$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json) Hash identifier: D6pTdQGsNvl8rtRSEmXShcErci66tQ/wwGTAr1VUhbs= Subject key identifier: BC:59:EA:42:94:85:34:D5:46:76:AF:34:14:CB:B0:59:E5:4F:3C:7C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0808EF44B82A32325B1D8D2C8208AAE5ABDC388B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa Signing time: Sat 14 Jun 2025 00:00:40 +0000 ROA not before: Sat 14 Jun 2025 00:00:40 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:08:ef:44:b8:2a:32:32:5b:1d:8d:2c:82:08:aa:e5:ab:dc:38:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:40 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=68666b1e68483ff3260a17f4073d542c79514950d0b807ef35b45fb3d47dddfe, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:ec:62:58:ea:13:65:b2:5d:af:a3:4a:50:8a: 03:5f:6c:50:ca:e0:75:d8:47:08:90:55:d9:5e:c2: 5d:2c:01:aa:da:a9:1f:f7:db:31:2d:b9:fb:ef:61: d8:a7:90:76:d2:0b:c8:95:a6:ad:85:d6:27:58:da: b9:57:cc:a6:0d:ae:62:c9:1e:61:6b:bd:e7:0d:ee: 58:56:76:53:e3:c3:bc:02:ca:b7:1e:a1:f0:21:b9: 8e:47:22:c9:1c:50:37:d7:ab:ee:97:9d:54:43:2d: ef:2b:6a:f2:bc:83:97:f1:d1:3c:56:49:fd:6c:46: e9:ea:bd:f4:a3:64:b2:fd:80:2e:cf:f5:55:d3:b6: 28:fb:d6:70:c7:f9:f2:4b:a0:ef:77:11:cb:eb:da: db:cb:cf:94:86:26:05:63:6f:68:7e:40:5b:13:9d: 1a:7a:a0:5b:57:f5:dc:30:3d:85:68:2f:e6:02:d6: bb:ca:ca:9b:7e:74:56:f1:5b:42:70:98:61:06:ce: 3c:63:39:3b:da:41:00:b1:44:1f:cc:83:98:a0:a1: b9:fe:0b:84:f6:b3:f8:56:3b:bd:e2:cc:53:7c:9c: 16:48:68:1e:eb:ca:1c:05:18:b7:95:23:f9:bf:6e: 7e:57:b0:74:29:93:31:51:4d:6b:c8:a7:cf:6a:22: 06:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:59:EA:42:94:85:34:D5:46:76:AF:34:14:CB:B0:59:E5:4F:3C:7C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fc::/32 Signature Algorithm: sha256WithRSAEncryption 3f:1a:a1:05:c9:18:cd:26:5a:ce:60:62:3c:20:08:d7:7b:51: ef:92:c5:fd:95:ea:b0:62:69:5d:97:60:19:5b:33:13:eb:41: bf:c7:50:12:97:4a:86:8e:30:7f:e0:06:49:d7:3d:78:ff:86: ad:63:0a:79:ea:c9:e0:66:3c:f1:3c:8d:9b:c2:0a:d0:92:9b: c8:86:a1:50:d6:62:f8:0a:cd:95:32:76:e7:f9:c4:31:70:24: 43:c3:94:03:2a:19:13:1e:f2:6a:69:48:0a:c2:c7:81:c8:9b: ac:69:db:fd:63:d9:83:be:b6:53:5a:e2:b3:c6:98:c9:3a:30: ab:89:7e:2c:05:38:54:52:9e:b9:67:5f:16:25:42:c2:4a:57: d2:16:b0:29:35:16:d5:d9:5e:53:32:fb:53:97:1a:f2:32:ea: 0b:d8:1b:c8:f8:11:92:17:c9:e6:13:51:2d:e8:59:69:2b:a6: 2c:95:3b:33:89:25:b3:57:2b:1b:fd:61:7d:81:36:e5:6b:5b: 18:f3:79:04:12:42:d5:95:d3:67:77:98:99:7c:bd:b8:43:48: 8e:2b:90:fb:04:f5:71:fc:86:85:62:ce:68:51:0f:70:3c:10: 3e:2d:37:9e:29:94:17:91:56:c8:47:0b:29:3a:57:4d:e2:51: fb:27:07:1c -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUCAjvRLgqMjJbHY0sggiq5avcOIswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDA0MFoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNANjg2NjZiMWU2ODQ4M2ZmMzI2MGEx N2Y0MDczZDU0MmM3OTUxNDk1MGQwYjgwN2VmMzViNDVmYjNkNDdkZGRmZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+xiWOoTZbJdr6NKUIoDX2xQyuB1 2EcIkFXZXsJdLAGq2qkf99sxLbn772HYp5B20gvIlaathdYnWNq5V8ymDa5iyR5h a73nDe5YVnZT48O8Asq3HqHwIbmORyLJHFA316vul51UQy3vK2ryvIOX8dE8Vkn9 bEbp6r30o2Sy/YAuz/VV07Yo+9Zwx/nyS6DvdxHL69rby8+UhiYFY29ofkBbE50a eqBbV/XcMD2FaC/mAta7ysqbfnRW8VtCcJhhBs48Yzk72kEAsUQfzIOYoKG5/guE 9rP4Vju94sxTfJwWSGge68ocBRi3lSP5v25+V7B0KZMxUU1ryKfPaiIGCwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFLxZ6kKUhTTVRnavNBTLsFnlTzx8MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAPxqhBckYzSZazmBiPCAI 13tR75LF/ZXqsGJpXZdgGVszE+tBv8dQEpdKho4wf+AGSdc9eP+GrWMKeerJ4GY8 8TyNm8IK0JKbyIahUNZi+ArNlTJ25/nEMXAkQ8OUAyoZEx7yamlICsLHgcibrGnb /WPZg762U1ris8aYyTowq4l+LAU4VFKeuWdfFiVCwkpX0hawKTUW1dleUzL7U5ca 8jLqC9gbyPgRkhfJ5hNRLehZaSumLJU7M4kls1crG/1hfYE25WtbGPN5BBJC1ZXT Z3eYmXy9uENIjiuQ+wT1cfyGhWLOaFEPcDwQPi03nimUF5FWyEcLKTpXTeJR+ycH HA== -----END CERTIFICATE-----Generated at Sun Jun 29 02:31:59 2025 by rpki-client