$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa File: 977f90e2-d257-4dde-9740-b0391458d8ed.roa (raw, json) Hash identifier: QatfgO+6jvY4u8obd4nXPOR2xY01xUuUwQPUJ6v1Dgc= Subject key identifier: DF:0C:37:C8:E5:CF:1F:ED:E0:23:94:D1:64:67:18:CB:52:23:07:F8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5327E2DF8017C41C6EC7987D8488550CB74DC781 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa Signing time: Mon 04 Aug 2025 15:00:33 +0000 ROA not before: Mon 04 Aug 2025 15:00:33 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000::/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:27:e2:df:80:17:c4:1c:6e:c7:98:7d:84:88:55:0c:b7:4d:c7:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:33 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=84257ec4ae1cf508256f73e3f05920ab48e4ef43f687332facb14df9014738ff, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:29:9c:b9:4c:44:4c:09:d5:09:9c:87:c3:55: 0d:b3:cb:e5:f4:56:32:4d:ce:1e:62:0b:f5:5a:8a: 8c:59:02:ca:f2:a3:6b:ce:af:76:1e:ff:d6:bf:1a: 67:e6:b7:18:05:51:be:11:7a:48:dc:dd:14:fb:00: 25:00:9d:5d:71:07:4d:02:c2:7e:0d:ed:32:da:66: 89:aa:f8:92:67:85:43:42:db:b4:f2:37:55:ae:b2: ce:49:ff:fc:c4:bf:ce:81:66:87:9c:04:69:8b:ae: b8:20:6c:f6:71:0a:aa:27:2f:33:6d:9d:53:07:64: ac:79:32:3f:f2:12:65:9a:e5:4d:c8:e0:74:86:13: e9:7e:aa:56:7c:14:14:b1:29:c3:49:86:1c:39:01: 5f:32:45:c9:0a:b8:56:c4:39:56:34:30:78:bf:d6: 13:14:d9:27:78:9a:b2:70:af:d7:9c:3e:41:86:8c: 68:6b:cd:6e:a7:bb:a7:5d:e6:85:b0:23:af:71:0d: 08:0a:b6:c3:d8:2b:f7:7d:d6:37:c2:d4:2c:19:6d: 32:6d:44:5a:61:e0:fd:99:f3:3f:de:06:79:ea:7e: 20:9b:61:3f:f7:4f:a0:41:ff:d6:d6:89:f5:1e:d7: eb:b8:fd:37:b9:0c:0c:1b:1f:48:21:8f:72:c9:b5: 3a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:0C:37:C8:E5:CF:1F:ED:E0:23:94:D1:64:67:18:CB:52:23:07:F8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000::/24 Signature Algorithm: sha256WithRSAEncryption 96:ba:8a:ff:54:2e:fb:0b:5c:28:e0:47:9f:c0:b5:05:26:54: 25:71:5c:ab:c7:5a:95:bb:32:7f:c4:c4:db:c5:f9:f9:2c:7f: 83:cf:80:4c:b6:1c:f1:f8:bd:97:8f:c4:3b:aa:3f:1a:60:2a: 98:ff:80:a7:56:db:a4:19:c1:76:72:36:f9:3f:21:40:eb:a5: e7:89:75:31:ac:f3:78:9d:23:cb:78:22:a3:c1:58:81:ca:61: cd:6e:59:89:ff:44:8e:67:a0:20:d1:cd:fe:17:8a:5d:e4:cd: f4:20:68:41:b7:dd:dc:7c:45:a6:2d:e8:75:df:15:d0:da:b5: d7:d8:e4:c5:5a:a8:77:eb:be:3a:85:43:22:82:f5:32:40:b9: 72:b5:1d:4b:00:78:6e:ce:02:f8:19:92:bd:5a:1a:31:09:87: d2:5e:36:71:a1:9e:17:cf:85:75:35:c6:ee:07:5e:35:65:07: cf:d2:5b:e2:57:33:d6:a0:05:86:bf:42:35:6c:28:80:21:1b: 2d:88:e2:86:63:ac:58:dc:28:e3:c9:b7:78:57:ef:9a:12:04: 43:76:9a:4d:01:89:44:53:d8:3f:34:1c:29:9f:53:48:a3:04: 87:cb:9d:39:9a:91:fa:43:55:98:2d:4d:f5:9e:e3:75:ac:6b: 5b:02:08:4e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUyfi34AXxBxux5h9hIhVDLdNx4EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAzM1oX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAODQyNTdlYzRhZTFjZjUwODI1NmY3 M2UzZjA1OTIwYWI0OGU0ZWY0M2Y2ODczMzJmYWNiMTRkZjkwMTQ3MzhmZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCmcuUxETAnVCZyHw1UNs8vl9FYy Tc4eYgv1WoqMWQLK8qNrzq92Hv/Wvxpn5rcYBVG+EXpI3N0U+wAlAJ1dcQdNAsJ+ De0y2maJqviSZ4VDQtu08jdVrrLOSf/8xL/OgWaHnARpi664IGz2cQqqJy8zbZ1T B2SseTI/8hJlmuVNyOB0hhPpfqpWfBQUsSnDSYYcOQFfMkXJCrhWxDlWNDB4v9YT FNkneJqycK/XnD5Bhoxoa81up7unXeaFsCOvcQ0ICrbD2Cv3fdY3wtQsGW0ybURa YeD9mfM/3gZ56n4gm2E/90+gQf/W1on1HtfruP03uQwMGx9IIY9yybU6vwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFN8MN8jlzx/t4COU0WRnGMtSIwf4MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 Lzk3N2Y5MGUyLWQyNTctNGRkZS05NzQwLWIwMzkxNDU4ZDhlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAAjAGAwQAJA+AMA0GCSqGSIb3DQEBCwUAA4IBAQCWuor/VC77C1wo4EefwLUF JlQlcVyrx1qVuzJ/xMTbxfn5LH+Dz4BMthzx+L2Xj8Q7qj8aYCqY/4CnVtukGcF2 cjb5PyFA66XniXUxrPN4nSPLeCKjwViBymHNblmJ/0SOZ6Ag0c3+F4pd5M30IGhB t93cfEWmLeh13xXQ2rXX2OTFWqh36746hUMigvUyQLlytR1LAHhuzgL4GZK9Whox CYfSXjZxoZ4Xz4V1NcbuB141ZQfP0lviVzPWoAWGv0I1bCiAIRstiOKGY6xY3Cjj ybd4V++aEgRDdppNAYlEU9g/NBwpn1NIowSHy505mpH6Q1WYLU31nuN1rGtbAghO -----END CERTIFICATE-----Generated at Mon Aug 4 21:41:51 2025 by rpki-client