$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa File: baa1273d-7883-4b5d-8e1c-23ebac490846.roa (raw, json) Hash identifier: eLMEIfBLOltLcvalME1Mp8MC7ezQecqMkGCkwOGE+cI= Subject key identifier: FA:AF:66:CE:22:FE:44:57:45:81:D9:6D:24:53:D1:A7:AC:61:FD:41 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1F7C88196B518CDC79C08C7DB9A8C6DEB9F7A955 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa Signing time: Mon 04 Aug 2025 15:00:38 +0000 ROA not before: Mon 04 Aug 2025 15:00:38 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 15:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:7c:88:19:6b:51:8c:dc:79:c0:8c:7d:b9:a8:c6:de:b9:f7:a9:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:38 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=4c9bc98a03b019193d3a6e0e9d4724a896993c1cff5d949c56fe3637530e0644, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:2b:b8:d0:dc:ca:6c:8b:0e:e4:74:a8:44:55: 62:7c:d2:47:91:db:b7:e2:8b:90:fb:a4:a7:10:01: 14:d7:fb:e6:a1:b5:ee:69:01:a1:ba:13:6a:5e:a6: dd:3e:aa:62:14:ed:9c:db:03:4b:b4:54:7a:db:bc: e0:68:0a:f9:f6:4b:07:47:dc:39:47:75:d3:96:c7: 1f:b4:c3:9d:05:90:05:b3:b3:77:25:94:bd:35:c5: 43:64:d7:41:9b:7e:b2:a6:b6:7f:6f:4f:05:95:95: 5c:30:57:90:b7:02:d4:42:48:8c:63:81:a4:1a:2c: 53:3b:ac:d2:f7:23:75:0b:13:65:09:c6:a9:c9:76: dd:f7:e9:ab:35:4b:40:15:8e:0e:ef:3b:29:d4:dd: a0:68:c3:f2:aa:6c:5f:9b:1b:b5:49:e7:aa:48:a0: 94:34:5b:56:40:f2:f9:ff:c0:85:ea:f9:5a:43:8f: 56:af:43:ec:2d:5a:bb:22:7d:d5:76:1f:3a:76:9b: e7:ad:67:73:0b:9d:b8:21:c9:ef:cb:4a:3f:d1:1b: c9:41:13:2f:06:15:c9:3e:a0:a4:02:c9:2a:c9:1d: 8a:44:48:6b:88:36:a6:a1:f0:e1:5c:1a:7f:6f:8f: a2:8a:68:da:98:60:ba:88:6e:7e:99:ab:13:8d:e2: 6a:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:AF:66:CE:22:FE:44:57:45:81:D9:6D:24:53:D1:A7:AC:61:FD:41 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4040::/48 Signature Algorithm: sha256WithRSAEncryption 7a:cb:3f:7c:32:9d:54:32:4d:f0:f3:90:21:c3:cc:17:7e:2c: f3:31:b4:22:83:3a:84:34:14:3f:b8:28:4a:5f:eb:a2:3b:f2: 4d:92:13:b4:79:ba:a2:48:cd:35:e0:c1:19:7d:dd:89:47:3d: 93:e4:81:20:f1:b9:3c:09:e4:39:9c:18:f9:c3:f3:6a:c1:b1: f3:07:b7:9f:25:7e:6c:0e:31:a1:2d:0a:82:8e:30:c3:c2:34: 3a:ac:b9:f7:8d:9b:37:05:0f:cf:ed:e2:39:12:af:fa:06:6e: 53:08:98:e8:43:5c:b4:c6:41:54:37:28:16:3b:e7:57:ee:e5: 62:43:e6:e8:49:e8:77:bc:b8:af:f8:9e:f0:ac:5e:6d:41:47: 05:77:70:84:40:82:c3:9e:28:37:60:32:34:7f:28:46:cd:65: 8e:07:0f:e5:b5:75:7a:72:ec:cf:f9:1e:a6:e9:a1:f4:c8:5b: 92:22:2c:71:46:68:30:0c:e7:ef:4d:9b:8a:cf:0f:59:54:48: 47:56:d6:0e:45:9d:f7:f0:33:8b:b7:05:8b:c7:d3:b2:1a:2d: 0c:08:b3:97:d8:e9:b3:b0:6c:c5:1f:3b:fc:95:f3:d2:09:c4: 2b:3e:3a:f4:c7:0d:0e:52:c2:05:50:88:a5:a3:92:f0:5c:1f: fa:20:5a:ea -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUH3yIGWtRjNx5wIx9uajG3rn3qVUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAzOFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNANGM5YmM5OGEwM2IwMTkxOTNkM2E2 ZTBlOWQ0NzI0YTg5Njk5M2MxY2ZmNWQ5NDljNTZmZTM2Mzc1MzBlMDY0NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSu40NzKbIsO5HSoRFVifNJHkdu3 4ouQ+6SnEAEU1/vmobXuaQGhuhNqXqbdPqpiFO2c2wNLtFR627zgaAr59ksHR9w5 R3XTlscftMOdBZAFs7N3JZS9NcVDZNdBm36yprZ/b08FlZVcMFeQtwLUQkiMY4Gk GixTO6zS9yN1CxNlCcapyXbd9+mrNUtAFY4O7zsp1N2gaMPyqmxfmxu1SeeqSKCU NFtWQPL5/8CF6vlaQ49Wr0PsLVq7In3Vdh86dpvnrWdzC524Icnvy0o/0RvJQRMv BhXJPqCkAskqyR2KREhriDamofDhXBp/b4+iimjamGC6iG5+masTjeJqZwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPqvZs4i/kRXRYHZbSRT0aesYf1BMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2JhYTEyNzNkLTc4ODMtNGI1ZC04ZTFjLTIzZWJhYzQ5MDg0Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0BAMA0GCSqGSIb3DQEBCwUAA4IBAQB6yz98Mp1UMk3w85Ah w8wXfizzMbQigzqENBQ/uChKX+uiO/JNkhO0ebqiSM014MEZfd2JRz2T5IEg8bk8 CeQ5nBj5w/NqwbHzB7efJX5sDjGhLQqCjjDDwjQ6rLn3jZs3BQ/P7eI5Eq/6Bm5T CJjoQ1y0xkFUNygWO+dX7uViQ+boSeh3vLiv+J7wrF5tQUcFd3CEQILDnig3YDI0 fyhGzWWOBw/ltXV6cuzP+R6m6aH0yFuSIixxRmgwDOfvTZuKzw9ZVEhHVtYORZ33 8DOLtwWLx9OyGi0MCLOX2OmzsGzFHzv8lfPSCcQrPjr0xw0OUsIFUIilo5LwXB/6 IFrq -----END CERTIFICATE-----Generated at Tue Aug 5 21:37:27 2025 by rpki-client