$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json) Hash identifier: wDi4sogcVzRPCgl+Nv9O4vsRXNV7PI8TUVbvm1wOAqE= Subject key identifier: D1:40:59:6A:A0:E0:3F:C9:89:E2:FD:4E:5F:19:CB:74:35:E7:DE:C1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0FF2E31DF3017B4BC1EFF409BE1687CFF395C366 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa Signing time: Tue 10 Jun 2025 16:00:09 +0000 ROA not before: Tue 10 Jun 2025 16:00:09 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:f2:e3:1d:f3:01:7b:4b:c1:ef:f4:09:be:16:87:cf:f3:95:c3:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 10 16:00:09 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=2ff9c6084437e1bdff2ef3b58dfef21790d21eca586ad471b0c14892ac54f7d1, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:48:29:5a:6d:88:83:cb:c9:7e:b2:6b:81:fc: f1:eb:16:c6:6f:7f:2f:3a:aa:d6:74:8a:d6:a9:c4: b0:29:fa:8c:3a:e0:52:df:28:3d:50:f6:e1:6f:a7: 5a:74:9c:12:8c:08:f3:81:85:6a:62:05:0a:57:4e: ef:79:f1:27:fd:2a:d6:c3:89:f5:ae:fe:d4:77:61: a1:98:6e:49:7b:56:eb:f7:40:0b:2f:be:4d:4d:3b: c8:a8:d1:44:fd:3f:57:f3:dc:81:6a:ba:f4:15:5b: 8a:1d:7b:12:bb:82:cc:7c:a6:d8:3e:89:40:27:13: 52:98:bf:f1:8e:b0:a5:de:c1:29:69:06:f0:0c:62: 86:88:68:8a:a1:53:5a:19:60:4b:ed:1e:26:d8:78: 41:d3:03:7a:be:bd:8c:34:7b:fa:f5:2c:9c:4b:65: 61:ef:4f:7b:7f:9f:d4:24:e8:7b:c5:3a:2d:6c:56: b7:85:e8:5d:9b:df:89:96:0f:a3:a5:16:1f:46:4b: ab:44:86:5b:28:56:b8:12:d0:bc:fa:d4:82:78:36: 6c:f3:2e:81:f8:2e:57:e2:1d:b4:fb:86:6c:38:83: fd:1f:5f:87:f2:8f:15:50:cf:f9:e1:7b:eb:81:b7: 3f:4c:32:5c:63:25:fa:1f:de:10:2f:c4:63:4a:03: 0c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:40:59:6A:A0:E0:3F:C9:89:E2:FD:4E:5F:19:CB:74:35:E7:DE:C1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fe:4000::/40 Signature Algorithm: sha256WithRSAEncryption 57:be:77:df:c8:24:ad:74:96:62:c5:a4:27:61:8e:19:c1:31: f3:e0:88:bb:eb:ce:dc:7a:36:e9:16:f1:9a:81:69:4d:88:b3: 56:25:5c:63:f8:5e:82:e5:e7:56:a0:25:43:42:1d:a0:e4:a6: 3a:5e:7c:dc:da:51:eb:c9:85:f3:31:1d:93:88:58:a7:0a:fa: ac:06:a9:ab:7d:33:6f:90:c3:1f:65:2a:5f:9b:87:c6:d9:bf: aa:51:9d:d6:a3:f5:8a:e0:a2:0b:52:5a:ba:31:0f:6e:8f:32: 59:c5:ac:f3:ab:9b:04:75:f1:97:41:33:33:0f:e8:0b:f7:60: 27:c1:92:f9:11:0f:d9:59:5f:2d:4f:2e:b9:ad:97:9f:1b:f1: dc:96:7c:6e:56:c0:1a:13:01:23:42:a3:44:99:9f:c7:b1:13: 66:09:1d:fc:18:96:e6:ae:32:27:86:ab:fa:fa:7e:02:f3:29: 7f:01:72:90:67:57:65:88:7f:d3:ca:87:14:5d:a2:eb:2b:b5: b8:ca:af:de:1e:2a:02:1e:8b:47:51:74:14:2d:80:27:8d:7b: 31:83:d1:cf:92:4a:ed:04:db:07:9f:ff:f8:f3:fd:d1:78:0a: 93:79:c0:dc:6b:af:82:dc:4b:6f:22:75:2d:c9:e7:ec:b2:3a: 33:e8:51:bc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD/LjHfMBe0vB7/QJvhaHz/OVw2YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxMDE2MDAwOVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMmZmOWM2MDg0NDM3ZTFiZGZmMmVm M2I1OGRmZWYyMTc5MGQyMWVjYTU4NmFkNDcxYjBjMTQ4OTJhYzU0ZjdkMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EgpWm2Ig8vJfrJrgfzx6xbGb38v OqrWdIrWqcSwKfqMOuBS3yg9UPbhb6dadJwSjAjzgYVqYgUKV07vefEn/SrWw4n1 rv7Ud2GhmG5Je1br90ALL75NTTvIqNFE/T9X89yBarr0FVuKHXsSu4LMfKbYPolA JxNSmL/xjrCl3sEpaQbwDGKGiGiKoVNaGWBL7R4m2HhB0wN6vr2MNHv69SycS2Vh 7097f5/UJOh7xTotbFa3hehdm9+Jlg+jpRYfRkurRIZbKFa4EtC8+tSCeDZs8y6B +C5X4h20+4ZsOIP9H1+H8o8VUM/54Xvrgbc/TDJcYyX6H94QL8RjSgMMKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNFAWWqg4D/JieL9Tl8Zy3Q1597BMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBAFe+d9/IJK10lmLFpCdh jhnBMfPgiLvrztx6NukW8ZqBaU2Is1YlXGP4XoLl51agJUNCHaDkpjpefNzaUevJ hfMxHZOIWKcK+qwGqat9M2+Qwx9lKl+bh8bZv6pRndaj9YrgogtSWroxD26PMlnF rPOrmwR18ZdBMzMP6Av3YCfBkvkRD9lZXy1PLrmtl58b8dyWfG5WwBoTASNCo0SZ n8exE2YJHfwYluauMieGq/r6fgLzKX8BcpBnV2WIf9PKhxRdousrtbjKr94eKgIe i0dRdBQtgCeNezGD0c+SSu0E2wef//jz/dF4CpN5wNxrr4LcS28idS3J5+yyOjPo Ubw= -----END CERTIFICATE-----Generated at Sat Jun 14 05:50:43 2025 by rpki-client