$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: HGRJwb019bwzI7gQIcqOaIRu9MInnueIms3O9DPTCbk= Subject key identifier: B6:2E:0B:D6:85:84:15:65:72:C0:6B:17:0E:43:94:19:D7:C2:0F:43 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5D36FAAE4A14488CFFE454BAAAF6099D60B6ECAF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Sat 14 Jun 2025 00:00:11 +0000 ROA not before: Sat 14 Jun 2025 00:00:11 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:36:fa:ae:4a:14:48:8c:ff:e4:54:ba:aa:f6:09:9d:60:b6:ec:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:11 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=3304436bdb4c0c8a894a30e834becfce7eeeea04df1fe1908fa106962c715ad2, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:48:c3:6d:75:da:38:3b:26:0e:f5:fd:8e:d5: 9c:fc:44:fc:ba:0b:35:18:56:ca:25:af:10:9b:1b: e0:4c:a0:2c:41:37:d1:97:68:22:c3:62:81:41:75: c5:b3:76:4f:24:2f:a4:0b:8e:68:75:35:5f:64:6a: b1:02:63:16:b5:fa:02:04:33:a3:49:14:ad:d0:57: 24:29:d9:b0:8f:c6:d9:70:55:08:90:ea:97:41:85: 66:dd:ab:b5:cc:e9:d1:05:35:0d:f9:d2:0a:b6:c8: 10:f1:ef:60:a5:dc:6a:6f:73:d7:29:30:13:cb:a3: ea:ec:31:83:cb:38:ae:1f:a6:1d:65:d8:9a:d1:bc: 9e:04:a0:a7:28:3d:8c:d1:25:66:9e:50:4b:5d:64: 36:7a:80:30:2b:f8:5a:2a:b6:8d:ba:66:7e:59:d2: 03:f3:66:55:25:ec:ef:14:9a:90:60:49:d0:30:0c: da:51:2a:17:88:14:86:54:ef:29:34:90:d2:be:72: a1:95:04:07:3b:dd:f9:18:b0:15:dc:6a:24:9e:ca: f0:9a:95:2a:68:67:13:6b:fc:f6:29:ee:2f:cf:4c: 8c:98:5b:7d:f1:12:66:50:31:8e:2a:87:da:e1:f7: ff:17:15:2b:6a:80:7c:0f:64:6a:6f:0d:14:6b:39: 25:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:2E:0B:D6:85:84:15:65:72:C0:6B:17:0E:43:94:19:D7:C2:0F:43 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:d0:85:12:99:24:cd:6c:d1:1f:1a:38:bd:b6:23:b3:cd:36: 96:52:b2:af:17:7c:95:1d:43:71:10:9f:9e:c8:77:e4:f6:82: eb:f3:e3:5a:77:da:a2:e7:7e:81:fd:e0:53:72:8a:0e:77:03: 53:dd:91:1f:26:ab:d3:c8:c6:1a:94:44:7a:8a:86:88:3a:a2: ad:c7:7e:e4:ca:51:4f:54:ec:3a:cd:e4:99:a5:b7:be:e3:49: 15:08:cd:c4:ca:de:cd:88:68:95:15:3a:48:a5:43:8f:ae:6c: b8:9b:aa:71:e1:94:b6:62:22:9a:34:8a:d3:b2:f8:31:42:02: 39:34:2b:22:24:40:af:aa:c0:90:9b:56:0b:72:eb:cb:a4:85: 91:7c:b2:52:8a:ed:01:f5:a9:22:1f:4d:44:30:28:1d:d4:9f: ca:00:52:9c:c4:a3:56:48:22:61:f1:c7:ed:d7:b0:6f:a3:11: b9:5e:c6:b0:88:f1:39:dd:0e:53:c0:c1:69:3e:04:df:11:6d: 25:bc:60:ef:54:69:3b:ac:f4:fb:17:62:4a:aa:aa:4c:b3:83: a9:98:8a:55:fe:ed:b1:7a:3e:dd:22:02:ee:b7:05:33:66:ce: 39:ba:2f:90:6f:12:ef:fc:ad:a8:50:4a:5d:4e:76:ce:71:f8: 2e:d0:b6:67 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXTb6rkoUSIz/5FS6qvYJnWC27K8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAxMVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAMzMwNDQzNmJkYjRjMGM4YTg5NGEz MGU4MzRiZWNmY2U3ZWVlZWEwNGRmMWZlMTkwOGZhMTA2OTYyYzcxNWFkMjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskjDbXXaODsmDvX9jtWc/ET8ugs1 GFbKJa8QmxvgTKAsQTfRl2giw2KBQXXFs3ZPJC+kC45odTVfZGqxAmMWtfoCBDOj SRSt0FckKdmwj8bZcFUIkOqXQYVm3au1zOnRBTUN+dIKtsgQ8e9gpdxqb3PXKTAT y6Pq7DGDyziuH6YdZdia0byeBKCnKD2M0SVmnlBLXWQ2eoAwK/haKraNumZ+WdID 82ZVJezvFJqQYEnQMAzaUSoXiBSGVO8pNJDSvnKhlQQHO935GLAV3GoknsrwmpUq aGcTa/z2Ke4vz0yMmFt98RJmUDGOKofa4ff/FxUraoB8D2Rqbw0UazklnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLYuC9aFhBVlcsBrFw5DlBnXwg9DMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBACzQhRKZJM1s0R8aOL22 I7PNNpZSsq8XfJUdQ3EQn57Id+T2guvz41p32qLnfoH94FNyig53A1PdkR8mq9PI xhqURHqKhog6oq3HfuTKUU9U7DrN5Jmlt77jSRUIzcTK3s2IaJUVOkilQ4+ubLib qnHhlLZiIpo0itOy+DFCAjk0KyIkQK+qwJCbVgty68ukhZF8slKK7QH1qSIfTUQw KB3Un8oAUpzEo1ZIImHxx+3XsG+jEblexrCI8TndDlPAwWk+BN8RbSW8YO9UaTus 9PsXYkqqqkyzg6mYilX+7bF6Pt0iAu63BTNmzjm6L5BvEu/8rahQSl1Ods5x+C7Q tmc= -----END CERTIFICATE-----Generated at Sat Jun 14 06:02:10 2025 by rpki-client