$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa File: fcc4293c-b24f-4fac-9395-546f748b3b13.roa (raw, json) Hash identifier: QrhULn6zzt76qs5UhpO/cScywudd8JUerePubXLVI6E= Subject key identifier: 59:38:FF:65:C2:08:3F:07:22:24:3E:5B:C9:D5:14:1F:F4:0E:B2:B8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 05029287745744D790A34E543B9F16DF4851E8F1 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa Signing time: Mon 04 Aug 2025 15:00:51 +0000 ROA not before: Mon 04 Aug 2025 15:00:51 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:02:92:87:74:57:44:d7:90:a3:4e:54:3b:9f:16:df:48:51:e8:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 4 15:00:51 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=7f92bad9e6b390b3d6d6cd883aebd60a1d1ec7071bad3b52f71fa8a51cfee464, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:56:28:d0:95:70:05:95:15:91:36:84:d3:09: 33:49:bd:a0:34:9d:49:bf:ad:ee:d1:f9:01:8c:3e: 59:56:2e:12:40:33:91:4c:ba:18:96:20:d0:ad:1b: 4e:1e:41:06:4b:98:55:48:89:3d:49:97:3a:d3:c1: 19:80:fc:6a:ba:67:cb:dc:9e:5f:ee:05:49:57:f6: d0:1c:02:d1:2f:8f:d4:2d:01:4e:69:31:4c:72:40: 35:a6:69:cd:88:5a:f1:c3:e5:39:8d:d5:2f:da:0f: e6:3d:3b:39:98:7b:8c:9d:27:c2:94:bc:b2:80:23: 04:44:7b:c6:db:81:f2:74:8e:04:91:d0:e1:b7:55: 27:5c:4f:bc:d0:78:85:93:12:e7:04:c6:51:46:c6: 4a:2f:5e:22:c0:5e:f2:f1:c0:4f:67:d9:9d:50:86: 42:13:24:72:99:0f:7b:31:ef:10:01:b3:06:82:8d: 88:21:ae:a0:d0:61:2b:66:7a:3d:20:7e:af:db:c9: 29:d4:f5:b6:cd:c4:7b:5d:a3:2b:4b:e9:14:d2:c7: d5:2f:9d:a9:f2:fe:3a:27:3d:f2:38:89:bc:fe:e1: 5f:b9:b2:20:ed:81:b8:57:97:28:ad:01:3d:ea:78: 86:45:17:64:11:b9:ef:09:be:18:ae:da:33:c3:ca: 0e:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:38:FF:65:C2:08:3F:07:22:24:3E:5B:C9:D5:14:1F:F4:0E:B2:B8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/38 Signature Algorithm: sha256WithRSAEncryption 95:ac:3f:df:1a:4f:3a:b2:76:30:46:53:16:da:a3:77:22:6a: 2a:bf:72:b6:a5:18:d3:59:07:fe:0f:71:35:a7:c3:23:f9:87: cc:fa:a0:bb:12:76:cc:64:7b:bc:89:82:3f:e9:8e:cd:0c:b7: 40:73:d2:ce:ab:1e:91:5f:02:bb:b7:b9:f5:6f:ac:73:96:a6: 68:c3:b1:40:00:46:87:b9:c6:48:a7:e9:28:4b:77:a3:d5:d8: c9:d3:46:9c:e2:50:79:95:de:a7:40:f3:f6:32:f6:75:36:50: 91:ac:6b:7f:a2:3e:d8:4b:ce:53:0f:8f:f8:6e:4b:7f:aa:bc: ef:15:1a:69:cb:6e:38:23:ec:a4:63:4d:45:58:a6:4f:b8:93: 45:a8:e5:9f:56:d0:9b:c6:93:22:37:e8:58:a6:8f:b4:23:8b: 3f:03:70:a7:93:ff:f9:69:1c:dc:f5:45:0c:88:ff:67:d7:b0: 3c:bc:13:0c:a2:bb:d1:82:df:ac:75:ea:bb:83:c4:f2:5e:d1: 77:65:d4:1e:00:b7:31:52:1f:0f:b8:29:c1:f0:9e:80:6b:a4: 61:0f:0a:b7:37:a5:53:c2:a8:30:4d:22:9c:6e:5d:e5:a1:21: e3:82:cb:4d:1f:c0:8e:9f:e6:da:24:68:a6:d6:44:98:c4:56: e0:73:04:e5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBQKSh3RXRNeQo05UO58W30hR6PEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwNDE1MDA1MVoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAN2Y5MmJhZDllNmIzOTBiM2Q2ZDZj ZDg4M2FlYmQ2MGExZDFlYzcwNzFiYWQzYjUyZjcxZmE4YTUxY2ZlZTQ2NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1Yo0JVwBZUVkTaE0wkzSb2gNJ1J v63u0fkBjD5ZVi4SQDORTLoYliDQrRtOHkEGS5hVSIk9SZc608EZgPxqumfL3J5f 7gVJV/bQHALRL4/ULQFOaTFMckA1pmnNiFrxw+U5jdUv2g/mPTs5mHuMnSfClLyy gCMERHvG24HydI4EkdDht1UnXE+80HiFkxLnBMZRRsZKL14iwF7y8cBPZ9mdUIZC EyRymQ97Me8QAbMGgo2IIa6g0GErZno9IH6v28kp1PW2zcR7XaMrS+kU0sfVL52p 8v46Jz3yOIm8/uFfubIg7YG4V5corQE96niGRRdkEbnvCb4Yrtozw8oOJQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFk4/2XCCD8HIiQ+W8nVFB/0DrK4MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2ZjYzQyOTNjLWIyNGYtNGZhYy05Mzk1LTU0NmY3NDhiM2IxMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAJWsP98aTzqydjBGUxba o3ciaiq/cralGNNZB/4PcTWnwyP5h8z6oLsSdsxke7yJgj/pjs0Mt0Bz0s6rHpFf Aru3ufVvrHOWpmjDsUAARoe5xkin6ShLd6PV2MnTRpziUHmV3qdA8/Yy9nU2UJGs a3+iPthLzlMPj/huS3+qvO8VGmnLbjgj7KRjTUVYpk+4k0Wo5Z9W0JvGkyI36Fim j7Qjiz8DcKeT//lpHNz1RQyI/2fXsDy8Ewyiu9GC36x16ruDxPJe0Xdl1B4AtzFS Hw+4KcHwnoBrpGEPCrc3pVPCqDBNIpxuXeWhIeOCy00fwI6f5tokaKbWRJjEVuBz BOU= -----END CERTIFICATE-----Generated at Mon Aug 4 21:44:47 2025 by rpki-client