$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa File: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (raw, json) Hash identifier: xqMPoGLTmeGu6Q6CVu+dXhSF/XvESSttqa2d3LQAfis= Subject key identifier: 0C:3F:3B:63:2E:D6:A6:CD:E1:FD:32:F1:E2:85:36:19:35:74:95:85 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 71640A61E998C5317D494A8B1D0F6A3C8B5A34CA Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa Signing time: Tue 15 Jul 2025 00:00:06 +0000 ROA not before: Tue 15 Jul 2025 00:00:06 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:64:0a:61:e9:98:c5:31:7d:49:4a:8b:1d:0f:6a:3c:8b:5a:34:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jul 15 00:00:06 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=1c9a500bac45fb5cf3dcb6304069800b71a4c801b5a9da7d17a994fa021cf6cf, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:98:37:12:9f:a7:53:0f:cd:be:83:84:4e:f8: 1e:8b:c3:d6:da:0a:43:1b:3e:ca:fe:d9:3d:9b:e3: 3c:29:19:ae:1a:55:29:69:32:cd:84:72:f8:05:fb: 38:ef:4f:94:2c:1f:43:cd:9e:c9:98:1a:cc:72:06: 15:18:bc:e4:fe:05:bb:d1:9a:9e:9d:71:8e:48:3d: 65:ce:be:1f:0e:5c:68:16:bd:96:4a:00:5d:b7:bd: d9:4b:2b:b9:6e:0c:08:23:68:e3:bc:c4:30:f3:af: 99:a4:c8:60:9c:98:38:24:f2:97:a9:62:d3:0e:70: ba:05:63:36:74:90:7f:31:ed:68:52:d4:1c:12:82: 85:8b:09:4d:e2:eb:ab:a4:dc:4a:8f:e3:4a:52:30: b9:9e:51:13:60:00:64:75:52:e3:b9:c0:fb:6b:4a: 15:7b:99:46:4f:21:b0:d9:22:1d:bd:4a:62:9d:ce: 51:a3:c6:0f:04:52:15:80:91:14:08:66:37:5e:ef: fb:ba:4b:5f:ce:59:ec:6d:45:05:5c:8c:fb:01:5e: cb:d5:b0:60:a1:4c:43:21:f0:c1:71:b4:93:a7:a8: 33:3f:9c:62:94:89:94:94:70:67:cd:15:cf:1d:16: 1c:40:4a:c7:9b:0d:6b:e1:73:97:dc:89:2e:0d:8f: 61:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:3F:3B:63:2E:D6:A6:CD:E1:FD:32:F1:E2:85:36:19:35:74:95:85 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300::/32 Signature Algorithm: sha256WithRSAEncryption 45:a2:6c:88:56:96:f5:0a:56:59:67:05:52:6e:a6:a2:87:33: aa:f0:6b:24:f2:d3:7b:e2:7f:7c:12:6b:a3:3c:17:3c:27:ae: ac:bc:3e:95:ac:7a:54:f2:99:69:e5:66:2a:8a:ca:2f:55:c0: ce:aa:af:fc:7f:2d:51:fb:af:0f:9e:a4:cf:1e:4c:b1:3f:93: 1b:ba:64:f0:e8:ed:6d:b9:03:37:d8:87:33:28:83:a0:d1:11: 92:c0:4a:b9:9d:b2:b3:96:58:b9:03:ae:b9:bf:2c:11:be:81: 9a:73:35:c3:e8:c7:2c:94:cf:02:4a:78:b6:b0:99:08:dd:db: 83:47:74:12:c1:78:4e:47:cd:99:1a:a4:57:d2:ff:c3:22:d3: eb:ab:da:9b:9c:97:9d:3f:ca:6a:ed:ab:57:41:81:80:df:4d: 9b:84:9b:bf:0a:37:44:b1:3a:a3:56:0f:3e:a2:6f:99:1b:f2: bb:dd:83:94:0f:f8:24:28:38:a1:70:21:6d:80:6f:f7:2b:93: 36:97:df:3f:b2:3d:69:a8:eb:62:5c:74:ef:fd:85:d4:64:b9: e1:be:91:39:66:ec:69:43:a8:83:a7:60:8d:c2:b5:f3:ef:ab: 06:7b:b5:75:95:42:29:a3:5e:d3:74:b2:8a:ea:2d:c0:ef:a0: ba:03:07:ab -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUcWQKYemYxTF9SUqLHQ9qPItaNMowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDcxNTAwMDAwNloX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAMWM5YTUwMGJhYzQ1ZmI1Y2YzZGNi NjMwNDA2OTgwMGI3MWE0YzgwMWI1YTlkYTdkMTdhOTk0ZmEwMjFjZjZjZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5g3Ep+nUw/NvoOETvgei8PW2gpD Gz7K/tk9m+M8KRmuGlUpaTLNhHL4Bfs470+ULB9DzZ7JmBrMcgYVGLzk/gW70Zqe nXGOSD1lzr4fDlxoFr2WSgBdt73ZSyu5bgwII2jjvMQw86+ZpMhgnJg4JPKXqWLT DnC6BWM2dJB/Me1oUtQcEoKFiwlN4uurpNxKj+NKUjC5nlETYABkdVLjucD7a0oV e5lGTyGw2SIdvUpinc5Ro8YPBFIVgJEUCGY3Xu/7uktfzlnsbUUFXIz7AV7L1bBg oUxDIfDBcbSTp6gzP5xilImUlHBnzRXPHRYcQErHmw1r4XOX3IkuDY9hawIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFAw/O2Mu1qbN4f0y8eKFNhk1dJWFMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2NjMmY3MDkzLTIxYTYtNDAwZi05ZGIxLTkzYzJmZTAyYmMxYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEARaJsiFaW9QpWWWcFUm6m ooczqvBrJPLTe+J/fBJrozwXPCeurLw+lax6VPKZaeVmKorKL1XAzqqv/H8tUfuv D56kzx5MsT+TG7pk8OjtbbkDN9iHMyiDoNERksBKuZ2ys5ZYuQOuub8sEb6BmnM1 w+jHLJTPAkp4trCZCN3bg0d0EsF4TkfNmRqkV9L/wyLT66vam5yXnT/Kau2rV0GB gN9Nm4Sbvwo3RLE6o1YPPqJvmRvyu92DlA/4JCg4oXAhbYBv9yuTNpffP7I9aajr Ylx07/2F1GS54b6ROWbsaUOog6dgjcK18++rBnu1dZVCKaNe03SyiuotwO+gugMH qw== -----END CERTIFICATE-----Generated at Mon Jul 21 23:19:01 2025 by rpki-client