$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa File: 8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa (raw, json) Hash identifier: Ry3AEFMHloQO1VPxmDocfYCUJHjdKcf8IiV0wShKSmk= Subject key identifier: A9:37:41:69:59:E0:BC:E7:9F:85:5A:9E:39:3B:90:E3:7A:9A:75:A4 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6765C2E8858A14C24D52AC229FA9EE3C99660266 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa Signing time: Mon 04 Aug 2025 15:00:49 +0000 ROA not before: Mon 04 Aug 2025 15:00:49 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:65:c2:e8:85:8a:14:c2:4d:52:ac:22:9f:a9:ee:3c:99:66:02:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:49 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=2d28209fbb56631701c29a136e4b4123353ad61fc101b7b4df0ae21ce791026f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:5e:2a:d8:83:66:61:16:dc:ce:17:e0:85:4c: 39:00:55:9a:1f:8a:c4:4d:fa:c8:76:4e:e9:40:f9: c1:7e:51:98:c9:ad:5f:e2:14:64:75:e3:dd:03:51: 76:b7:a0:29:0a:68:b4:d8:37:c7:4b:11:d8:d2:62: 11:fd:1d:f0:65:9f:59:3b:29:16:2a:58:56:90:71: 0f:1b:22:81:8b:ca:a8:7f:45:a1:a8:b6:a2:09:83: 33:f6:0c:08:e1:14:cf:c5:74:99:de:cd:58:b8:f5: 80:69:51:7d:e3:b9:ce:58:c1:2a:d4:1e:d1:ec:ec: f7:92:25:1d:71:71:44:03:be:42:b3:62:eb:81:41: cf:6f:56:c3:f9:be:e9:5a:e6:72:f5:54:dc:74:9a: bb:f0:2c:dd:0a:46:d7:cf:bd:08:a2:63:b8:e5:d1: 1b:90:e6:43:0f:20:08:98:c9:73:32:86:ac:aa:b9: 3f:ea:60:6f:86:29:1d:a9:a9:8e:62:33:74:ab:0e: 12:5f:f4:dd:d6:c2:09:fd:b4:6c:fd:2e:39:81:e5: a2:2a:2d:0b:91:81:ed:35:8d:04:2e:92:f7:96:51: d3:97:00:66:2c:45:bb:c4:2a:3f:74:a9:54:a2:c0: 80:a3:28:30:95:c9:57:eb:54:a2:2c:fd:ec:56:94: 25:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:37:41:69:59:E0:BC:E7:9F:85:5A:9E:39:3B:90:E3:7A:9A:75:A4 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:400::/38 Signature Algorithm: sha256WithRSAEncryption 4f:d2:bc:05:d1:d4:c5:c6:25:ca:04:9f:d0:f4:d8:e9:c5:58: 23:88:ef:26:de:8a:5a:a3:34:3c:3b:26:48:ec:21:ca:96:60: 6a:e1:f9:db:52:ee:b1:80:ed:c8:d6:37:9d:10:38:44:7d:1d: 54:22:78:8b:c1:25:5d:51:4f:73:53:1a:6e:4f:96:6b:a8:65: 44:2c:cc:9d:5d:2c:f0:59:40:f3:99:33:ae:29:66:25:46:66: 93:d6:a9:16:fe:e9:4c:e5:3f:36:1c:7f:c1:0c:21:46:26:3c: 0e:9f:82:53:6a:07:25:4c:68:39:a6:6b:3a:b6:dd:0d:84:04: 91:c9:99:9b:f2:17:5a:6d:3c:07:c9:d7:8a:72:de:92:ed:d5: 8d:2c:77:ef:d3:53:47:74:c8:97:e8:5b:8e:32:92:8d:64:09: 66:46:16:32:fd:83:11:37:e3:fd:de:5e:3b:48:a2:d9:51:a9: ab:18:c7:50:7a:05:5d:d8:7a:51:af:b0:93:51:8b:09:d2:e3: d9:2d:99:a4:04:a8:7d:96:ba:95:89:b9:1f:3a:e1:bd:4a:15: 12:2f:f5:fc:ad:3b:c0:a3:f2:72:35:45:b1:94:20:91:40:15: e5:58:d4:dd:eb:5c:cb:b7:e0:4a:8d:6c:ea:f9:7c:f9:79:16: 03:00:a4:01 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ2XC6IWKFMJNUqwin6nuPJlmAmYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA0OVoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAMmQyODIwOWZiYjU2NjMxNzAxYzI5 YTEzNmU0YjQxMjMzNTNhZDYxZmMxMDFiN2I0ZGYwYWUyMWNlNzkxMDI2ZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo14q2INmYRbczhfghUw5AFWaH4rE TfrIdk7pQPnBflGYya1f4hRkdePdA1F2t6ApCmi02DfHSxHY0mIR/R3wZZ9ZOykW KlhWkHEPGyKBi8qof0WhqLaiCYMz9gwI4RTPxXSZ3s1YuPWAaVF947nOWMEq1B7R 7Oz3kiUdcXFEA75Cs2LrgUHPb1bD+b7pWuZy9VTcdJq78CzdCkbXz70IomO45dEb kOZDDyAImMlzMoasqrk/6mBvhikdqamOYjN0qw4SX/Td1sIJ/bRs/S45geWiKi0L kYHtNY0ELpL3llHTlwBmLEW7xCo/dKlUosCAoygwlclX61SiLP3sVpQl7QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKk3QWlZ4Lznn4Vanjk7kON6mnWkMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzhiZjMxMWU5LWQyN2YtNDZmYS04ZjA1LTJlZDZiMTc2YjViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAQwDQYJKoZIhvcNAQELBQADggEBAE/SvAXR1MXGJcoEn9D0 2OnFWCOI7ybeilqjNDw7JkjsIcqWYGrh+dtS7rGA7cjWN50QOER9HVQieIvBJV1R T3NTGm5PlmuoZUQszJ1dLPBZQPOZM64pZiVGZpPWqRb+6UzlPzYcf8EMIUYmPA6f glNqByVMaDmmazq23Q2EBJHJmZvyF1ptPAfJ14py3pLt1Y0sd+/TU0d0yJfoW44y ko1kCWZGFjL9gxE34/3eXjtIotlRqasYx1B6BV3YelGvsJNRiwnS49ktmaQEqH2W upWJuR864b1KFRIv9fytO8Cj8nI1RbGUIJFAFeVY1N3rXMu34EqNbOr5fPl5FgMA pAE= -----END CERTIFICATE-----Generated at Mon Aug 4 21:32:58 2025 by rpki-client