:8c:54:8a:0b:1c:00:79: f5:0d:6b:51:97:bd:bb:4a:f8:cb:1b:3a:d9:c4:e5: ad:9b:4b:40:a0:44:05:0c:fd:fc:0e:97:ae:40:4e: d7:22:32:20:53:c0:ee:a2:44:5c:a9:55:79:62:91: 9b:d5:f5:ff:7b:4a:92:9e:4d:49:3f:15:63:02:37: 77:37:4a:fd:9a:96:bd:55:0d:db:30:83:ea:e6:44: 94:3e:68:28:7c:99:bc:80:b4:cc:b5:40:bb:49:82: 68:41:1a:1e:da:d2:0d:c8:af:be:85:ae:dd:99:45: 2e:3c:6e:07:af:80:71:02:b6:37:22:ee:57:5a:67: b9:24:8a:e5:eb:f3:da:2d:28:dd:75:5c:13:31:0d: bb:76:71:17:5a:61:a7:d1:cd:12:10:da:11:7d:20: 6e:71:24:2d:4f:0a:db:aa:af:59:91:44:f6:d4:14: 61:bb:06:39:f3:5f:f1:04:53:ad:65:23:75:83:57: 32:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:80:34:C5:AD:DE:1E:6E:69:06:F9:EC:49:68:1A:69:7B:AD:13:8F X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 15:cd:87:1d:a3:e7:6e:b8:f2:4a:43:2c:f6:7a:28:a7:76:93: 0e:2a:3b:61:26:60:f8:45:ba:ce:e4:c1:b4:08:1b:c6:8f:a4: d6:f7:98:33:ff:52:06:f0:a2:a7:3b:78:c6:61:b1:21:fd:81: 24:98:be:2c:2b:b8:2e:f3:38:15:6e:7d:26:27:86:dc:8c:8a: 94:3f:75:90:80:84:08:2e:3e:a6:10:70:64:25:7a:06:cf:ef: c9:95:d7:d3:22:56:ba:8c:67:0d:41:fc:76:1a:63:d3:38:50: df:a5:f6:65:88:c2:2a:90:a8:81:e3:35:e4:08:26:38:69:63: ff:ff:0e:07:15:a6:58:ec:08:10:3e:98:94:67:43:0d:d8:4d: 9e:ca:e5:96:58:7f:be:71:73:80:68:ba:84:7c:3b:3d:cd:d9: 8f:43:d1:d1:55:46:53:4d:ee:a4:d4:41:4b:30:32:ac:e7:df: 40:05:4f:1a:69:76:88:7f:49:49:78:31:89:3a:a8:b7:49:10: 34:53:57:7e:2f:07:29:3c:45:02:f1:95:15:67:8a:84:3a:c8: 0e:9d:2f:8c:8c:40:00:fa:6d:f4:1b:73:9d:23:39:3f:c3:17: b3:fd:51:e0:a0:a2:84:90:e6:9e:24:a3:d2:55:ec:17:c9:7d: c3:32:bb:c6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ2QqNorO4F60IQUVBdUmhMm3oYIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAwNVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAODdkZGMxMGMyYzAwN2U5ZjNjMTdh YTRmMzFkYWFiNTg5YjhjYTQwOTExY2NhMTU3ZDU0NjliZDQ0OWM3YmUxMzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspJsxRTmnPXq2N2wl9Ci2OhwTZUg djbK1iZxN2sVKgISWWoYFSCXzPHEsJWZKorvViHi/dbA/NVIK22lMikLyc/2coxU igscAHn1DWtRl727SvjLGzrZxOWtm0tAoEQFDP38DpeuQE7XIjIgU8DuokRcqVV5 YpGb1fX/e0qSnk1JPxVjAjd3N0r9mpa9VQ3bMIPq5kSUPmgofJm8gLTMtUC7SYJo QRoe2tINyK++ha7dmUUuPG4Hr4BxArY3Iu5XWme5JIrl6/PaLSjddVwTMQ27dnEX WmGn0c0SENoRfSBucSQtTwrbqq9ZkUT21BRhuwY581/xBFOtZSN1g1cyYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFC2ANMWt3h5uaQb57EloGml7rROPMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBABXNhx2j52648kpDLPZ6 KKd2kw4qO2EmYPhFus7kwbQIG8aPpNb3mDP/Ugbwoqc7eMZhsSH9gSSYviwruC7z OBVufSYnhtyMipQ/dZCAhAguPqYQcGQlegbP78mV19MiVrqMZw1B/HYaY9M4UN+l 9mWIwiqQqIHjNeQIJjhpY///DgcVpljsCBA+mJRnQw3YTZ7K5ZZYf75xc4BouoR8 Oz3N2Y9D0dFVRlNN7qTUQUswMqzn30AFTxppdoh/SUl4MYk6qLdJEDRTV34vByk8 RQLxlRVnioQ6yA6dL4yMQAD6bfQbc50jOT/DF7P9UeCgooSQ5p4ko9JV7BfJfcMy u8Y= -----END CERTIFICATE-----Generated at Sat Jun 14 23:17:39 2025 by rpki-client