$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json) Hash identifier: cyhgPcJKf25tvM9NGkXjDAiyZ/Hu2dtUkpIG71l2qj4= Subject key identifier: 68:D3:3B:A2:08:30:9A:82:14:8A:3C:28:CA:13:54:AB:85:25:D4:C6 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 763CFDCB2C0A554C3ACE8E88039FDB236F60D49E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa Signing time: Mon 04 Aug 2025 15:00:36 +0000 ROA not before: Mon 04 Aug 2025 15:00:36 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:3c:fd:cb:2c:0a:55:4c:3a:ce:8e:88:03:9f:db:23:6f:60:d4:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:36 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=634a0f39f9189288b8d05a5bb67529e7e187e51e2527dd96008271a9b64711eb, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:9f:d2:2e:3c:d7:20:bc:69:d4:40:eb:08:87: e3:47:23:ad:69:1b:dd:5e:f9:a1:27:d4:44:cd:f1: a9:5b:47:83:8f:2e:e6:d9:c7:8c:03:3d:e2:5b:c4: 3b:f5:f4:55:36:4e:67:2c:42:d9:ec:4d:4c:61:38: 15:b3:67:ab:86:48:fc:ac:88:b0:ff:cf:00:bf:4f: 9a:d3:b6:60:68:dd:95:30:4c:a5:87:e8:23:c6:65: 16:9d:6a:2a:a9:db:cd:3d:c1:32:67:85:cc:b4:28: bf:16:1d:d8:31:f9:60:dd:e8:3d:1e:e2:7f:34:9a: bc:a0:4b:53:6e:69:58:ea:88:a1:8d:ba:75:aa:07: 9b:85:51:21:d7:8e:59:d3:c3:7f:ca:4e:f4:dd:a0: 01:1a:26:24:71:2d:8a:15:67:a8:e4:ff:4b:27:3d: c5:7f:0a:18:a0:2c:40:df:a3:66:25:00:fa:1b:41: 0d:b4:f9:ef:4a:d2:81:ea:93:d9:5d:04:3c:1b:f1: 2a:e2:a0:32:bf:f7:a0:b7:2c:bc:c3:3f:ae:52:6d: 38:0a:ad:68:09:f8:50:d3:4a:f2:0f:64:04:2c:85: fb:be:c6:2c:ce:a8:f9:03:20:b1:bc:64:50:90:59: d1:84:45:08:da:f4:de:61:32:a7:98:c0:71:60:3e: 56:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:D3:3B:A2:08:30:9A:82:14:8A:3C:28:CA:13:54:AB:85:25:D4:C6 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:40c0::/48 Signature Algorithm: sha256WithRSAEncryption b4:22:80:82:c8:b5:1e:fd:be:60:ce:e7:3e:24:ee:57:8b:75: be:ca:40:ba:f8:2e:4a:32:fc:62:47:58:95:1e:b6:d4:a8:bc: d2:87:3a:3a:31:20:6c:bc:3e:79:9e:8a:34:17:15:96:1d:b7: d7:ec:39:43:c0:c2:e6:bc:24:11:85:de:eb:d3:ba:c9:50:4a: 6d:cb:40:46:1d:7b:20:af:5d:34:7c:a8:12:75:c8:a4:61:d7: 98:bc:8f:71:50:0f:b2:14:7a:65:5d:47:dd:8b:ee:b4:68:26: fd:6a:79:9a:d7:dc:32:3b:21:cb:d2:43:37:17:d2:25:65:37: c3:eb:b4:df:3b:fb:4b:3b:2d:b5:ef:fb:9a:71:7e:d7:95:45: 0d:9b:1f:a3:56:1a:af:fa:89:cb:91:8e:bd:28:64:32:2b:bf: ce:68:03:76:01:92:a4:78:3d:5f:ce:4b:36:cf:3a:17:12:ca: 2f:82:6a:7f:cc:e5:ea:be:47:d3:45:c8:36:92:d1:99:f9:5c: ec:0f:e2:87:14:e4:89:8f:b5:4f:40:a2:d7:91:b9:ac:6c:74: 4e:f9:58:5c:ea:dc:0e:d2:81:a0:94:45:a7:9f:d8:21:e3:93: 4b:41:a8:e6:cb:f4:01:32:cc:97:52:04:05:b0:98:35:91:89: 2d:6e:eb:b7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdjz9yywKVUw6zo6IA5/bI29g1J4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDAzNloX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNANjM0YTBmMzlmOTE4OTI4OGI4ZDA1 YTViYjY3NTI5ZTdlMTg3ZTUxZTI1MjdkZDk2MDA4MjcxYTliNjQ3MTFlYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp/SLjzXILxp1EDrCIfjRyOtaRvd XvmhJ9REzfGpW0eDjy7m2ceMAz3iW8Q79fRVNk5nLELZ7E1MYTgVs2erhkj8rIiw /88Av0+a07ZgaN2VMEylh+gjxmUWnWoqqdvNPcEyZ4XMtCi/Fh3YMflg3eg9HuJ/ NJq8oEtTbmlY6oihjbp1qgebhVEh145Z08N/yk703aABGiYkcS2KFWeo5P9LJz3F fwoYoCxA36NmJQD6G0ENtPnvStKB6pPZXQQ8G/Eq4qAyv/egtyy8wz+uUm04Cq1o CfhQ00ryD2QELIX7vsYszqj5AyCxvGRQkFnRhEUI2vTeYTKnmMBxYD5W+QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGjTO6IIMJqCFIo8KMoTVKuFJdTGMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQC0IoCCyLUe/b5gzuc+ JO5Xi3W+ykC6+C5KMvxiR1iVHrbUqLzShzo6MSBsvD55noo0FxWWHbfX7DlDwMLm vCQRhd7r07rJUEpty0BGHXsgr100fKgSdcikYdeYvI9xUA+yFHplXUfdi+60aCb9 anma19wyOyHL0kM3F9IlZTfD67TfO/tLOy217/uacX7XlUUNmx+jVhqv+onLkY69 KGQyK7/OaAN2AZKkeD1fzks2zzoXEsovgmp/zOXqvkfTRcg2ktGZ+VzsD+KHFOSJ j7VPQKLXkbmsbHRO+Vhc6twO0oGglEWnn9gh45NLQajmy/QBMsyXUgQFsJg1kYkt buu3 -----END CERTIFICATE-----Generated at Mon Aug 4 21:29:14 2025 by rpki-client