$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: A+/7ilULcsi6VLvc7iOPFVsvu8HzAWWrGMD1EPBJy40= Subject key identifier: 94:1C:33:60:A8:0E:EB:12:A2:A8:17:B5:AF:B8:B7:2D:3E:69:E1:80 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2241E1711DBB57448CAC640B6D84B4C6C7C13275 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Mon 04 Aug 2025 15:00:41 +0000 ROA not before: Mon 04 Aug 2025 15:00:41 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:41:e1:71:1d:bb:57:44:8c:ac:64:0b:6d:84:b4:c6:c7:c1:32:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:41 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=3c258f74ecaa4f1a49bd5e74319fae1636898c28612b12c343ed69133bd75cfa, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:30:5e:4e:27:5a:3f:61:57:06:0e:4c:8a:cc: 02:9a:dd:b0:b0:d7:53:0d:cb:90:da:47:e1:c4:aa: 63:8c:2b:3e:77:ae:41:95:e0:16:45:07:ca:6c:62: 87:42:ff:7a:28:f1:7c:fc:e2:ff:5d:ab:63:2b:7a: ca:59:9a:fd:0c:22:51:c7:12:39:3c:9f:f5:b3:80: be:03:d8:10:9b:92:7a:3c:86:07:c0:e9:ea:8b:fe: 70:5d:45:d4:8b:a8:bd:b9:d6:df:8c:dd:ed:30:0d: ba:e0:be:a2:d0:f8:85:59:c8:52:b8:63:13:bc:65: df:ef:90:d9:a3:a1:f6:07:6a:d2:7d:3b:9f:70:71: 71:4b:36:15:d4:d2:01:bb:70:ed:37:11:36:1e:5b: 8c:09:ad:ed:ec:42:c2:1a:19:bc:39:5e:b8:0f:d9: 02:44:26:47:8d:71:97:1b:64:b6:fd:a8:72:41:31: 1c:eb:b9:93:05:08:7d:95:80:f4:0d:58:70:3e:2f: 5c:f8:d5:de:d5:1b:25:8b:9f:2d:46:ee:ae:be:a4: 16:7c:7a:5c:57:72:0f:8d:25:cf:39:12:6d:65:09: a8:1a:6a:36:60:91:89:33:7b:a1:3a:63:47:c7:01: 53:6f:b1:ed:9d:7e:f8:fd:e3:60:70:66:cb:7b:67: e7:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:1C:33:60:A8:0E:EB:12:A2:A8:17:B5:AF:B8:B7:2D:3E:69:E1:80 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 5e:02:00:21:92:af:0d:7a:2f:96:01:2e:7a:65:f7:93:53:47: 52:3d:30:7c:bd:2f:db:cb:10:a7:e1:65:32:b5:f3:4b:0b:a6: 8c:5d:68:2b:75:9e:a8:f9:4c:ac:ff:96:8b:4b:39:c2:e5:a7: dc:9c:20:4a:d5:11:d9:fc:f5:2f:bd:06:28:59:cc:97:87:b6: df:ed:33:bf:f3:cd:d6:4c:9d:48:fc:91:a1:6a:db:77:58:98: 3e:a5:38:44:64:5a:3c:49:da:20:70:58:e3:65:7a:62:09:a7: aa:d6:3d:85:28:df:25:2d:f5:2d:4d:a8:2e:b4:5e:33:10:f7: 39:6c:1c:90:cc:12:88:6c:09:6a:05:5f:99:79:56:3c:e8:bf: b2:f2:77:e7:b9:31:80:6c:5a:69:f1:4d:93:ce:d6:44:fb:3f: 9a:60:e1:f9:72:08:94:f5:cc:a0:0f:64:56:71:a6:32:1e:7b: 6d:6c:8e:7f:69:99:d8:ec:ea:98:9b:82:22:df:91:9c:16:6e: 75:48:6b:6e:ee:4b:53:c2:c7:03:3a:d6:45:cf:e4:e5:27:dd: c1:c9:fe:fe:d8:12:22:35:31:56:b0:0b:38:f6:85:1a:68:b3: f0:0b:72:11:c3:b3:78:08:67:54:c8:84:ac:80:f6:76:6f:19: f1:49:4d:61 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIkHhcR27V0SMrGQLbYS0xsfBMnUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA0MVoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAM2MyNThmNzRlY2FhNGYxYTQ5YmQ1 ZTc0MzE5ZmFlMTYzNjg5OGMyODYxMmIxMmMzNDNlZDY5MTMzYmQ3NWNmYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjBeTidaP2FXBg5MiswCmt2wsNdT DcuQ2kfhxKpjjCs+d65BleAWRQfKbGKHQv96KPF8/OL/XatjK3rKWZr9DCJRxxI5 PJ/1s4C+A9gQm5J6PIYHwOnqi/5wXUXUi6i9udbfjN3tMA264L6i0PiFWchSuGMT vGXf75DZo6H2B2rSfTufcHFxSzYV1NIBu3DtNxE2HluMCa3t7ELCGhm8OV64D9kC RCZHjXGXG2S2/ahyQTEc67mTBQh9lYD0DVhwPi9c+NXe1Rsli58tRu6uvqQWfHpc V3IPjSXPORJtZQmoGmo2YJGJM3uhOmNHxwFTb7HtnX74/eNgcGbLe2fncwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJQcM2CoDusSoqgXta+4ty0+aeGAMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAF4CACGSrw16L5YBLnpl 95NTR1I9MHy9L9vLEKfhZTK180sLpoxdaCt1nqj5TKz/lotLOcLlp9ycIErVEdn8 9S+9BihZzJeHtt/tM7/zzdZMnUj8kaFq23dYmD6lOERkWjxJ2iBwWONlemIJp6rW PYUo3yUt9S1NqC60XjMQ9zlsHJDMEohsCWoFX5l5Vjzov7Lyd+e5MYBsWmnxTZPO 1kT7P5pg4flyCJT1zKAPZFZxpjIee21sjn9pmdjs6pibgiLfkZwWbnVIa27uS1PC xwM61kXP5OUn3cHJ/v7YEiI1MVawCzj2hRpos/ALchHDs3gIZ1TIhKyA9nZvGfFJ TWE= -----END CERTIFICATE-----Generated at Mon Aug 4 21:33:25 2025 by rpki-client