$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa File: 33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa (raw, json) Hash identifier: R1evj2psZZFGJRJ95RIZZAfRyOKHiB/qjJtqpOylt34= Subject key identifier: D0:65:32:F4:0F:74:04:35:E1:14:35:8A:92:7D:3D:E2:66:03:8E:32 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 59AC61CB048FEE31BE414D6B089DCAD26242FD50 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa Signing time: Sat 14 Jun 2025 00:00:10 +0000 ROA not before: Sat 14 Jun 2025 00:00:10 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:ac:61:cb:04:8f:ee:31:be:41:4d:6b:08:9d:ca:d2:62:42:fd:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:10 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=aefd99fedd63a739a50d52cbaa92aad959327772723dbb8c2a67912a1c966781, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:72:22:49:2f:9a:9f:f1:36:5b:82:03:a7:92: 2b:fa:67:c8:2f:cc:40:91:b3:73:06:2f:05:74:d4: 02:ad:90:43:34:68:b3:e6:21:93:89:d2:10:44:8f: 22:ec:2b:2f:0f:6e:b4:e7:22:b9:33:db:89:6d:c9: f1:56:2a:f8:dc:0f:8e:63:cf:43:df:5c:7d:29:1e: d6:2d:dc:a1:2c:36:de:9b:f3:8d:b8:b3:8f:71:bb: ee:dc:cb:03:dc:59:20:dd:e6:eb:f8:6a:df:05:11: 1f:6f:3d:65:c5:8d:b0:dc:d9:98:44:8d:71:95:f0: 09:a0:55:6c:4c:7b:8f:b4:9b:49:55:95:09:3a:56: b7:6d:37:3d:e9:4c:44:01:1a:80:5f:cb:4e:47:88: 57:21:e7:ec:42:19:c4:2e:55:57:95:af:aa:69:a3: 86:86:80:06:5e:4b:57:33:2c:85:ee:d8:07:e8:af: 37:56:31:fc:ef:c9:6b:1f:04:13:83:c1:5e:aa:75: cb:b7:81:1a:15:d4:18:b6:07:21:0d:03:91:d7:8a: 2b:a3:ed:11:1b:61:26:09:42:24:3f:71:6e:68:72: 1c:4a:19:f4:a5:c1:29:ac:36:c9:b9:5e:39:08:72: 66:8f:94:94:61:81:6a:40:f2:58:01:88:a8:14:4c: bb:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:65:32:F4:0F:74:04:35:E1:14:35:8A:92:7D:3D:E2:66:03:8E:32 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 3c:ea:2e:37:e6:56:51:c5:a5:ca:6f:ef:db:66:b9:d5:4f:c8: 03:b4:07:e5:95:e2:ec:27:d3:74:c2:e5:20:52:bb:d1:2b:f8: 99:8a:70:66:73:c8:6f:89:60:a5:05:9f:27:86:11:c0:bf:c7: 09:b3:e6:14:f8:58:83:fc:e6:6e:ca:a7:c4:5f:0e:f2:6b:72: 87:8c:06:9a:6a:9d:a4:99:97:bd:9f:9c:9b:a0:6a:49:47:82: d8:92:cc:aa:c1:79:2b:ad:83:c8:cd:1c:0b:5b:f6:3c:49:69: 5a:dc:6e:a1:8f:cb:13:6e:f8:75:53:7e:89:c1:48:d0:70:7e: 8e:77:06:56:f9:85:7c:60:28:3c:7e:c4:ff:b3:78:1c:80:4b: 76:7e:f0:30:87:34:2d:63:c2:a1:be:c8:3a:a0:c1:13:24:1e: b4:65:f0:05:f9:b4:34:83:76:7e:14:63:4c:fe:35:a5:d3:49: 13:8e:cb:ce:43:71:42:5f:13:8f:1e:f0:38:9e:f9:3f:a7:28: dc:4a:da:cf:a1:03:bf:bd:0a:6a:89:85:d3:73:ee:db:08:ef: 5a:1c:a8:e7:dc:80:22:2b:c8:3e:6a:73:3d:7c:b8:cd:4a:09: 1c:9e:75:c1:b6:d6:1d:5c:74:92:51:87:3c:aa:94:0d:25:6a: 0b:db:65:b4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWaxhywSP7jG+QU1rCJ3K0mJC/VAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAxMFoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAYWVmZDk5ZmVkZDYzYTczOWE1MGQ1 MmNiYWE5MmFhZDk1OTMyNzc3MjcyM2RiYjhjMmE2NzkxMmExYzk2Njc4MTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHIiSS+an/E2W4IDp5Ir+mfIL8xA kbNzBi8FdNQCrZBDNGiz5iGTidIQRI8i7CsvD2605yK5M9uJbcnxVir43A+OY89D 31x9KR7WLdyhLDbem/ONuLOPcbvu3MsD3Fkg3ebr+GrfBREfbz1lxY2w3NmYRI1x lfAJoFVsTHuPtJtJVZUJOla3bTc96UxEARqAX8tOR4hXIefsQhnELlVXla+qaaOG hoAGXktXMyyF7tgH6K83VjH878lrHwQTg8FeqnXLt4EaFdQYtgchDQOR14oro+0R G2EmCUIkP3FuaHIcShn0pcEprDbJuV45CHJmj5SUYYFqQPJYAYioFEy77wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNBlMvQPdAQ14RQ1ipJ9PeJmA44yMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMzZGQzMWUwLTcwMzktNGZmOC1hYWZlLTk3ZjdiOTViMDdkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQA86i435lZRxaXKb+/b ZrnVT8gDtAflleLsJ9N0wuUgUrvRK/iZinBmc8hviWClBZ8nhhHAv8cJs+YU+FiD /OZuyqfEXw7ya3KHjAaaap2kmZe9n5yboGpJR4LYksyqwXkrrYPIzRwLW/Y8SWla 3G6hj8sTbvh1U36JwUjQcH6OdwZW+YV8YCg8fsT/s3gcgEt2fvAwhzQtY8Khvsg6 oMETJB60ZfAF+bQ0g3Z+FGNM/jWl00kTjsvOQ3FCXxOPHvA4nvk/pyjcStrPoQO/ vQpqiYXTc+7bCO9aHKjn3IAiK8g+anM9fLjNSgkcnnXBttYdXHSSUYc8qpQNJWoL 22W0 -----END CERTIFICATE-----Generated at Sun Jun 29 05:05:48 2025 by rpki-client