$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: MnnFNur5nyy7IO3KMXOxN4PNVmc+TGncHg14pnzPlQg= Subject key identifier: E1:B8:EC:82:5D:43:EE:86:D3:58:B9:96:EF:B8:A0:D5:5A:A6:3A:69 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 0F440B5C39A844541FBF8629288F9E85C3D132CC Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Wed 03 Sep 2025 00:00:30 +0000 ROA not before: Wed 03 Sep 2025 00:00:30 +0000 ROA not after: Wed 08 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 00:03:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:44:0b:5c:39:a8:44:54:1f:bf:86:29:28:8f:9e:85:c3:d1:32:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 3 00:00:30 2025 GMT Not After : Oct 8 23:59:59 2025 GMT Subject: serialNumber=c47bd7c808a45d9c4e2d543e9736e0b98016921f087d4cf4d102c6f9c38b1e83, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:29:b9:11:5a:5b:15:75:d0:3d:8e:26:e4:e3: 7e:84:52:c4:11:b6:05:c5:7c:0a:1a:0c:d1:97:a0: 8a:9c:c5:9e:07:cc:47:a5:5e:6c:89:b0:1e:24:24: 9a:88:e4:42:4f:d7:ed:d4:d7:74:e3:84:48:dc:72: 5f:60:cb:30:58:0d:0c:34:c1:6b:8f:ba:0c:a9:fe: 30:2c:38:6d:8b:ea:3c:fc:ea:c0:b2:48:c1:65:bb: e0:f4:0a:d3:cf:cf:01:85:d7:a2:63:8f:a3:29:ab: 32:53:db:c5:1b:99:80:70:f7:9e:2c:11:41:5f:54: 3a:5a:09:9c:45:f9:95:d8:54:c9:72:f6:30:ab:98: 93:37:ca:0d:32:2d:7e:54:05:b5:61:4f:b0:55:91: b9:11:a5:8b:39:19:40:d6:ad:8c:df:e5:c7:6a:48: 71:9f:c7:7c:e0:3e:54:9b:77:65:3e:fa:b1:2f:76: 34:4a:35:9b:1f:56:51:58:83:de:2d:96:16:8a:ed: 4e:46:b3:ff:ca:ff:ba:08:29:c4:a7:6c:40:ec:30: 53:26:fe:82:b3:8d:98:5b:40:6b:a5:bf:27:e1:a6: 5e:41:e9:cf:01:86:9c:dc:cf:44:ef:bc:82:52:55: a3:86:82:1c:48:36:cb:fc:16:bc:68:9b:bf:f7:7c: 3f:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:B8:EC:82:5D:43:EE:86:D3:58:B9:96:EF:B8:A0:D5:5A:A6:3A:69 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 0c:94:eb:38:84:e8:b3:fe:ef:6e:af:39:b8:20:35:eb:0a:26: 88:c3:80:7c:2e:4b:72:35:21:d6:7f:06:63:c3:3b:d0:92:2b: f3:f5:b4:63:85:64:ea:b7:59:f4:12:3d:61:63:32:67:a9:10: 8e:13:44:85:c9:4e:a6:22:6b:7d:a8:d9:13:32:8e:3b:78:ff: cd:fb:2a:62:fb:d8:6a:e0:21:eb:2b:5c:1d:7a:c1:68:c8:e0: f0:31:0a:94:64:8e:89:c8:78:79:76:a0:6e:0b:d0:f4:e3:79: cd:76:e8:f0:e5:b6:42:69:15:5f:c3:ca:31:6b:d4:27:09:54: 5d:bc:4d:15:5f:6b:ad:e8:57:2d:f6:36:aa:cd:f2:6d:3a:1b: 2a:86:3a:f1:75:e7:d6:8f:9f:44:04:31:74:73:e0:be:ab:61: 55:06:6b:fe:31:88:6f:63:49:dd:bf:9e:53:2d:06:bb:39:b7: 6e:93:71:04:cf:96:d2:19:8f:f0:19:1a:f1:69:72:55:1e:09: b7:6a:3a:bc:4e:ee:89:f8:7c:7c:fe:57:a2:dc:80:9d:29:ab: 7e:50:66:ac:50:5d:06:b4:f3:d9:5f:1f:30:62:87:ab:2f:ea: b7:f6:a0:a1:12:df:d4:6f:2d:5e:25:c0:7e:39:a5:24:22:d5: b8:13:49:37 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUD0QLXDmoRFQfv4YpKI+ehcPRMswwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDkwMzAwMDAzMFoX DTI1MTAwODIzNTk1OVowejFJMEcGA1UEBRNAYzQ3YmQ3YzgwOGE0NWQ5YzRlMmQ1 NDNlOTczNmUwYjk4MDE2OTIxZjA4N2Q0Y2Y0ZDEwMmM2ZjljMzhiMWU4MzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSm5EVpbFXXQPY4m5ON+hFLEEbYF xXwKGgzRl6CKnMWeB8xHpV5sibAeJCSaiORCT9ft1Nd044RI3HJfYMswWA0MNMFr j7oMqf4wLDhti+o8/OrAskjBZbvg9ArTz88BhdeiY4+jKasyU9vFG5mAcPeeLBFB X1Q6WgmcRfmV2FTJcvYwq5iTN8oNMi1+VAW1YU+wVZG5EaWLORlA1q2M3+XHakhx n8d84D5Um3dlPvqxL3Y0SjWbH1ZRWIPeLZYWiu1ORrP/yv+6CCnEp2xA7DBTJv6C s42YW0Brpb8n4aZeQenPAYac3M9E77yCUlWjhoIcSDbL/Ba8aJu/93w/GwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOG47IJdQ+6G01i5lu+4oNVapjppMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAMlOs4hOiz/u9urzm4 IDXrCiaIw4B8LktyNSHWfwZjwzvQkivz9bRjhWTqt1n0Ej1hYzJnqRCOE0SFyU6m Imt9qNkTMo47eP/N+ypi+9hq4CHrK1wdesFoyODwMQqUZI6JyHh5dqBuC9D043nN dujw5bZCaRVfw8oxa9QnCVRdvE0VX2ut6Fct9jaqzfJtOhsqhjrxdefWj59EBDF0 c+C+q2FVBmv+MYhvY0ndv55TLQa7Obduk3EEz5bSGY/wGRrxaXJVHgm3ajq8Tu6J +Hx8/lei3ICdKat+UGasUF0GtPPZXx8wYoerL+q39qChEt/Uby1eJcB+OaUkItW4 E0k3 -----END CERTIFICATE-----Generated at Wed Sep 17 19:51:38 2025 by rpki-client