$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json) Hash identifier: zLc/9ugUYkcVfNt6DDJSY6DViFpXJCwNvXhUNFh4Wxo= Subject key identifier: D5:9B:4E:04:55:D2:EF:71:E4:86:99:0F:D9:BB:8B:E2:99:8F:40:6A Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 0D0E0CAAB71C253B4655E3B5101CF8ED3AF7D157 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa Signing time: Wed 09 Jul 2025 00:00:28 +0000 ROA not before: Wed 09 Jul 2025 00:00:28 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:0e:0c:aa:b7:1c:25:3b:46:55:e3:b5:10:1c:f8:ed:3a:f7:d1:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 9 00:00:28 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=72c99d4fb03d727f18727eb5f408459a2601aea3966b2a72d5461582139673b5, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:4f:07:48:ab:cd:52:0f:7f:c3:2e:65:6f:87: 1c:3f:79:f1:0f:6f:96:73:41:16:b4:f3:6f:d9:94: 08:bc:74:1f:e2:34:96:df:ed:61:be:88:39:c7:d2: 23:c5:ea:a7:a0:fe:a9:33:4f:34:53:a2:4c:3c:23: 35:de:fb:df:cc:8e:96:59:70:a2:9b:0e:dd:14:fc: 08:e8:04:7b:1f:1a:07:cb:1f:b4:03:66:1f:fd:e9: 8c:64:97:02:74:1f:ac:b0:5c:c1:1a:52:76:3d:6d: 01:1f:08:3c:93:d0:3a:7e:f2:66:cb:b9:a7:73:c0: b5:36:f0:6d:45:2b:30:14:af:04:25:e8:32:af:df: 01:44:80:27:59:8c:4d:0d:25:0d:b9:76:cb:c6:01: c9:eb:16:a6:84:c1:20:da:dd:f2:1d:a3:46:44:3c: e9:9c:29:32:4c:1f:1b:b6:7f:35:7c:6e:f6:07:66: ee:e1:ed:70:30:46:b7:f7:34:ec:b2:d7:71:4f:d1: 45:82:96:dc:16:6f:40:bb:6c:51:db:2f:33:7f:16: 92:d3:fa:fb:91:86:3f:29:29:42:f7:76:80:63:db: 0f:e1:be:02:26:32:96:a9:0a:ec:22:cc:d9:02:8a: 8f:6e:73:2b:7f:33:79:04:ae:3d:9f:91:30:7e:bd: 6f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:9B:4E:04:55:D2:EF:71:E4:86:99:0F:D9:BB:8B:E2:99:8F:40:6A X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/48 Signature Algorithm: sha256WithRSAEncryption 00:21:05:d9:6d:0c:34:40:ea:59:4b:69:0f:95:00:9d:a1:e2: b2:f6:45:44:a4:ab:8e:9c:c6:c0:56:35:be:80:a8:87:87:a0: 0c:47:55:48:32:e4:79:1b:d1:20:d1:ee:0d:59:52:fb:16:e9: 19:8c:d9:d7:93:aa:26:5e:e4:e7:cf:24:f5:dc:b5:01:a8:7f: 39:e3:32:57:16:b6:a8:18:68:40:be:7d:ff:31:dd:32:a5:d1: 8b:7a:cc:9f:b8:3a:39:ae:07:d3:b4:0d:5a:83:89:c0:ca:ff: 66:27:61:89:fc:41:fa:80:3e:3a:b5:c8:11:04:bb:b2:a2:71: e4:b8:b4:0b:16:cc:28:60:24:dd:74:46:2f:4c:21:61:91:8c: f7:31:44:60:c8:d6:ac:03:88:62:33:ef:94:be:cd:de:d2:fa: 92:84:cb:50:70:f5:3e:3d:2e:c9:31:a3:a7:56:61:2e:9c:e5: 74:b1:86:c9:94:50:3c:44:0d:90:b3:69:c3:d2:87:53:3b:da: 30:a7:15:67:2e:72:f6:ca:99:c9:60:bb:3a:74:bb:c4:5f:78: 7e:2c:e3:38:61:64:3a:2f:e5:71:fa:9b:21:06:57:c8:8f:df: d0:f0:77:cd:ab:7e:0d:94:de:6e:41:50:39:30:91:fa:40:0d: 84:d3:2e:d6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDQ4MqrccJTtGVeO1EBz47Tr30VcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwOTAwMDAyOFoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANzJjOTlkNGZiMDNkNzI3ZjE4NzI3 ZWI1ZjQwODQ1OWEyNjAxYWVhMzk2NmIyYTcyZDU0NjE1ODIxMzk2NzNiNTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE8HSKvNUg9/wy5lb4ccP3nxD2+W c0EWtPNv2ZQIvHQf4jSW3+1hvog5x9IjxeqnoP6pM080U6JMPCM13vvfzI6WWXCi mw7dFPwI6AR7HxoHyx+0A2Yf/emMZJcCdB+ssFzBGlJ2PW0BHwg8k9A6fvJmy7mn c8C1NvBtRSswFK8EJegyr98BRIAnWYxNDSUNuXbLxgHJ6xamhMEg2t3yHaNGRDzp nCkyTB8btn81fG72B2bu4e1wMEa39zTsstdxT9FFgpbcFm9Au2xR2y8zfxaS0/r7 kYY/KSlC93aAY9sP4b4CJjKWqQrsIszZAoqPbnMrfzN5BK49n5Ewfr1vTQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNWbTgRV0u9x5IaZD9m7i+KZj0BqMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAAIQXZbQw0QOpZS2kP lQCdoeKy9kVEpKuOnMbAVjW+gKiHh6AMR1VIMuR5G9Eg0e4NWVL7FukZjNnXk6om XuTnzyT13LUBqH854zJXFraoGGhAvn3/Md0ypdGLesyfuDo5rgfTtA1ag4nAyv9m J2GJ/EH6gD46tcgRBLuyonHkuLQLFswoYCTddEYvTCFhkYz3MURgyNasA4hiM++U vs3e0vqShMtQcPU+PS7JMaOnVmEunOV0sYbJlFA8RA2Qs2nD0odTO9owpxVnLnL2 ypnJYLs6dLvEX3h+LOM4YWQ6L+Vx+pshBlfIj9/Q8HfNq34NlN5uQVA5MJH6QA2E 0y7W -----END CERTIFICATE-----Generated at Mon Jul 21 23:24:27 2025 by rpki-client