$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa File: a3080b31-8684-4ce8-b4e6-33db63d13627.roa (raw, json) Hash identifier: Xg0bFb74RuHPwek19Ut4Cfkz7LrKCqKkHjW+LsTWKNI= Subject key identifier: B5:07:B1:05:CB:1A:0D:5C:86:02:D2:C1:08:A8:07:08:FA:CA:6E:2D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0790CBEA00E4CDF9CDDC825ACFB740397581E3F9 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa Signing time: Sat 14 Jun 2025 00:00:39 +0000 ROA not before: Sat 14 Jun 2025 00:00:39 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8060::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:90:cb:ea:00:e4:cd:f9:cd:dc:82:5a:cf:b7:40:39:75:81:e3:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:39 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=8e9f4097c84ba92eedcd8431377559afffc7f03bb6dac3ae5082505e0221f3d2, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b8:0e:34:dc:76:d5:59:74:be:10:e9:cb:43: 2f:8a:a0:5d:c9:87:96:7a:13:0b:af:fb:ee:0b:7d: 0f:2d:76:0a:bb:9b:aa:bc:7f:02:4d:61:79:35:95: 01:00:e1:3d:cb:6b:bc:f9:3a:4e:f0:e2:b4:94:74: 76:eb:dd:01:57:d8:33:2b:af:f0:59:90:e5:5e:aa: 10:f8:fe:f1:6a:01:a2:f4:52:03:1c:9d:50:0b:77: 43:73:e1:8c:c2:2d:31:85:92:80:f2:7b:fb:45:3b: ca:10:98:46:2f:0b:ce:02:a1:1a:bc:0a:58:14:d3: 8b:37:5c:c7:a4:65:49:f8:35:35:5b:a6:9c:79:9f: 0e:22:3a:75:ee:b3:51:83:88:d9:4b:72:5d:ae:3f: c1:bc:0b:78:95:18:6e:c7:8d:b8:2b:9a:75:57:91: 53:dd:cf:23:2b:77:c7:57:4a:9b:be:99:4f:31:11: e9:2d:d2:f4:86:a0:73:63:90:9f:64:31:c3:67:d4: ab:b0:cf:42:70:1d:70:f5:81:bd:51:7e:6f:59:be: ec:c8:7c:26:53:37:38:e0:57:6b:05:63:27:98:ee: dd:91:72:6b:f2:3f:ea:41:f7:e9:56:aa:eb:a6:6e: bb:17:b1:7d:b2:aa:79:5e:5a:d1:31:db:5d:d2:52: 4e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:07:B1:05:CB:1A:0D:5C:86:02:D2:C1:08:A8:07:08:FA:CA:6E:2D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8060::/32 Signature Algorithm: sha256WithRSAEncryption 4a:e6:e2:e8:9f:b0:d7:d7:a7:56:dc:e6:f8:50:93:8f:e9:47: ef:f7:21:25:c0:34:15:d9:f2:9d:3b:5e:78:ff:61:31:7f:46: ac:b6:2b:32:08:54:f4:62:62:0a:e8:c6:dd:9a:3e:3e:90:5c: ac:b4:22:7a:6d:e6:1b:d5:80:7d:83:21:b9:90:f6:cd:22:3c: 56:53:1a:33:95:03:bb:86:01:ff:c4:3f:f0:01:66:53:7a:63: 8a:0e:fd:a8:47:1c:16:cd:ae:70:5b:05:07:63:83:5b:ac:15: 90:28:bd:d3:0e:a9:3f:fe:34:5a:4c:cb:c1:99:ea:6f:63:8c: 1b:5f:2c:d8:8d:51:7f:e6:6d:23:5e:04:26:4c:4f:5a:30:3c: 12:71:4f:2b:e5:4e:7c:bf:c6:6c:37:2f:66:83:eb:65:f3:43: f5:75:a7:3e:80:77:dc:33:d1:49:0c:e6:cd:61:2b:bf:2c:2c: 25:44:7c:57:10:34:8b:16:e2:f4:a2:07:b3:b2:a4:fe:7f:e2: 13:36:95:1c:41:00:2c:37:db:38:b6:de:95:98:07:41:88:6d: 92:00:9a:0d:e2:e2:b7:b8:63:0d:ab:19:3b:ff:06:06:ca:8e: 4f:ac:f5:36:54:0f:ef:81:5e:3f:33:bb:7e:14:26:ea:19:d8: 29:95:31:01 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUB5DL6gDkzfnN3IJaz7dAOXWB4/kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAzOVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAOGU5ZjQwOTdjODRiYTkyZWVkY2Q4 NDMxMzc3NTU5YWZmZmM3ZjAzYmI2ZGFjM2FlNTA4MjUwNWUwMjIxZjNkMjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrgONNx21Vl0vhDpy0MviqBdyYeW ehMLr/vuC30PLXYKu5uqvH8CTWF5NZUBAOE9y2u8+TpO8OK0lHR2690BV9gzK6/w WZDlXqoQ+P7xagGi9FIDHJ1QC3dDc+GMwi0xhZKA8nv7RTvKEJhGLwvOAqEavApY FNOLN1zHpGVJ+DU1W6aceZ8OIjp17rNRg4jZS3Jdrj/BvAt4lRhux424K5p1V5FT 3c8jK3fHV0qbvplPMRHpLdL0hqBzY5CfZDHDZ9SrsM9CcB1w9YG9UX5vWb7syHwm Uzc44FdrBWMnmO7dkXJr8j/qQffpVqrrpm67F7F9sqp5XlrRMdtd0lJOewIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFLUHsQXLGg1chgLSwQioBwj6ym4tMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzMDgwYjMxLTg2ODQtNGNlOC1iNGU2LTMzZGI2M2QxMzYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+AYDANBgkqhkiG9w0BAQsFAAOCAQEASubi6J+w19enVtzm+FCT j+lH7/chJcA0FdnynTteeP9hMX9GrLYrMghU9GJiCujG3Zo+PpBcrLQiem3mG9WA fYMhuZD2zSI8VlMaM5UDu4YB/8Q/8AFmU3pjig79qEccFs2ucFsFB2ODW6wVkCi9 0w6pP/40WkzLwZnqb2OMG18s2I1Rf+ZtI14EJkxPWjA8EnFPK+VOfL/GbDcvZoPr ZfND9XWnPoB33DPRSQzmzWErvywsJUR8VxA0ixbi9KIHs7Kk/n/iEzaVHEEALDfb OLbelZgHQYhtkgCaDeLit7hjDasZO/8GBsqOT6z1NlQP74FePzO7fhQm6hnYKZUx AQ== -----END CERTIFICATE-----Generated at Sun Jun 29 03:59:14 2025 by rpki-client