$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ab4ad185-2bfb-4281-9e23-00a2ab4b6e8f.roa File: ab4ad185-2bfb-4281-9e23-00a2ab4b6e8f.roa (raw, json) Hash identifier: /XASK1cw3xdeMhMA6VeqDvP0trl8jpabNF/tCBElYAs= Subject key identifier: 06:D5:12:26:BF:DA:41:1E:80:F4:EE:28:30:6A:40:DD:72:0F:25:E3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 62DCBBF429C32ABAFEEBCE62C83A0D715D7EFCAB Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ab4ad185-2bfb-4281-9e23-00a2ab4b6e8f.roa Signing time: Sat 14 Jun 2025 00:00:05 +0000 ROA not before: Sat 14 Jun 2025 00:00:05 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:dc:bb:f4:29:c3:2a:ba:fe:eb:ce:62:c8:3a:0d:71:5d:7e:fc:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:05 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=70e35c06c7987e5b780e3b99204aab642a0936e516e304773d263da6a70c52b8, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:51:ba:8b:7f:24:f2:0b:7f:7c:a4:0d:0d:4c: f9:b1:e8:4f:5c:fd:f4:75:46:89:a2:6a:bc:50:2f: 19:26:bd:96:55:33:96:7c:e9:d1:2d:7a:e4:63:1f: 9c:4f:bb:eb:82:84:c3:86:9e:79:9c:dc:89:7f:b6: 86:10:75:21:db:ad:97:49:5f:d1:26:09:25:0c:e1: 26:d4:3e:1d:d0:f4:13:01:66:97:dd:9f:e7:d5:1e: e3:1c:3e:67:f5:c2:07:f4:4e:30:4e:b6:93:1e:90: 69:1e:66:9c:22:4e:e1:02:59:33:b2:d0:ad:0b:eb: 5b:05:7a:9c:a4:d8:2e:82:24:fc:e8:3e:b2:4d:f2: 11:e4:18:13:a5:0b:06:07:b0:47:68:f9:f5:13:d7: 4f:4c:73:66:78:1e:2e:76:06:eb:a2:b9:8e:b9:86: 8b:11:3d:77:75:54:54:70:78:72:b9:03:ac:e9:1f: 6f:74:fe:dc:64:6f:de:53:c6:30:78:d5:53:87:2f: c9:1a:da:83:6d:33:61:12:22:93:12:3d:b4:ec:20: ea:f3:1d:93:66:db:22:45:2c:05:92:36:23:dd:51: 49:89:ae:a1:1e:8b:31:df:94:5b:02:0d:d2:96:6f: e7:04:01:58:84:2d:ff:21:ce:06:b5:1b:15:03:71: 8d:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:D5:12:26:BF:DA:41:1E:80:F4:EE:28:30:6A:40:DD:72:0F:25:E3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ab4ad185-2bfb-4281-9e23-00a2ab4b6e8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8020::/48 Signature Algorithm: sha256WithRSAEncryption 59:2c:74:e5:e3:c0:f7:6a:62:9e:76:30:1a:a5:d9:a1:c5:a5: 22:ba:7d:97:91:ff:16:0f:0b:5c:ea:1a:57:17:dc:c9:f3:f9: 46:27:2d:a1:41:90:f7:aa:20:c7:18:81:8c:f5:20:78:75:bd: 3f:62:9f:76:71:cd:46:8e:01:c4:4c:ec:d6:db:86:a3:c0:1c: e7:4a:7a:61:b9:2e:8c:5e:60:0e:66:b4:92:09:8e:fd:d7:1f: 6a:14:c5:66:96:d5:d7:d8:59:53:5b:d4:7e:49:d1:5c:bd:30: 6c:df:e7:19:34:e6:47:b5:d5:5a:09:ec:e8:28:e8:d4:ae:4a: 3d:51:8e:5a:1f:5b:7d:5d:6d:7e:f6:42:eb:a4:92:f7:af:92: cc:33:89:f6:c9:04:3c:62:2a:61:04:7d:64:d7:2b:7e:d9:60: 92:38:e9:e6:80:07:ab:30:ee:56:0c:31:1f:0f:23:1e:5b:dc: e9:e7:c4:48:49:bd:1a:37:6a:5c:fd:8c:d9:f1:ea:05:f9:df: 9a:b6:c5:79:3d:94:7d:83:c8:11:7a:df:af:ee:f7:ea:63:ee: a1:a9:80:c3:51:ac:ad:63:7e:7a:72:5d:a9:a5:ad:5a:f4:8b: 2c:cd:83:5d:d9:ac:06:34:13:e1:9e:15:2c:66:9c:e3:d1:06: 8f:c7:fe:2e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYty79CnDKrr+685iyDoNcV1+/KswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAwNVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNANzBlMzVjMDZjNzk4N2U1Yjc4MGUz Yjk5MjA0YWFiNjQyYTA5MzZlNTE2ZTMwNDc3M2QyNjNkYTZhNzBjNTJiODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1G6i38k8gt/fKQNDUz5sehPXP30 dUaJomq8UC8ZJr2WVTOWfOnRLXrkYx+cT7vrgoTDhp55nNyJf7aGEHUh262XSV/R JgklDOEm1D4d0PQTAWaX3Z/n1R7jHD5n9cIH9E4wTraTHpBpHmacIk7hAlkzstCt C+tbBXqcpNgugiT86D6yTfIR5BgTpQsGB7BHaPn1E9dPTHNmeB4udgbrormOuYaL ET13dVRUcHhyuQOs6R9vdP7cZG/eU8YweNVThy/JGtqDbTNhEiKTEj207CDq8x2T ZtsiRSwFkjYj3VFJia6hHosx35RbAg3Slm/nBAFYhC3/Ic4GtRsVA3GNvQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAbVEia/2kEegPTuKDBqQN1yDyXjMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2FiNGFkMTg1LTJiZmItNDI4MS05ZTIzLTAwYTJhYjRiNmU4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4AgMA0GCSqGSIb3DQEBCwUAA4IBAQBZLHTl48D3amKedjAa pdmhxaUiun2Xkf8WDwtc6hpXF9zJ8/lGJy2hQZD3qiDHGIGM9SB4db0/Yp92cc1G jgHETOzW24ajwBznSnphuS6MXmAOZrSSCY791x9qFMVmltXX2FlTW9R+SdFcvTBs 3+cZNOZHtdVaCezoKOjUrko9UY5aH1t9XW1+9kLrpJL3r5LMM4n2yQQ8YiphBH1k 1yt+2WCSOOnmgAerMO5WDDEfDyMeW9zp58RISb0aN2pc/YzZ8eoF+d+atsV5PZR9 g8gRet+v7vfqY+6hqYDDUaytY356cl2ppa1a9IsszYNd2awGNBPhnhUsZpzj0QaP x/4u -----END CERTIFICATE-----Generated at Sat Jun 14 05:49:33 2025 by rpki-client