$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa File: a3080b31-8684-4ce8-b4e6-33db63d13627.roa (raw, json) Hash identifier: G69oCvOJET0tyNFMZfLI3Ruaj2SxG9uzTe5FveBMcmc= Subject key identifier: 47:CA:D0:91:BE:CA:1F:4E:24:E9:B4:CC:7D:76:8C:EE:F8:74:25:9B Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 172F79B45C1DB3150169DB2F52ADB515E1B7A164 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa Signing time: Mon 04 Aug 2025 15:00:10 +0000 ROA not before: Mon 04 Aug 2025 15:00:10 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8060::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 15:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:2f:79:b4:5c:1d:b3:15:01:69:db:2f:52:ad:b5:15:e1:b7:a1:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:10 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=3abb15b32eb0ac4e254cd54191e9bd2256eb677b43a0f33323fbcefd579e20f4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b4:9d:67:ec:55:2b:23:c8:52:7e:41:7a:73: 14:76:67:3c:4b:a2:84:1b:e1:fc:77:61:8b:b4:7a: b2:23:8e:da:2f:14:09:e7:54:1e:92:aa:2a:30:51: 68:74:00:f1:c8:fe:0f:63:ba:9f:e0:10:48:c8:e2: ae:55:b9:a7:99:e6:35:ca:e9:99:cc:a3:3e:a6:36: 24:6b:78:49:da:66:f0:3d:45:a9:5b:ae:01:9b:c2: 88:ca:60:c6:31:a7:0e:d5:23:06:7a:f1:d6:01:87: b5:e5:37:4e:bb:13:7c:78:9a:bd:38:ad:37:02:aa: 8a:91:f6:f3:44:13:8a:79:40:50:0d:90:36:e5:02: af:d5:5e:bf:7b:e9:eb:9a:7c:62:d8:d5:21:49:36: c3:1e:27:d7:f6:55:4c:5e:e5:31:4a:d8:8d:f4:9d: 99:29:05:1a:e5:25:dd:7d:cd:24:aa:d0:87:d5:34: da:32:fe:cc:ec:2a:e4:96:c6:63:64:01:83:b7:8c: 7f:c0:07:4c:18:38:9b:35:46:de:f8:b0:bf:37:0a: 49:62:f3:2a:5d:0e:d2:2e:6e:a3:b8:dc:78:92:09: 73:ec:db:8b:18:cd:0f:59:2d:ff:10:9a:47:d4:28: 2e:61:6c:67:00:30:df:3c:30:a0:00:62:40:1d:95: 60:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:CA:D0:91:BE:CA:1F:4E:24:E9:B4:CC:7D:76:8C:EE:F8:74:25:9B X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8060::/32 Signature Algorithm: sha256WithRSAEncryption 74:41:38:0c:3e:f1:33:88:0d:93:a6:b8:5a:25:e3:a5:1c:7c: 30:d6:7e:33:f2:d7:a0:09:24:5d:45:0c:69:d0:4e:ce:fe:a2: 1e:f8:33:81:3d:c4:0c:99:83:1c:13:14:59:4f:46:6d:55:0d: 04:ea:62:04:1f:a2:36:ad:fa:d5:ab:25:fc:eb:11:91:54:b6: f3:66:73:38:22:81:ec:52:b1:6a:41:71:ff:2b:09:e2:b2:33: 2b:52:9b:42:95:d1:a4:c5:ed:db:a0:6c:5c:c2:3e:cc:86:7e: cc:4c:c0:95:80:5f:a8:70:9c:21:1d:f6:b5:83:cf:5b:cb:b5: 46:0f:25:04:3c:ca:4b:ec:b1:6c:bd:fb:52:fc:e1:0c:96:b9: 87:3a:84:b1:5a:b9:ee:10:1b:fc:01:3c:a6:31:00:9d:e4:d8: 00:b3:6a:a0:e9:a5:6f:66:94:83:6e:67:63:2a:f1:d6:8a:73: 79:2d:d8:75:58:25:c2:34:3d:8a:25:36:e8:6e:c5:22:f4:d5: 8d:6b:35:8a:67:a2:06:69:af:f7:3f:ef:4a:04:ae:74:59:2b: b8:d7:7d:9c:82:4f:d9:ad:28:95:fb:f4:44:30:91:ce:e5:de: 0e:d9:ff:a3:83:5d:38:fd:7e:29:7a:89:6d:d4:7f:d3:bd:53: ac:f3:08:b8 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUFy95tFwdsxUBadsvUq21FeG3oWQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAxMFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAM2FiYjE1YjMyZWIwYWM0ZTI1NGNk NTQxOTFlOWJkMjI1NmViNjc3YjQzYTBmMzMzMjNmYmNlZmQ1NzllMjBmNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLSdZ+xVKyPIUn5BenMUdmc8S6KE G+H8d2GLtHqyI47aLxQJ51QekqoqMFFodADxyP4PY7qf4BBIyOKuVbmnmeY1yumZ zKM+pjYka3hJ2mbwPUWpW64Bm8KIymDGMacO1SMGevHWAYe15TdOuxN8eJq9OK03 AqqKkfbzRBOKeUBQDZA25QKv1V6/e+nrmnxi2NUhSTbDHifX9lVMXuUxStiN9J2Z KQUa5SXdfc0kqtCH1TTaMv7M7CrklsZjZAGDt4x/wAdMGDibNUbe+LC/NwpJYvMq XQ7SLm6juNx4kglz7NuLGM0PWS3/EJpH1CguYWxnADDfPDCgAGJAHZVgpQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFEfK0JG+yh9OJOm0zH12jO74dCWbMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzMDgwYjMxLTg2ODQtNGNlOC1iNGU2LTMzZGI2M2QxMzYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+AYDANBgkqhkiG9w0BAQsFAAOCAQEAdEE4DD7xM4gNk6a4WiXj pRx8MNZ+M/LXoAkkXUUMadBOzv6iHvgzgT3EDJmDHBMUWU9GbVUNBOpiBB+iNq36 1asl/OsRkVS282ZzOCKB7FKxakFx/ysJ4rIzK1KbQpXRpMXt26BsXMI+zIZ+zEzA lYBfqHCcIR32tYPPW8u1Rg8lBDzKS+yxbL37UvzhDJa5hzqEsVq57hAb/AE8pjEA neTYALNqoOmlb2aUg25nYyrx1opzeS3YdVglwjQ9iiU26G7FIvTVjWs1imeiBmmv 9z/vSgSudFkruNd9nIJP2a0olfv0RDCRzuXeDtn/o4NdOP1+KXqJbdR/071TrPMI uA== -----END CERTIFICATE-----Generated at Tue Aug 5 16:37:17 2025 by rpki-client