$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: 5jq2dfL6bI0xRAx2nXQg/zw9gQsLj/bej8qp+JV4908= Subject key identifier: 3F:F0:BD:63:31:5F:81:EB:A9:82:8D:2A:D2:5B:E7:94:D8:08:2C:0E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 344C40AABC8B8DCF8CD75A4EC14B86861C9E0331 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Mon 04 Aug 2025 15:00:40 +0000 ROA not before: Mon 04 Aug 2025 15:00:40 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:4c:40:aa:bc:8b:8d:cf:8c:d7:5a:4e:c1:4b:86:86:1c:9e:03:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:40 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=4159c45e3091691d89f585fc3c305570c658c16c0da9586eed70d7930cec73e7, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:2f:13:9f:f8:69:0b:a0:a7:2d:91:c9:69:a3: f1:17:bd:75:11:bf:fe:66:5a:79:95:2a:d1:c3:f3: a1:72:2a:05:0e:84:88:40:3c:28:a4:37:2a:f5:b7: e2:a0:48:d9:a1:a7:04:5c:82:d4:bc:0a:27:b2:a0: fa:3a:47:28:2d:33:d4:41:3a:fd:93:c0:90:31:61: 33:a8:a4:64:7a:b3:ef:c2:37:2c:d4:f3:e0:0d:23: b9:b4:f8:07:a2:c1:0c:bf:34:83:ee:2a:41:54:dc: 20:a9:4b:22:c5:71:5a:9e:84:8d:b4:a9:5a:d7:69: 6f:2e:82:28:f6:2e:15:ff:34:92:09:f3:93:c6:33: 4f:d7:27:99:b5:de:45:e5:51:bd:45:9f:73:b3:1a: 96:3f:a4:95:06:f4:e8:fe:b7:db:69:3b:e9:fa:b5: 4b:4d:85:00:f7:c7:2e:21:4b:ce:b5:38:15:0b:99: c0:0c:37:4d:02:71:4e:3c:d8:5c:25:e8:7b:12:59: 52:87:d0:34:6c:a8:07:d2:41:07:0e:18:d4:1f:07: af:c8:d2:99:e1:4e:c5:2c:03:1d:9b:80:72:5b:49: f3:2d:ff:72:f7:cb:85:51:8a:a8:b5:a8:31:8e:29: ae:75:b7:66:90:49:14:5a:82:c7:e5:d9:38:5a:5b: 3a:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:F0:BD:63:31:5F:81:EB:A9:82:8D:2A:D2:5B:E7:94:D8:08:2C:0E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:55:19:d5:39:8f:a5:a9:8f:6a:92:fe:d6:33:43:78:65:6c: bc:1f:a8:6d:b4:c8:52:b4:ec:5b:d7:a9:75:1e:5c:ca:5d:dc: 72:e7:6d:2c:32:9c:a8:41:a6:c1:66:52:d0:9e:96:f3:e7:d6: fb:55:a9:53:d1:3e:cf:15:3d:61:20:a1:88:10:38:09:14:47: b7:13:43:3b:4b:b3:ef:a0:84:54:a5:3d:e6:38:02:42:6f:3c: 50:30:c6:71:5f:a6:b4:82:58:81:d0:56:b8:0d:7b:39:2e:35: f8:3b:df:33:43:95:3e:91:2b:0a:26:b1:e8:97:fe:2a:b4:a3: c7:ee:22:7a:6a:72:96:ce:0a:8f:bd:4c:37:1b:6f:6f:c1:57: c0:0b:ce:1f:63:bd:3c:40:94:4b:4f:be:66:ab:8a:af:70:ec: 66:8a:8a:41:78:85:a0:0f:b3:f8:0e:dc:03:ac:be:13:15:84: 2f:7b:ce:a6:1b:65:dd:23:02:00:c8:51:cf:3b:df:b3:bf:73: b1:f1:20:41:d0:4b:d6:55:13:b7:8f:0f:7e:2a:3e:ef:bc:81: 0f:b6:0d:7c:60:7d:89:4f:01:c8:a8:90:58:95:a0:5d:42:4d: ac:04:a2:37:f5:5b:eb:88:12:89:26:e6:2f:07:8b:0f:09:83: 5c:b8:b1:86 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNExAqryLjc+M11pOwUuGhhyeAzEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA0MFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNANDE1OWM0NWUzMDkxNjkxZDg5ZjU4 NWZjM2MzMDU1NzBjNjU4YzE2YzBkYTk1ODZlZWQ3MGQ3OTMwY2VjNzNlNzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky8Tn/hpC6CnLZHJaaPxF711Eb/+ Zlp5lSrRw/OhcioFDoSIQDwopDcq9bfioEjZoacEXILUvAonsqD6OkcoLTPUQTr9 k8CQMWEzqKRkerPvwjcs1PPgDSO5tPgHosEMvzSD7ipBVNwgqUsixXFanoSNtKla 12lvLoIo9i4V/zSSCfOTxjNP1yeZtd5F5VG9RZ9zsxqWP6SVBvTo/rfbaTvp+rVL TYUA98cuIUvOtTgVC5nADDdNAnFOPNhcJeh7EllSh9A0bKgH0kEHDhjUHwevyNKZ 4U7FLAMdm4ByW0nzLf9y98uFUYqotagxjimudbdmkEkUWoLH5dk4Wls6ywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD/wvWMxX4HrqYKNKtJb55TYCCwOMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBACxVGdU5j6Wpj2qS/tYz Q3hlbLwfqG20yFK07FvXqXUeXMpd3HLnbSwynKhBpsFmUtCelvPn1vtVqVPRPs8V PWEgoYgQOAkUR7cTQztLs++ghFSlPeY4AkJvPFAwxnFfprSCWIHQVrgNezkuNfg7 3zNDlT6RKwomseiX/iq0o8fuInpqcpbOCo+9TDcbb2/BV8ALzh9jvTxAlEtPvmar iq9w7GaKikF4haAPs/gO3AOsvhMVhC97zqYbZd0jAgDIUc8737O/c7HxIEHQS9ZV E7ePD34qPu+8gQ+2DXxgfYlPAciokFiVoF1CTawEojf1W+uIEokm5i8Hiw8Jg1y4 sYY= -----END CERTIFICATE-----Generated at Mon Aug 4 21:47:47 2025 by rpki-client