$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: M0GrvXOE20uhKuyeVVUTHSV0Sp/NNw7IvIGk1QmX7es= Subject key identifier: 5E:3F:6E:AA:3C:6B:20:F6:E3:10:3B:3A:34:9A:BC:75:FA:EF:94:35 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 677B76259366F61E1B4563ED81FF2BA679F93145 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Mon 26 May 2025 15:00:04 +0000 ROA not before: Mon 26 May 2025 15:00:04 +0000 ROA not after: Mon 30 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:7b:76:25:93:66:f6:1e:1b:45:63:ed:81:ff:2b:a6:79:f9:31:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: May 26 15:00:04 2025 GMT Not After : Jun 30 23:59:59 2025 GMT Subject: serialNumber=85c9017fcde865fb9d1d8fc1ece81e587f26d274db9c6c14123591fdbb699a22, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ce:b4:27:b9:84:e3:b1:5b:ad:e5:66:4b:91: aa:b0:22:1b:ba:b6:1e:cb:4f:b9:69:09:6e:d5:34: aa:79:66:75:1b:f3:3a:4e:af:c6:1a:3e:17:0d:26: 48:6a:cb:e1:34:da:43:a1:78:19:41:ef:55:de:45: db:48:99:9b:04:3d:94:a2:58:97:92:e0:5b:0c:6f: 5d:3b:a7:b4:5d:29:c8:10:c1:33:75:c7:90:1c:a5: 0e:3d:31:14:d3:85:9a:d3:ef:13:01:33:0a:df:ec: 91:24:9e:01:ff:e6:19:30:da:f0:72:e3:8f:fc:e3: 1d:11:fa:69:c1:d6:90:6f:06:4c:aa:5c:01:3f:41: 56:9a:69:66:7e:f9:46:f0:22:01:39:75:4f:b6:52: 16:9e:25:9a:b2:fa:4c:98:9a:fd:81:13:e0:71:8d: 08:a3:70:39:d5:ce:50:aa:a8:93:d6:46:3e:54:81: 07:55:16:3c:8f:85:3e:4d:ef:81:1d:8f:59:bc:b1: 80:ff:75:7c:39:67:ff:9d:86:69:6f:b1:a3:a6:90: c8:99:e3:33:c5:8b:63:6f:24:64:a3:62:96:02:59: 56:93:a8:52:16:43:82:fa:7c:4d:e4:fa:cf:79:73: e8:93:a2:b4:05:37:1f:50:56:ad:fd:be:8b:29:9e: 38:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:3F:6E:AA:3C:6B:20:F6:E3:10:3B:3A:34:9A:BC:75:FA:EF:94:35 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 29:cc:fa:2b:2d:48:bf:b1:42:9f:ed:96:52:a4:d1:65:81:33: 54:6c:cf:16:fa:a9:fd:b1:db:54:86:9d:07:9f:8c:73:33:20: 2c:cf:4e:f2:76:87:cf:63:b4:f9:db:73:6d:dc:83:83:80:ed: 38:2b:3b:e1:53:e5:54:94:ce:88:fa:9d:7f:3e:44:ce:fa:86: e1:14:3c:4d:31:76:32:27:75:54:37:c5:a8:f8:bf:3b:ee:37: 35:62:cd:47:03:96:af:cd:6f:fe:10:e9:89:79:a6:53:65:f5: 1b:e1:f8:82:28:d3:4d:96:43:2a:fc:f5:90:bb:87:03:45:1a: c2:1c:ec:eb:37:c7:eb:30:8f:37:f2:f7:e7:14:f0:d7:9d:55: 64:b1:95:e8:f8:22:2d:34:4d:82:27:84:1c:c4:04:44:07:3b: f1:c9:a8:1a:3e:0c:6b:23:06:23:27:bb:fd:8c:2c:05:3d:2f: 75:bf:b4:fb:4a:97:51:43:b5:3d:ac:6f:59:57:fa:88:ce:b3: 07:47:6e:8b:cd:08:e1:f3:85:96:a1:3d:91:61:95:72:9c:ab: ea:e2:a9:ee:ef:0b:c5:b5:e8:00:94:40:b8:bb:f9:4f:04:4d: c2:83:30:32:bf:3c:8a:38:0a:90:18:fc:f3:0b:a1:2c:07:69: ec:5e:17:60 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZ3t2JZNm9h4bRWPtgf8rpnn5MUUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDUyNjE1MDAwNFoX DTI1MDYzMDIzNTk1OVowejFJMEcGA1UEBRNAODVjOTAxN2ZjZGU4NjVmYjlkMWQ4 ZmMxZWNlODFlNTg3ZjI2ZDI3NGRiOWM2YzE0MTIzNTkxZmRiYjY5OWEyMjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc60J7mE47FbreVmS5GqsCIburYe y0+5aQlu1TSqeWZ1G/M6Tq/GGj4XDSZIasvhNNpDoXgZQe9V3kXbSJmbBD2UoliX kuBbDG9dO6e0XSnIEMEzdceQHKUOPTEU04Wa0+8TATMK3+yRJJ4B/+YZMNrwcuOP /OMdEfppwdaQbwZMqlwBP0FWmmlmfvlG8CIBOXVPtlIWniWasvpMmJr9gRPgcY0I o3A51c5QqqiT1kY+VIEHVRY8j4U+Te+BHY9ZvLGA/3V8OWf/nYZpb7GjppDImeMz xYtjbyRko2KWAllWk6hSFkOC+nxN5PrPeXPok6K0BTcfUFat/b6LKZ44BwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF4/bqo8ayD24xA7OjSavHX675Q1MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQApzPorLUi/sUKf7ZZS pNFlgTNUbM8W+qn9sdtUhp0Hn4xzMyAsz07ydofPY7T523Nt3IODgO04KzvhU+VU lM6I+p1/PkTO+obhFDxNMXYyJ3VUN8Wo+L877jc1Ys1HA5avzW/+EOmJeaZTZfUb 4fiCKNNNlkMq/PWQu4cDRRrCHOzrN8frMI838vfnFPDXnVVksZXo+CItNE2CJ4Qc xAREBzvxyagaPgxrIwYjJ7v9jCwFPS91v7T7SpdRQ7U9rG9ZV/qIzrMHR26LzQjh 84WWoT2RYZVynKvq4qnu7wvFtegAlEC4u/lPBE3CgzAyvzyKOAqQGPzzC6EsB2ns Xhdg -----END CERTIFICATE-----Generated at Tue Jun 3 23:36:05 2025 by rpki-client