$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: Po+HHzGuBglBz9e/FVQqpy3zTm7LVh3VZ9iWVhteDhw= Subject key identifier: 01:BC:F8:1B:34:9A:9A:96:07:4F:06:AE:7D:F8:00:AC:7F:45:50:75 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 4E1E4F012FD4154E253E7BFCFA4EDFCFBF41FE5E Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Sat 09 Aug 2025 00:00:03 +0000 ROA not before: Sat 09 Aug 2025 00:00:03 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:03:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:1e:4f:01:2f:d4:15:4e:25:3e:7b:fc:fa:4e:df:cf:bf:41:fe:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Aug 9 00:00:03 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=022064113f9b808aec32b082214b676c16cf71742c71aa5724e93620cf04fa9f, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:0b:3c:12:e0:74:56:98:9e:5f:f8:07:73:25: 58:02:c5:01:00:2a:19:3d:3a:73:c9:f8:fe:33:63: 0e:c4:c8:8a:29:38:90:07:26:8c:2d:78:55:b6:4a: 0b:54:33:9c:22:c7:e6:74:8d:2f:1f:c4:4b:86:a9: ed:be:17:a2:7a:19:d9:9a:85:48:55:8b:f0:11:92: a7:19:8b:36:6d:4d:a3:f9:8d:f7:af:ac:99:62:a6: a8:6a:f7:3f:a7:c8:07:fd:14:78:e6:69:58:6f:6c: c4:f7:b2:be:87:c9:fd:2f:27:b6:0b:6b:36:32:02: bc:c0:a0:46:40:d3:01:98:2f:67:0d:9b:52:d0:d2: 6d:8c:08:6a:07:e9:67:b6:74:01:dd:17:bd:5b:da: 90:ea:4a:1a:fc:1a:41:62:ac:1c:fb:08:a1:89:69: da:19:3d:2d:11:47:cb:da:9a:87:70:f5:f6:89:c3: 79:90:4a:1e:f5:0a:c6:77:3f:a4:12:69:05:47:66: 72:1a:92:21:b2:c3:d6:25:d4:be:1c:dd:30:95:b1: 7b:7f:84:86:3c:35:12:b2:76:26:ae:f6:e2:c3:44: fd:03:68:a3:b9:67:6a:86:15:7b:0b:bf:d4:06:9a: d6:8e:ad:97:35:c4:57:83:14:4b:3b:86:ab:87:57: fc:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:BC:F8:1B:34:9A:9A:96:07:4F:06:AE:7D:F8:00:AC:7F:45:50:75 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 26:69:05:7d:e1:c4:e9:00:89:b3:aa:f9:b2:2f:47:ba:e2:71: d2:af:a2:21:37:1f:84:2f:cb:8a:f5:63:6f:c5:f7:d8:a9:be: e0:26:38:36:8b:07:17:c9:f9:88:6b:0d:ee:6d:ec:59:dd:ef: f2:c1:aa:5f:bd:a9:05:25:72:0a:e4:de:5c:91:8f:34:cf:5e: 25:c9:0e:e5:da:70:28:f0:a0:9b:64:69:09:60:bf:40:85:f9: c9:cc:bf:3a:78:88:cc:d9:dd:15:8b:96:a8:a4:cc:fc:58:11: 1b:53:ed:45:45:a8:05:58:3c:56:a2:be:ce:7b:74:20:b1:b5: 5e:4b:84:75:92:e8:15:3f:0d:ec:94:f6:39:37:9e:3c:48:12: 71:cb:be:53:dd:8b:79:8e:75:93:d3:cf:e7:88:6d:22:ff:e5: d9:8f:a5:68:87:40:54:05:b2:8a:ec:27:b9:41:42:61:a6:67: d8:2f:0c:e2:39:39:51:5e:0e:cf:31:3e:97:4d:f3:07:2e:8a: d0:9f:d1:d2:3b:a2:02:87:8f:63:74:96:78:7f:b9:d6:79:b7: 35:2d:8a:80:84:ad:52:9c:31:31:78:05:8c:95:58:59:ec:f0: 33:7e:a6:99:07:c6:dc:ad:e9:b8:62:ae:72:b2:e6:4e:d6:fb: 5c:5f:95:36 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTh5PAS/UFU4lPnv8+k7fz79B/l4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDgwOTAwMDAwM1oX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNAMDIyMDY0MTEzZjliODA4YWVjMzJi MDgyMjE0YjY3NmMxNmNmNzE3NDJjNzFhYTU3MjRlOTM2MjBjZjA0ZmE5ZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAs8EuB0VpieX/gHcyVYAsUBACoZ PTpzyfj+M2MOxMiKKTiQByaMLXhVtkoLVDOcIsfmdI0vH8RLhqntvheiehnZmoVI VYvwEZKnGYs2bU2j+Y33r6yZYqaoavc/p8gH/RR45mlYb2zE97K+h8n9Lye2C2s2 MgK8wKBGQNMBmC9nDZtS0NJtjAhqB+lntnQB3Re9W9qQ6koa/BpBYqwc+wihiWna GT0tEUfL2pqHcPX2icN5kEoe9QrGdz+kEmkFR2ZyGpIhssPWJdS+HN0wlbF7f4SG PDUSsnYmrvbiw0T9A2ijuWdqhhV7C7/UBprWjq2XNcRXgxRLO4arh1f8pQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAG8+Bs0mpqWB08Grn34AKx/RVB1MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAmaQV94cTpAImzqvmy L0e64nHSr6IhNx+EL8uK9WNvxffYqb7gJjg2iwcXyfmIaw3ubexZ3e/ywapfvakF JXIK5N5ckY80z14lyQ7l2nAo8KCbZGkJYL9AhfnJzL86eIjM2d0Vi5aopMz8WBEb U+1FRagFWDxWor7Oe3QgsbVeS4R1kugVPw3slPY5N548SBJxy75T3Yt5jnWT08/n iG0i/+XZj6Voh0BUBbKK7Ce5QUJhpmfYLwziOTlRXg7PMT6XTfMHLorQn9HSO6IC h49jdJZ4f7nWebc1LYqAhK1SnDExeAWMlVhZ7PAzfqaZB8bcrem4Yq5ysuZO1vtc X5U2 -----END CERTIFICATE-----Generated at Wed Aug 20 13:13:19 2025 by rpki-client