$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa File: 205af9d8-3799-4d38-b1fb-da840e362ff1.roa (raw, json) Hash identifier: 4683c8EsptMqAX0rgwx85DCe9KUP+LsznXnF5ussPyM= Subject key identifier: DA:5B:AB:28:FC:74:18:32:FA:37:E3:D4:96:30:02:29:1F:9B:79:D3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0DE85C801ACEAC02286992ABA321DB576DCF0609 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa Signing time: Sat 14 Jun 2025 00:00:38 +0000 ROA not before: Sat 14 Jun 2025 00:00:38 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:e8:5c:80:1a:ce:ac:02:28:69:92:ab:a3:21:db:57:6d:cf:06:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:38 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=30ab25f35fb50f35b85c8dd893cbda7f05479bb2c4a98ad2c2e7baa55e583490, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ed:c8:00:a4:7b:69:fe:b0:02:0f:21:2d:84: ca:96:33:05:22:70:78:ef:40:18:26:2d:2b:89:7a: 8f:ae:27:ac:62:ee:7d:f0:38:0c:76:6d:17:69:95: 19:fe:83:8c:77:64:b2:96:35:ba:3e:e7:ed:b6:b9: 0e:0f:cf:98:03:44:29:a0:21:e7:64:66:36:7c:aa: 3c:38:d2:64:04:d8:9e:b2:cd:2e:30:dd:8c:ff:00: d6:88:60:d8:39:5a:87:9a:23:e0:c2:7a:6d:0e:1c: bd:1d:e1:5c:82:28:38:68:2f:ce:bc:43:2b:4f:60: 04:fd:1d:4e:34:0a:ab:92:dd:f0:98:e4:9e:ad:36: 8f:57:09:50:f0:63:15:63:10:07:c4:1f:76:61:47: 7c:28:a2:c0:08:0f:c1:ff:d6:8a:48:64:92:81:2f: 43:6e:46:db:f9:49:4d:7f:a0:75:ad:11:fa:ea:86: b7:f3:91:78:8a:85:48:7b:1a:fc:da:cd:af:8d:86: fd:35:c7:34:63:b7:9d:6e:0b:cd:1a:fe:d9:93:80: c4:ff:05:66:8a:3b:ff:96:12:74:5a:6a:f8:2a:2a: 2f:05:40:23:e9:53:2e:66:64:7b:45:60:a2:8c:2c: 62:1d:e6:2a:61:bf:5a:a9:24:be:58:14:b3:5d:3a: 67:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:5B:AB:28:FC:74:18:32:FA:37:E3:D4:96:30:02:29:1F:9B:79:D3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/36 Signature Algorithm: sha256WithRSAEncryption b2:82:96:ba:7d:de:c4:20:6c:20:24:ec:e9:f3:03:81:71:52: 4b:51:aa:83:ab:99:eb:c5:4d:45:57:55:3b:32:3d:86:50:b6: 20:79:48:a7:dd:9f:92:39:55:e8:3a:3f:f2:bb:5c:e2:b7:2d: 28:95:f6:c8:c7:c9:f2:3d:b0:c7:d0:85:73:3e:b0:3b:e9:5a: c9:21:93:2f:32:b4:e5:74:f9:6d:2f:7b:c8:3d:7c:96:9b:2e: bd:32:90:21:4b:da:7f:e2:a5:3f:a0:3b:70:b7:69:98:bd:09: 6f:45:13:1c:ec:fa:8e:28:85:24:a2:f7:e3:a2:85:1c:bc:88: 28:74:88:d5:7a:74:cb:1e:ca:a1:a0:55:7d:43:d0:ec:74:7d: 3f:10:d6:60:3f:6e:3f:cb:d6:5a:fe:f6:10:55:bf:e7:9c:29: ed:f5:b5:f6:17:00:f9:34:d5:f3:f8:a5:8a:45:d2:a0:bc:95: f9:a7:8c:a1:e4:90:49:17:13:75:87:71:73:01:18:3e:69:50: ed:e8:01:b7:65:0f:a1:98:63:d7:2f:5d:c2:6c:33:fa:ca:e3: 75:79:ea:6e:69:52:95:1b:c7:f8:c7:d1:45:f8:3a:ad:3e:6e: a8:b8:3b:33:ff:98:4f:34:d4:72:c0:2a:97:f7:b7:2f:f3:ff: b8:ff:ab:6f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDehcgBrOrAIoaZKroyHbV23PBgkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAzOFoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAMzBhYjI1ZjM1ZmI1MGYzNWI4NWM4 ZGQ4OTNjYmRhN2YwNTQ3OWJiMmM0YTk4YWQyYzJlN2JhYTU1ZTU4MzQ5MDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO3IAKR7af6wAg8hLYTKljMFInB4 70AYJi0riXqPriesYu598DgMdm0XaZUZ/oOMd2SyljW6PufttrkOD8+YA0QpoCHn ZGY2fKo8ONJkBNiess0uMN2M/wDWiGDYOVqHmiPgwnptDhy9HeFcgig4aC/OvEMr T2AE/R1ONAqrkt3wmOSerTaPVwlQ8GMVYxAHxB92YUd8KKLACA/B/9aKSGSSgS9D bkbb+UlNf6B1rRH66oa385F4ioVIexr82s2vjYb9Ncc0Y7edbgvNGv7Zk4DE/wVm ijv/lhJ0Wmr4KiovBUAj6VMuZmR7RWCijCxiHeYqYb9aqSS+WBSzXTpnqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNpbqyj8dBgy+jfj1JYwAikfm3nTMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIwNWFmOWQ4LTM3OTktNGQzOC1iMWZiLWRhODQwZTM2MmZmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AGAAwDQYJKoZIhvcNAQELBQADggEBALKClrp93sQgbCAk7Onz A4FxUktRqoOrmevFTUVXVTsyPYZQtiB5SKfdn5I5Veg6P/K7XOK3LSiV9sjHyfI9 sMfQhXM+sDvpWskhky8ytOV0+W0ve8g9fJabLr0ykCFL2n/ipT+gO3C3aZi9CW9F Exzs+o4ohSSi9+OihRy8iCh0iNV6dMseyqGgVX1D0Ox0fT8Q1mA/bj/L1lr+9hBV v+ecKe31tfYXAPk01fP4pYpF0qC8lfmnjKHkkEkXE3WHcXMBGD5pUO3oAbdlD6GY Y9cvXcJsM/rK43V56m5pUpUbx/jH0UX4Oq0+bqi4OzP/mE801HLAKpf3ty/z/7j/ q28= -----END CERTIFICATE-----Generated at Sun Jun 29 05:15:17 2025 by rpki-client