$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: MJVEBG0yJkqKQjwcD1h90AKzXNtNggjpylVbGZMZqUw= Subject key identifier: 6F:B6:41:C0:B2:C2:09:D0:94:39:09:25:F8:7C:F9:56:FB:D1:21:1D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1A2A63C480E9246F0E3C6B5531A2A543DF33E83C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Tue 10 Jun 2025 16:00:03 +0000 ROA not before: Tue 10 Jun 2025 16:00:03 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:2a:63:c4:80:e9:24:6f:0e:3c:6b:55:31:a2:a5:43:df:33:e8:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 10 16:00:03 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=8aaea5f9032eb3aa77a1cd26eacd97ac104682556068f0d61a67e1417753f525, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:82:a6:1c:3c:51:4f:7a:47:c4:4c:47:c0:ef: 83:93:84:7a:01:80:9e:96:47:47:f1:56:44:00:f1: 07:04:ef:b7:cc:37:19:a8:bc:df:75:31:69:68:18: 70:2f:51:12:bf:04:83:52:de:eb:22:ab:24:a7:a3: 70:74:d9:55:90:21:d2:05:8f:ac:80:d8:fb:d6:b5: 45:64:b8:7e:0f:a1:4f:a7:5a:94:5b:29:38:f8:18: 64:1c:51:ab:72:80:ff:15:3f:62:5f:5b:48:0c:f7: a1:0f:81:c1:4f:6d:3a:7b:43:5e:2e:3e:f2:68:93: 85:e1:3a:a5:97:61:84:e2:aa:93:9b:ac:bd:42:3a: 4b:34:63:9c:80:c1:38:7a:2a:0b:09:ec:e7:6b:40: 35:58:03:4e:38:d7:e8:c1:6e:51:bc:8c:01:d9:b2: b1:42:be:36:bd:8e:d1:f0:2c:44:9e:b9:80:75:c7: 19:5a:71:a2:fe:4a:91:ea:da:ef:d8:0c:7d:8d:39: 78:92:54:19:80:b1:00:eb:9f:27:2e:8e:ff:1c:8d: 20:2e:82:fd:03:a8:bf:c4:29:19:e3:5b:d6:f4:35: ef:a4:47:54:83:45:88:90:6a:dc:da:d2:dd:f6:9b: b3:cf:22:09:00:45:aa:64:f2:c1:a3:e3:73:3a:ce: 95:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:B6:41:C0:B2:C2:09:D0:94:39:09:25:F8:7C:F9:56:FB:D1:21:1D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 10:21:9d:17:5a:03:cc:ae:00:fe:51:f6:13:4a:f7:b8:36:1b: 94:aa:9e:6c:87:92:2e:f9:2b:80:2f:f0:9b:9d:fd:35:f1:63: ea:bd:9e:f3:18:0f:f9:d3:b3:27:03:00:cc:04:4d:91:46:50: 35:cd:33:fa:b2:9b:24:f1:3c:9b:95:7c:99:ae:3d:c3:26:11: 23:0a:61:0a:f3:45:7b:ba:d9:3c:ed:3f:cb:3a:83:1e:11:ee: be:91:99:f8:e2:82:fd:f5:b5:cd:e2:93:0d:77:90:6e:54:9a: 93:ac:6f:da:3a:1b:27:8f:2e:7c:1d:7c:ad:e9:e6:cf:f5:1e: 8a:e9:a3:d4:ec:9d:ec:d5:d3:ad:b5:6b:82:e8:9c:c3:e5:a9: 97:c7:6f:a6:8e:18:3f:83:49:fb:72:9d:dd:52:de:57:36:14: 67:73:93:d9:94:c3:a1:94:c8:76:1c:2c:a0:fa:49:2d:b3:74: 40:47:94:46:d1:ae:03:f3:35:50:84:b2:bc:d2:cc:ca:73:06: 27:96:83:96:ea:ec:50:86:1e:d5:cf:9a:3e:f2:47:59:46:22: 8c:09:53:4c:a6:81:d4:34:09:70:6c:4f:61:32:57:12:d3:3c: 8b:a6:51:4b:e3:37:71:c3:8f:8e:24:44:d2:87:3e:d4:3a:9f: b2:60:67:ea -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGipjxIDpJG8OPGtVMaKlQ98z6DwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxMDE2MDAwM1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAOGFhZWE1ZjkwMzJlYjNhYTc3YTFj ZDI2ZWFjZDk3YWMxMDQ2ODI1NTYwNjhmMGQ2MWE2N2UxNDE3NzUzZjUyNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYKmHDxRT3pHxExHwO+Dk4R6AYCe lkdH8VZEAPEHBO+3zDcZqLzfdTFpaBhwL1ESvwSDUt7rIqskp6NwdNlVkCHSBY+s gNj71rVFZLh+D6FPp1qUWyk4+BhkHFGrcoD/FT9iX1tIDPehD4HBT206e0NeLj7y aJOF4Tqll2GE4qqTm6y9QjpLNGOcgME4eioLCezna0A1WANOONfowW5RvIwB2bKx Qr42vY7R8CxEnrmAdccZWnGi/kqR6trv2Ax9jTl4klQZgLEA658nLo7/HI0gLoL9 A6i/xCkZ41vW9DXvpEdUg0WIkGrc2tLd9puzzyIJAEWqZPLBo+NzOs6V/QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG+2QcCywgnQlDkJJfh8+Vb70SEdMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBABAhnRdaA8yuAP5R9hNK 97g2G5SqnmyHki75K4Av8Jud/TXxY+q9nvMYD/nTsycDAMwETZFGUDXNM/qymyTx PJuVfJmuPcMmESMKYQrzRXu62TztP8s6gx4R7r6Rmfjigv31tc3ikw13kG5UmpOs b9o6GyePLnwdfK3p5s/1Horpo9TsnezV0621a4LonMPlqZfHb6aOGD+DSftynd1S 3lc2FGdzk9mUw6GUyHYcLKD6SS2zdEBHlEbRrgPzNVCEsrzSzMpzBieWg5bq7FCG HtXPmj7yR1lGIowJU0ymgdQ0CXBsT2EyVxLTPIumUUvjN3HDj44kRNKHPtQ6n7Jg Z+o= -----END CERTIFICATE-----Generated at Sat Jun 14 05:49:38 2025 by rpki-client