$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa File: c7b491e4-76ae-4305-8132-a670b41c66fd.roa (raw, json) Hash identifier: Y/Qe9rryhqaKcdQ65jS4eaN1QDb4nE9PefB5Qi55IQQ= Subject key identifier: DF:D5:D4:19:0C:82:51:1B:78:57:CE:07:63:A8:D4:54:00:94:BC:EF Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 25F91DD7460D868D9907041D68A9862A95E16B26 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa Signing time: Mon 04 Aug 2025 15:00:37 +0000 ROA not before: Mon 04 Aug 2025 15:00:37 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:f9:1d:d7:46:0d:86:8d:99:07:04:1d:68:a9:86:2a:95:e1:6b:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:37 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=9fff4eceba56e8bc515bd46c6f71f05ccd2548537779b703ee1a6e0a4cb6fb36, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:46:89:0f:df:d9:7d:43:95:b9:c7:ae:1a:58: be:33:ef:00:4c:31:13:7f:b0:e2:a7:da:80:48:9b: 8b:05:e7:06:7a:50:ae:9f:32:e0:68:8e:58:d1:fc: 94:d5:3e:88:e7:47:9a:58:8b:82:3b:d9:e2:38:85: 60:4a:6c:07:8a:46:89:55:2e:5f:dc:20:33:be:31: e3:84:ac:81:13:ff:4b:49:ff:be:62:56:64:8c:13: 7c:de:6c:5c:ae:ff:8d:84:ca:3d:0e:68:65:c7:8c: 18:39:c6:24:a5:5d:c7:76:73:a6:3e:d8:4f:c9:77: 4c:88:78:c3:e9:9e:9f:a1:62:94:14:c1:35:a6:fc: 43:47:d6:79:11:8b:c1:21:4a:fa:91:66:4d:27:56: c0:af:4a:42:45:4e:01:11:07:67:c4:cd:94:7f:f6: dd:bd:1c:c9:b9:03:32:9d:f4:a4:ee:70:a5:aa:d8: 08:a8:fa:5f:bf:19:c7:b3:50:64:68:3d:8e:23:bc: 6e:a8:3f:fd:24:ba:a8:58:94:2c:da:82:25:e5:2e: 7a:59:54:71:f5:5d:70:31:56:0a:95:d5:3b:80:84: 10:c9:d3:21:29:78:18:b0:d0:5a:36:93:f9:64:31: d0:85:d9:59:32:f1:98:bd:d7:67:55:e0:20:6f:51: 2c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:D5:D4:19:0C:82:51:1B:78:57:CE:07:63:A8:D4:54:00:94:BC:EF X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4000::/40 Signature Algorithm: sha256WithRSAEncryption ae:d6:42:d0:3c:5a:cb:3d:31:a1:14:60:45:d8:7e:35:11:a8: b0:ff:b1:ba:41:c2:45:52:82:4f:01:ba:c4:16:50:8b:26:74: 5a:15:67:18:90:0a:21:98:e6:52:a0:18:08:e5:43:fc:9b:61: 9a:18:fd:b2:3d:20:c4:7b:41:c8:99:9c:a1:04:54:56:e1:51: db:a3:44:52:a0:65:39:01:bd:dd:3f:69:2a:69:2b:8f:54:08: 33:21:7f:ef:f7:96:bc:42:82:73:8a:62:72:d6:45:4b:3c:2a: 1c:b9:01:b0:2b:cf:a1:ff:a4:e2:ae:d6:54:f9:97:4e:93:fb: bc:21:39:60:38:08:a7:05:de:07:e3:4b:e0:1c:c1:b1:f2:d3: 37:93:cd:ff:c5:5e:9c:f0:e9:12:7d:f9:35:c0:6b:ba:c5:5f: 09:61:1d:d5:d0:d7:75:e9:ee:47:e8:14:52:0d:d4:da:9a:cb: 57:15:26:0c:0c:9d:65:66:0d:31:99:ce:e4:3a:55:43:b2:02: 17:31:9e:2a:2f:95:0b:51:e1:f5:76:5d:e1:47:93:d8:f1:34: 3b:d5:8c:ef:94:86:63:6e:b5:f7:7f:02:77:d0:09:65:8d:0b: f7:83:4b:e2:1a:cd:9e:9d:77:fd:88:e8:dc:ab:c0:86:fd:ec: 12:bb:c2:1e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJfkd10YNho2ZBwQdaKmGKpXhayYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAzN1oX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAOWZmZjRlY2ViYTU2ZThiYzUxNWJk NDZjNmY3MWYwNWNjZDI1NDg1Mzc3NzliNzAzZWUxYTZlMGE0Y2I2ZmIzNjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykaJD9/ZfUOVuceuGli+M+8ATDET f7Dip9qASJuLBecGelCunzLgaI5Y0fyU1T6I50eaWIuCO9niOIVgSmwHikaJVS5f 3CAzvjHjhKyBE/9LSf++YlZkjBN83mxcrv+NhMo9Dmhlx4wYOcYkpV3HdnOmPthP yXdMiHjD6Z6foWKUFME1pvxDR9Z5EYvBIUr6kWZNJ1bAr0pCRU4BEQdnxM2Uf/bd vRzJuQMynfSk7nClqtgIqPpfvxnHs1BkaD2OI7xuqD/9JLqoWJQs2oIl5S56WVRx 9V1wMVYKldU7gIQQydMhKXgYsNBaNpP5ZDHQhdlZMvGYvddnVeAgb1EsGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN/V1BkMglEbeFfOB2Oo1FQAlLzvMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3YjQ5MWU0LTc2YWUtNDMwNS04MTMyLWE2NzBiNDFjNjZmZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBAK7WQtA8Wss9MaEUYEXY fjURqLD/sbpBwkVSgk8BusQWUIsmdFoVZxiQCiGY5lKgGAjlQ/ybYZoY/bI9IMR7 QciZnKEEVFbhUdujRFKgZTkBvd0/aSppK49UCDMhf+/3lrxCgnOKYnLWRUs8Khy5 AbArz6H/pOKu1lT5l06T+7whOWA4CKcF3gfjS+AcwbHy0zeTzf/FXpzw6RJ9+TXA a7rFXwlhHdXQ13Xp7kfoFFIN1Nqay1cVJgwMnWVmDTGZzuQ6VUOyAhcxniovlQtR 4fV2XeFHk9jxNDvVjO+UhmNutfd/AnfQCWWNC/eDS+IazZ6dd/2I6NyrwIb97BK7 wh4= -----END CERTIFICATE-----Generated at Mon Aug 4 22:10:38 2025 by rpki-client