$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: 7u1as0KJ3A2M+hsuC+GuGuQCyscq6HIjCJKP0u1bh28= Subject key identifier: BC:25:D4:9B:BB:88:C9:CF:99:CB:92:DB:F0:A9:13:D0:C0:DD:7D:A7 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 18BD3459031625892219617D258FE6CC2C955607 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Fri 01 Aug 2025 00:50:03 +0000 ROA not before: Fri 01 Aug 2025 00:50:03 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:bd:34:59:03:16:25:89:22:19:61:7d:25:8f:e6:cc:2c:95:56:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 1 00:50:03 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=14295763332b864b3f0b7ab983a191a0e2e0148a73eb8605ddd32e333049acb0, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:22:3f:ca:e4:42:98:31:d3:96:6d:3e:31:25: 23:9a:62:3b:f0:79:13:9d:de:25:c5:a9:d7:b4:bc: a5:a3:68:81:1f:d1:15:08:8b:0f:a5:dc:85:30:e6: b5:c6:41:b3:cf:bc:70:cb:3c:83:6f:3e:e8:60:12: ac:53:b2:ae:b2:b4:eb:bb:4b:93:5e:98:f0:99:ff: ee:81:12:56:b0:40:0e:f1:8d:cf:4d:fa:e8:0e:77: 73:7e:dd:9b:15:95:64:84:c6:93:ef:a3:ee:20:5f: 88:6f:af:a2:b8:8c:73:0d:d7:47:73:f8:08:50:7f: 49:a7:31:5f:3e:9d:6e:23:f4:6b:36:12:0e:1b:71: f3:a3:6e:61:39:b6:58:0b:12:97:b9:f7:9e:af:7e: 88:d7:c0:1a:66:14:f8:35:8c:a9:0d:10:14:e5:ea: a6:e7:16:b6:12:fb:01:5e:51:7c:4c:4c:c4:53:ad: cd:c9:be:b1:ff:d3:dc:93:80:c9:f3:cc:9b:f5:24: 1f:72:41:6d:cd:27:4a:45:26:ec:fe:65:13:33:25: 91:2c:ce:58:d0:a7:d5:6d:57:e4:9c:88:77:d1:16: 73:2c:7f:a3:75:ae:d1:dd:6f:cf:84:c3:a8:46:1a: 7e:d2:c2:b7:63:c4:f3:d1:96:0f:79:55:7a:97:8e: 8e:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:25:D4:9B:BB:88:C9:CF:99:CB:92:DB:F0:A9:13:D0:C0:DD:7D:A7 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 46:2c:5e:ff:de:90:a7:19:10:f6:05:f1:a2:63:3a:32:d2:ba: 47:58:fc:fd:e0:54:e2:71:b3:10:4a:71:ee:b2:ce:d0:cf:fc: 82:28:c6:4b:ad:06:61:f4:3e:96:41:22:b5:90:6e:41:44:b7: 4e:ab:43:c3:0c:b7:87:93:df:e1:b2:94:06:a0:cd:69:34:2e: a9:17:2b:78:9e:7a:10:90:20:bf:79:48:4d:88:36:c7:4a:cf: 95:c1:37:39:51:c9:2c:91:70:5b:50:7a:1d:ce:67:4c:32:6f: c0:cb:75:83:d9:b9:a6:58:30:16:91:75:ff:4d:a5:17:a8:6a: f6:92:10:ba:33:b6:e7:8e:57:17:9e:30:8d:cf:12:2a:cc:f7: 36:76:03:11:6b:20:f6:85:2e:90:99:f7:ea:65:d9:cc:9a:65: 94:02:fe:05:df:79:ad:bc:d0:5e:b8:2e:80:9d:0e:21:11:7f: 15:e3:12:50:83:52:78:b4:91:2e:cd:fc:e7:b5:9c:e3:c8:e0: e2:d4:51:08:4b:84:dd:9d:0f:96:9f:c0:cb:98:0a:99:7d:74: 1f:66:c5:3c:c9:44:eb:e8:25:b0:c5:92:d5:bf:ca:e1:df:8f: 27:2f:d6:4b:ee:73:1c:2a:6e:dc:c1:97:74:f3:66:e6:e5:ea: fa:11:49:12 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGL00WQMWJYkiGWF9JY/mzCyVVgcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwMTAwNTAwM1oX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAMTQyOTU3NjMzMzJiODY0YjNmMGI3 YWI5ODNhMTkxYTBlMmUwMTQ4YTczZWI4NjA1ZGRkMzJlMzMzMDQ5YWNiMDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SI/yuRCmDHTlm0+MSUjmmI78HkT nd4lxanXtLylo2iBH9EVCIsPpdyFMOa1xkGzz7xwyzyDbz7oYBKsU7KusrTru0uT Xpjwmf/ugRJWsEAO8Y3PTfroDndzft2bFZVkhMaT76PuIF+Ib6+iuIxzDddHc/gI UH9JpzFfPp1uI/RrNhIOG3Hzo25hObZYCxKXufeer36I18AaZhT4NYypDRAU5eqm 5xa2EvsBXlF8TEzEU63Nyb6x/9Pck4DJ88yb9SQfckFtzSdKRSbs/mUTMyWRLM5Y 0KfVbVfknIh30RZzLH+jda7R3W/PhMOoRhp+0sK3Y8Tz0ZYPeVV6l46O+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLwl1Ju7iMnPmcuS2/CpE9DA3X2nMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBAEYsXv/ekKcZEPYF8aJj OjLSukdY/P3gVOJxsxBKce6yztDP/IIoxkutBmH0PpZBIrWQbkFEt06rQ8MMt4eT 3+GylAagzWk0LqkXK3ieehCQIL95SE2INsdKz5XBNzlRySyRcFtQeh3OZ0wyb8DL dYPZuaZYMBaRdf9NpReoavaSELoztueOVxeeMI3PEirM9zZ2AxFrIPaFLpCZ9+pl 2cyaZZQC/gXfea280F64LoCdDiERfxXjElCDUni0kS7N/Oe1nOPI4OLUUQhLhN2d D5afwMuYCpl9dB9mxTzJROvoJbDFktW/yuHfjycv1kvucxwqbtzBl3TzZubl6voR SRI= -----END CERTIFICATE-----Generated at Mon Aug 4 21:36:44 2025 by rpki-client