$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: N1JtqQQEgvQcto+faQP9bG1sRyoXqgAjLBHeVhzoF5E= Subject key identifier: 65:F6:07:F1:8A:BE:A2:EA:B7:D2:66:A3:E4:E8:87:72:8E:E7:EA:CA Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7194821A93336294BF83B7EA369B4D5D9D15C427 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Sat 14 Jun 2025 00:00:13 +0000 ROA not before: Sat 14 Jun 2025 00:00:13 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:94:82:1a:93:33:62:94:bf:83:b7:ea:36:9b:4d:5d:9d:15:c4:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:13 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=3e6b27fbe9a16754c7ecf3284352e0fa5e4b3a64962481c4b7c6dc8b3faf8dfe, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7b:bf:21:9c:ce:e4:aa:b8:cc:11:57:ae:66: 63:c3:0d:10:d9:d9:28:10:54:e9:2b:a0:4f:9b:25: 45:5a:d5:1d:1f:3a:9b:9c:eb:7c:51:15:73:99:5a: b3:33:ec:32:d1:7f:89:6d:92:d1:de:32:5f:6c:a0: d9:6f:5a:77:b6:cb:20:1f:28:78:48:cb:7e:36:f1: 4e:d4:b8:36:5c:08:d9:56:2b:1b:cf:55:8f:b8:59: 84:7e:45:35:e5:83:ac:4c:cd:cd:f1:a6:2d:c9:59: dd:0c:64:ee:6e:eb:bc:21:21:cb:d6:fc:6f:3a:68: 54:16:ca:33:54:00:f5:d0:26:d8:9c:65:5b:5b:cd: 42:f6:db:09:a6:9e:18:38:c2:13:23:4f:30:c6:1d: 0a:22:2f:25:fd:2c:bf:3a:77:45:d8:a0:72:df:e7: da:c9:75:e6:a0:f0:92:40:5b:11:24:b8:3c:80:7a: 90:e7:1f:53:c5:19:20:a2:70:31:21:9b:ab:5f:0b: 2c:1c:ab:a3:f8:ea:41:e9:2c:6e:48:2a:f6:be:fe: 18:9d:90:da:3a:70:9d:0f:23:5b:0b:de:14:1b:a1: b4:4c:bc:32:02:8b:3b:60:4b:13:50:70:f5:f9:1e: 1b:b6:2e:9f:fe:b9:9e:20:41:55:91:e3:74:34:86: 86:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:F6:07:F1:8A:BE:A2:EA:B7:D2:66:A3:E4:E8:87:72:8E:E7:EA:CA X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 47:36:26:81:15:39:f2:91:35:52:31:43:68:25:ce:c8:b6:9b: 7a:e0:b9:51:70:eb:a6:02:09:18:53:ce:55:da:e4:54:7a:75: 9e:64:96:61:87:a1:27:b8:b2:6c:a0:59:ab:69:58:6a:88:33: 4f:4c:f8:8c:23:81:6e:79:bb:0f:1c:38:3b:20:8a:79:d5:09: fc:00:b0:63:b6:66:10:a0:18:c4:24:a2:fb:83:d9:1b:37:0b: 39:dd:d3:98:71:c7:5b:f2:e7:17:ff:9f:8d:d7:a9:2a:51:f1: bc:a9:90:f8:a3:3a:08:c2:66:cd:d1:95:73:80:31:b8:0d:af: e7:73:fa:db:46:78:da:0c:93:2a:94:e6:35:08:8c:3f:ca:40: 5e:b7:a9:37:94:50:ab:5b:c0:19:64:53:7d:59:74:a7:be:72: 5c:f9:ae:c0:1f:a2:dc:0e:4a:0e:f4:37:11:19:17:d8:26:59: 01:20:f0:67:9f:28:e1:4c:63:cc:c3:e3:fb:2a:2e:ab:aa:50: 9f:87:45:da:44:12:02:6f:78:f7:84:3c:6b:da:54:2a:11:3a: 15:27:63:bc:f6:ba:e6:ca:09:fb:e4:81:cd:41:34:df:5c:b0: 6b:a1:e3:6a:58:89:9a:d1:0d:0c:e1:3e:c1:1c:23:dc:ef:1e: e2:1a:86:b2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcZSCGpMzYpS/g7fqNptNXZ0VxCcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAxM1oX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAM2U2YjI3ZmJlOWExNjc1NGM3ZWNm MzI4NDM1MmUwZmE1ZTRiM2E2NDk2MjQ4MWM0YjdjNmRjOGIzZmFmOGRmZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3u/IZzO5Kq4zBFXrmZjww0Q2dko EFTpK6BPmyVFWtUdHzqbnOt8URVzmVqzM+wy0X+JbZLR3jJfbKDZb1p3tssgHyh4 SMt+NvFO1Lg2XAjZVisbz1WPuFmEfkU15YOsTM3N8aYtyVndDGTubuu8ISHL1vxv OmhUFsozVAD10CbYnGVbW81C9tsJpp4YOMITI08wxh0KIi8l/Sy/OndF2KBy3+fa yXXmoPCSQFsRJLg8gHqQ5x9TxRkgonAxIZurXwssHKuj+OpB6SxuSCr2vv4YnZDa OnCdDyNbC94UG6G0TLwyAos7YEsTUHD1+R4bti6f/rmeIEFVkeN0NIaGVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGX2B/GKvqLqt9Jmo+Toh3KO5+rKMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAEc2JoEVOfKRNVIxQ2gl zsi2m3rguVFw66YCCRhTzlXa5FR6dZ5klmGHoSe4smygWatpWGqIM09M+IwjgW55 uw8cODsginnVCfwAsGO2ZhCgGMQkovuD2Rs3Cznd05hxx1vy5xf/n43XqSpR8byp kPijOgjCZs3RlXOAMbgNr+dz+ttGeNoMkyqU5jUIjD/KQF63qTeUUKtbwBlkU31Z dKe+clz5rsAfotwOSg70NxEZF9gmWQEg8GefKOFMY8zD4/sqLquqUJ+HRdpEEgJv ePeEPGvaVCoROhUnY7z2uubKCfvkgc1BNN9csGuh42pYiZrRDQzhPsEcI9zvHuIa hrI= -----END CERTIFICATE-----Generated at Sat Jun 14 05:43:16 2025 by rpki-client