$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa File: f54cd21d-ebef-4509-8295-1f7547d0d717.roa (raw, json) Hash identifier: zaGg6t7xMJ7shxvLGWI8mgfjh1kIDXbPEGJyFtrRbLw= Subject key identifier: 85:AA:E5:90:F6:CB:B6:3D:3A:46:A0:83:20:B0:BF:10:52:36:AF:05 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 611ED2D7E48AC94BDA2B6E97C8463180381B4941 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa Signing time: Mon 04 Aug 2025 15:00:47 +0000 ROA not before: Mon 04 Aug 2025 15:00:47 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:1e:d2:d7:e4:8a:c9:4b:da:2b:6e:97:c8:46:31:80:38:1b:49:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:47 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=37ddf5a03c61915c9ec853bce9029862fc7af1f560619c19d1fe6d7b07059892, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:12:2f:8e:d6:70:b8:d9:51:e6:eb:f1:40:1b: dd:be:b8:c2:31:ac:45:01:06:84:f0:19:05:1b:9a: 56:26:c0:f5:3c:72:92:03:6a:44:e8:44:54:a5:9f: 28:15:b8:d4:58:c4:60:72:2d:1a:64:df:7f:d0:39: ca:44:2a:10:68:b5:0e:93:ab:2c:ea:22:54:16:bb: c9:29:0d:a8:87:a9:9a:27:64:bd:47:01:93:35:c2: 87:f7:93:c2:b0:b8:9d:9b:d3:53:13:59:16:fb:34: 08:b0:8d:3c:34:d4:78:6a:89:2e:7b:5c:99:ed:af: 24:b5:3e:e2:ef:af:1f:d2:11:ef:62:33:ce:5f:d6: 2e:39:e9:ca:81:7e:7e:6a:7a:b1:6e:6b:75:c3:e6: f1:86:e1:c1:d3:27:b7:37:32:4a:a9:2e:40:ec:41: bc:ba:e9:79:78:2d:57:1b:9d:bf:ac:3d:13:ce:42: a0:de:c2:bc:7c:3b:9c:ef:8f:33:54:25:2c:a2:ea: d1:e7:e4:e7:6c:50:07:a4:d3:09:f1:12:0c:c1:46: 0c:7b:65:51:e4:a6:a4:54:ca:51:e6:f3:24:00:8d: 6a:90:49:02:e5:0e:37:a0:33:ed:f4:f3:82:d9:1f: 2f:8f:13:b7:03:81:32:54:01:98:ac:ea:75:4f:0b: 25:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:AA:E5:90:F6:CB:B6:3D:3A:46:A0:83:20:B0:BF:10:52:36:AF:05 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:400::/38 Signature Algorithm: sha256WithRSAEncryption b8:ac:3f:f0:91:6e:19:fd:63:74:c9:1f:22:e4:f4:d0:95:29: 9d:6e:f5:df:a9:d1:84:6f:a9:b8:37:05:2e:3d:ea:2a:b8:d3: 7f:b9:c8:6e:68:ce:b9:e1:94:bb:5f:3a:e4:f3:82:34:66:62: e9:e6:58:d0:bf:9c:00:ba:ab:72:58:a6:6f:ac:50:db:4b:54: ee:04:99:6f:60:69:9b:0d:5f:fd:d9:82:1d:75:51:d5:09:32: ff:97:bd:31:c8:4d:52:31:de:fd:07:36:ff:54:79:60:87:77: 69:b4:10:21:d3:52:e4:44:ba:a9:65:9d:9a:b6:70:04:20:8e: 2d:d9:c4:26:a4:16:40:8c:bf:91:62:56:41:89:0a:72:98:f6: 89:07:bf:81:b7:64:b4:06:e6:2b:0f:5a:9f:b5:41:c6:0e:f4: c9:0f:14:18:d1:56:27:dd:ab:33:78:c2:26:16:fd:17:37:d7: 10:e8:41:e5:3a:1f:41:10:27:83:75:24:43:14:74:c7:b6:ca: e2:f9:4a:a5:18:7d:e2:2f:60:36:f1:eb:49:62:d7:27:b3:4b: 90:49:86:78:71:73:1d:c4:f7:10:f6:a7:b8:9e:81:1f:82:9a: b9:ba:ed:c9:f0:1e:e1:89:e8:cd:7e:08:f8:7b:dd:3a:67:56: 85:92:10:8c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYR7S1+SKyUvaK26XyEYxgDgbSUEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA0N1oX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAMzdkZGY1YTAzYzYxOTE1YzllYzg1 M2JjZTkwMjk4NjJmYzdhZjFmNTYwNjE5YzE5ZDFmZTZkN2IwNzA1OTg5MjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxIvjtZwuNlR5uvxQBvdvrjCMaxF AQaE8BkFG5pWJsD1PHKSA2pE6ERUpZ8oFbjUWMRgci0aZN9/0DnKRCoQaLUOk6ss 6iJUFrvJKQ2oh6maJ2S9RwGTNcKH95PCsLidm9NTE1kW+zQIsI08NNR4aokue1yZ 7a8ktT7i768f0hHvYjPOX9YuOenKgX5+anqxbmt1w+bxhuHB0ye3NzJKqS5A7EG8 uul5eC1XG52/rD0TzkKg3sK8fDuc748zVCUsourR5+TnbFAHpNMJ8RIMwUYMe2VR 5KakVMpR5vMkAI1qkEkC5Q43oDPt9POC2R8vjxO3A4EyVAGYrOp1TwslPQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIWq5ZD2y7Y9OkaggyCwvxBSNq8FMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2Y1NGNkMjFkLWViZWYtNDUwOS04Mjk1LTFmNzU0N2QwZDcxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAQwDQYJKoZIhvcNAQELBQADggEBALisP/CRbhn9Y3TJHyLk 9NCVKZ1u9d+p0YRvqbg3BS496iq403+5yG5ozrnhlLtfOuTzgjRmYunmWNC/nAC6 q3JYpm+sUNtLVO4EmW9gaZsNX/3Zgh11UdUJMv+XvTHITVIx3v0HNv9UeWCHd2m0 ECHTUuREuqllnZq2cAQgji3ZxCakFkCMv5FiVkGJCnKY9okHv4G3ZLQG5isPWp+1 QcYO9MkPFBjRVifdqzN4wiYW/Rc31xDoQeU6H0EQJ4N1JEMUdMe2yuL5SqUYfeIv YDbx60li1yezS5BJhnhxcx3E9xD2p7iegR+Cmrm67cnwHuGJ6M1+CPh73TpnVoWS EIw= -----END CERTIFICATE-----Generated at Mon Aug 4 21:49:37 2025 by rpki-client