$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: 576XBd2niZBqi+c2pxQktwulHLgv9uOE7PkYzNFlSZg= Subject key identifier: 46:48:89:11:A8:5C:4C:31:E2:34:0B:A3:18:94:91:77:C6:0F:4D:D4 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 47228EB610AEDF41B80F8F5CAF38C07896D317AB Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Tue 15 Jul 2025 00:00:26 +0000 ROA not before: Tue 15 Jul 2025 00:00:26 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:22:8e:b6:10:ae:df:41:b8:0f:8f:5c:af:38:c0:78:96:d3:17:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 15 00:00:26 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=786351717e5b363686ce3cdd8de92ba0f004eacdb3500dd55c0dc2b5da701d3f, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:92:75:58:e9:1b:72:3f:a6:f0:b9:2d:aa:3e: c1:f3:d8:0e:86:d3:e8:7d:95:76:48:2e:91:be:69: 63:1a:e7:95:5b:dc:ee:35:c0:f0:a9:bc:9a:6f:fb: 71:54:9c:a9:00:90:05:0c:6d:e5:3c:2c:ac:e0:0d: af:0a:c3:fa:a1:d9:15:27:db:71:c9:0b:12:68:8d: ea:57:0b:a9:34:eb:1e:98:bd:d8:bf:a4:72:8d:ff: 32:bc:28:65:bb:9b:9a:c7:d1:00:75:c4:c0:8c:31: de:03:47:cd:68:d6:98:47:ee:39:6e:35:54:74:28: a2:81:3e:cd:20:e0:ec:fc:ee:df:79:72:4d:2d:cc: 80:38:ae:b7:71:61:c6:45:73:1c:0b:d8:35:31:6f: d2:b1:25:f9:a6:ca:a7:a5:2f:40:88:2d:af:b7:f8: fe:eb:aa:22:35:63:fb:2a:da:ce:e4:97:03:12:93: 8e:94:94:63:44:e8:ef:7d:e2:60:3a:1b:60:2b:be: 73:dc:84:bf:02:1d:0e:8f:c8:8c:ef:d3:0c:5a:21: 5a:51:c2:7f:18:7e:32:03:8d:51:43:90:2f:5a:30: 31:15:08:d6:1d:ad:c7:c3:07:90:0f:0d:94:f0:8a: 94:03:2e:11:83:2a:db:6b:73:4f:89:36:b9:fc:b6: 42:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:48:89:11:A8:5C:4C:31:E2:34:0B:A3:18:94:91:77:C6:0F:4D:D4 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 12:c2:36:6a:9f:2f:54:57:d2:f6:03:b9:b3:73:8a:c7:52:fa: db:52:d4:86:4f:c5:0b:f9:63:44:da:07:33:4c:86:35:b4:81: 37:57:e5:1c:06:c1:79:c3:5c:c1:34:7d:44:38:cd:ad:9c:06: 77:e3:80:6b:08:52:26:cf:ad:70:73:a9:f8:c5:cb:8e:5a:ad: 5b:71:15:fe:11:56:95:07:cc:0a:19:70:35:a9:2f:be:94:e9: e0:71:1e:3c:05:60:aa:0b:0b:cc:17:1d:7d:5a:18:f1:6f:4c: cd:7c:0f:0a:cd:61:4c:68:f5:26:a4:f3:a7:db:df:9e:58:29: 68:7f:99:ab:8c:d2:fa:15:79:8a:90:83:51:e0:8c:a7:26:1e: 8a:5e:93:15:95:41:b6:9e:fe:e5:3f:a1:cb:26:ae:ab:db:f4: 6d:4e:b7:d5:2b:b7:8b:a9:3f:63:b7:b4:46:15:23:c9:70:12: 4b:d1:ab:17:16:9f:05:68:c3:94:09:dc:74:82:c2:43:c8:eb: 6e:74:0f:e3:c3:a8:68:fe:f7:a2:b3:88:80:2d:c3:ef:4c:ef: c3:40:52:00:e5:67:de:86:f4:4f:87:08:d9:f0:90:4b:49:5a: 7d:25:16:15:40:f0:35:28:4b:c0:77:03:1e:03:18:c8:73:c9: 7a:75:85:82 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIURyKOthCu30G4D49crzjAeJbTF6swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcxNTAwMDAyNloX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNANzg2MzUxNzE3ZTViMzYzNjg2Y2Uz Y2RkOGRlOTJiYTBmMDA0ZWFjZGIzNTAwZGQ1NWMwZGMyYjVkYTcwMWQzZjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJJ1WOkbcj+m8Lktqj7B89gOhtPo fZV2SC6RvmljGueVW9zuNcDwqbyab/txVJypAJAFDG3lPCys4A2vCsP6odkVJ9tx yQsSaI3qVwupNOsemL3Yv6Ryjf8yvChlu5uax9EAdcTAjDHeA0fNaNaYR+45bjVU dCiigT7NIODs/O7feXJNLcyAOK63cWHGRXMcC9g1MW/SsSX5psqnpS9AiC2vt/j+ 66oiNWP7KtrO5JcDEpOOlJRjROjvfeJgOhtgK75z3IS/Ah0Oj8iM79MMWiFaUcJ/ GH4yA41RQ5AvWjAxFQjWHa3HwweQDw2U8IqUAy4Rgyrba3NPiTa5/LZCPQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFEZIiRGoXEwx4jQLoxiUkXfGD03UMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAEsI2ap8vVFfS9gO5s3OK x1L621LUhk/FC/ljRNoHM0yGNbSBN1flHAbBecNcwTR9RDjNrZwGd+OAawhSJs+t cHOp+MXLjlqtW3EV/hFWlQfMChlwNakvvpTp4HEePAVgqgsLzBcdfVoY8W9MzXwP Cs1hTGj1JqTzp9vfnlgpaH+Zq4zS+hV5ipCDUeCMpyYeil6TFZVBtp7+5T+hyyau q9v0bU631Su3i6k/Y7e0RhUjyXASS9GrFxafBWjDlAncdILCQ8jrbnQP48OoaP73 orOIgC3D70zvw0BSAOVn3ob0T4cI2fCQS0lafSUWFUDwNShLwHcDHgMYyHPJenWF gg== -----END CERTIFICATE-----Generated at Mon Jul 21 23:20:37 2025 by rpki-client