$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json) Hash identifier: EPvoRMnGKG5xZf5eimr1MDAtgUNi6zNpYiiPjvtebgQ= Subject key identifier: C0:E8:77:93:4C:89:BE:E4:77:A7:EF:93:10:67:C3:69:B7:5E:7A:71 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 6091BC993BB657F0A5DF8DAC7EE4AB1FCDB95714 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa Signing time: Mon 04 Aug 2025 15:01:00 +0000 ROA not before: Mon 04 Aug 2025 15:01:00 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:91:bc:99:3b:b6:57:f0:a5:df:8d:ac:7e:e4:ab:1f:cd:b9:57:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 4 15:01:00 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=e616b42e91f415165d452c4d741333ce1620eb0f26f0c21d4d4c9c195af78dfb, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:41:f7:28:ac:49:6a:d7:d7:78:db:70:46:5a: 32:47:2b:2e:30:04:73:7f:c5:d3:59:e6:b4:88:b7: 4f:09:af:dc:e7:92:10:a9:99:f7:fd:ed:c0:02:09: 7d:71:87:c4:e6:0d:2c:a0:2f:a8:68:cf:cf:30:30: f7:10:47:8f:f8:05:44:54:07:cf:3b:64:9f:30:e3: 2e:20:4d:ba:41:38:ba:36:c6:19:62:09:eb:fa:3a: 98:f8:8c:76:8a:dc:d7:46:d1:33:bd:37:7b:7e:76: 3a:1f:f7:99:87:3c:a7:d1:6f:fc:32:b3:35:0a:46: 60:ec:8a:c6:0b:e9:a4:ba:00:11:f4:32:5f:a4:7e: e9:10:4e:06:0b:fe:95:bc:59:2e:23:e5:fd:a6:9d: 4a:c9:59:3c:33:e8:66:a1:d7:22:5d:f1:e2:b3:cf: 9e:ed:4e:e3:bd:2b:97:c9:fd:3c:ed:68:95:6c:0d: 9e:b7:ed:e6:95:41:79:26:4d:32:99:82:eb:bc:cc: 82:2a:72:40:9b:99:b1:21:81:1b:8d:b4:61:0b:1f: 52:04:b1:e8:4f:3d:f5:27:7d:1a:a1:b1:b0:c3:9a: 5c:29:d4:2f:1d:c1:04:16:14:f2:df:f5:2a:d4:38: e1:6c:48:e6:45:e2:4a:49:09:92:5f:19:2e:0e:b3: 0c:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:E8:77:93:4C:89:BE:E4:77:A7:EF:93:10:67:C3:69:B7:5E:7A:71 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:2000::/36 Signature Algorithm: sha256WithRSAEncryption 8e:b3:90:14:83:6c:4b:f3:10:2c:55:44:c4:9b:2e:ca:01:3f: 91:01:8c:22:2d:d7:b1:20:15:14:57:17:df:23:08:76:84:0e: 4a:19:72:d3:52:13:52:97:82:a9:f8:3c:63:0e:c9:d7:20:69: e6:eb:6d:c7:8f:ef:8c:09:66:1e:ad:4e:d3:81:07:b3:c1:55: 6e:52:46:c3:71:32:95:58:5c:3b:c9:e7:0b:a7:8b:57:27:ab: 6f:42:0a:bf:89:ee:0f:ab:72:d8:90:24:c9:d8:68:01:34:87: c3:e9:a7:11:81:50:5f:7b:64:b9:b8:cc:27:26:b1:3e:38:98: a8:84:ff:64:62:99:49:e9:d7:73:e4:ca:26:cf:86:1e:9a:e1: e5:ac:f7:5f:49:f4:45:4c:fe:9f:df:dd:f1:95:3e:9a:f2:2e: c8:a5:dc:da:ea:6f:fe:df:8f:44:38:20:05:a7:20:04:46:e7: 7b:63:91:6f:3b:09:a4:3c:1d:40:66:6c:a4:02:16:7b:b9:ca: a4:3d:3c:e4:55:8f:6c:7f:a0:de:4c:f2:1f:a9:ca:2f:95:81: c6:d6:45:4f:3d:2a:b8:d6:ad:01:23:e6:06:28:f3:ab:d4:59: bc:0b:bf:bc:05:86:0a:90:0c:3c:b2:7e:1c:7a:8d:59:6b:a4: ed:8f:b4:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYJG8mTu2V/Cl342sfuSrH825VxQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwNDE1MDEwMFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAZTYxNmI0MmU5MWY0MTUxNjVkNDUy YzRkNzQxMzMzY2UxNjIwZWIwZjI2ZjBjMjFkNGQ0YzljMTk1YWY3OGRmYjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0H3KKxJatfXeNtwRloyRysuMARz f8XTWea0iLdPCa/c55IQqZn3/e3AAgl9cYfE5g0soC+oaM/PMDD3EEeP+AVEVAfP O2SfMOMuIE26QTi6NsYZYgnr+jqY+Ix2itzXRtEzvTd7fnY6H/eZhzyn0W/8MrM1 CkZg7IrGC+mkugAR9DJfpH7pEE4GC/6VvFkuI+X9pp1KyVk8M+hmodciXfHis8+e 7U7jvSuXyf087WiVbA2et+3mlUF5Jk0ymYLrvMyCKnJAm5mxIYEbjbRhCx9SBLHo Tz31J30aobGww5pcKdQvHcEEFhTy3/Uq1DjhbEjmReJKSQmSXxkuDrMM2QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMDod5NMib7kd6fvkxBnw2m3XnpxMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBAI6zkBSDbEvzECxVRMSb LsoBP5EBjCIt17EgFRRXF98jCHaEDkoZctNSE1KXgqn4PGMOydcgaebrbceP74wJ Zh6tTtOBB7PBVW5SRsNxMpVYXDvJ5wuni1cnq29CCr+J7g+rctiQJMnYaAE0h8Pp pxGBUF97ZLm4zCcmsT44mKiE/2RimUnp13PkyibPhh6a4eWs919J9EVM/p/f3fGV PpryLsil3Nrqb/7fj0Q4IAWnIARG53tjkW87CaQ8HUBmbKQCFnu5yqQ9PORVj2x/ oN5M8h+pyi+VgcbWRU89KrjWrQEj5gYo86vUWbwLv7wFhgqQDDyyfhx6jVlrpO2P tOM= -----END CERTIFICATE-----Generated at Wed Aug 20 10:43:55 2025 by rpki-client