$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa File: 8c170584-7c9b-414b-8cba-a934a0a79bbe.roa (raw, json) Hash identifier: kwDtKkjV5R3jmwfsxK9pMTDCxQI0E15H942j4JCKTKo= Subject key identifier: E5:D9:5E:8E:A6:BF:E4:19:DF:E7:56:47:33:C0:B5:5B:1E:63:33:7B Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 0CA66A7CF03A45343A199FF2D342DFDDF50206BF Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa Signing time: Mon 04 Aug 2025 15:00:59 +0000 ROA not before: Mon 04 Aug 2025 15:00:59 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:a6:6a:7c:f0:3a:45:34:3a:19:9f:f2:d3:42:df:dd:f5:02:06:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 4 15:00:59 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=356b8f3b1f0044875a0c7f063cafb90bf0925a1f44c96c1568f7c6c7e24b2794, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:45:81:df:44:3b:7f:29:c6:27:cc:9b:90:da: 04:23:a9:84:fd:4b:86:f3:85:4c:fb:79:bf:8f:ae: b2:8f:f7:cf:bb:c1:ee:f0:09:52:ef:3e:b8:99:c6: ad:7c:8b:19:7a:65:e9:6f:7c:8b:89:ab:ac:51:fc: 57:cc:1f:1f:e2:5f:1f:8b:0b:f8:0c:53:e8:8a:d1: 0a:dd:cb:f8:06:1d:58:72:34:eb:8e:e6:14:c0:78: e6:da:69:ee:21:53:f0:b5:0d:42:31:74:74:d5:d7: 6d:f2:fc:12:83:f6:b3:83:49:31:51:e2:19:ee:c2: 74:69:4a:77:d5:b8:2d:e1:22:fa:83:e6:21:23:16: 52:85:a8:12:b8:fa:7a:a5:20:d7:64:85:30:70:69: dd:80:e1:94:21:11:87:ce:a4:a5:58:a7:83:f0:c2: bd:25:5f:92:df:ed:15:83:af:78:75:46:f4:96:80: 9d:e5:44:75:44:8f:35:e0:65:af:a0:56:bd:7f:01: dd:61:87:df:42:7d:20:77:8a:0c:67:b7:db:bd:a8: ed:71:21:b7:5b:d2:20:3c:25:2c:b5:c4:50:64:34: 56:c2:62:0d:c3:45:79:13:7f:24:96:35:a9:c4:3a: 74:5a:53:e5:74:5f:f4:de:02:ef:16:e3:8b:37:ad: c7:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:D9:5E:8E:A6:BF:E4:19:DF:E7:56:47:33:C0:B5:5B:1E:63:33:7B X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:4000::/48 Signature Algorithm: sha256WithRSAEncryption e2:7d:5a:2b:83:b5:25:6b:de:80:b8:0f:3c:e6:c4:fb:f3:c6: f1:fc:43:46:aa:28:9a:42:02:ae:5f:b6:d3:04:1e:03:6d:0a: c1:2e:06:69:4d:68:31:09:20:a3:a0:ac:43:19:e8:11:1c:bd: ab:8d:f6:f7:05:d4:4c:49:f5:f7:08:8b:fc:2d:1c:5c:99:7b: 37:36:28:e9:3c:85:66:93:f4:4f:ab:94:64:fa:e7:43:a0:d5: 1e:c4:33:95:98:17:6d:af:14:ac:12:ed:9a:20:c2:a3:99:ec: cf:2d:e2:ac:90:c1:46:8d:12:be:b8:56:ad:da:92:b4:90:8c: 37:9b:51:88:4a:fe:84:f6:80:77:8e:8e:16:20:42:bd:a6:ea: 83:78:5b:a0:13:da:98:49:87:cb:7b:46:ff:97:b1:d7:03:51: f9:6f:d2:60:bd:34:0c:0c:d3:f8:7d:bd:0c:f1:ba:c2:67:c4: d6:a9:83:a9:58:0a:72:f8:06:09:af:b9:24:e2:2d:c7:97:ed: f8:ba:be:c7:f5:97:11:d1:45:c7:07:4d:ba:30:ea:08:6b:6c: 83:28:cc:e6:7f:06:34:37:8f:0d:0c:e0:71:0d:0b:b6:2a:3b: 4d:42:81:4e:6f:42:1b:2b:83:8f:b3:49:c2:11:23:17:1c:46: 56:bb:ae:a2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDKZqfPA6RTQ6GZ/y00Lf3fUCBr8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwNDE1MDA1OVoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAMzU2YjhmM2IxZjAwNDQ4NzVhMGM3 ZjA2M2NhZmI5MGJmMDkyNWExZjQ0Yzk2YzE1NjhmN2M2YzdlMjRiMjc5NDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEWB30Q7fynGJ8ybkNoEI6mE/UuG 84VM+3m/j66yj/fPu8Hu8AlS7z64mcatfIsZemXpb3yLiausUfxXzB8f4l8fiwv4 DFPoitEK3cv4Bh1YcjTrjuYUwHjm2mnuIVPwtQ1CMXR01ddt8vwSg/azg0kxUeIZ 7sJ0aUp31bgt4SL6g+YhIxZShagSuPp6pSDXZIUwcGndgOGUIRGHzqSlWKeD8MK9 JV+S3+0Vg694dUb0loCd5UR1RI814GWvoFa9fwHdYYffQn0gd4oMZ7fbvajtcSG3 W9IgPCUstcRQZDRWwmINw0V5E38kljWpxDp0WlPldF/03gLvFuOLN63HbQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOXZXo6mv+QZ3+dWRzPAtVseYzN7MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzhjMTcwNTg0LTdjOWItNDE0Yi04Y2JhLWE5MzRhMGE3OWJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAEAAMA0GCSqGSIb3DQEBCwUAA4IBAQDifVorg7Ula96AuA88 5sT788bx/ENGqiiaQgKuX7bTBB4DbQrBLgZpTWgxCSCjoKxDGegRHL2rjfb3BdRM SfX3CIv8LRxcmXs3NijpPIVmk/RPq5Rk+udDoNUexDOVmBdtrxSsEu2aIMKjmezP LeKskMFGjRK+uFat2pK0kIw3m1GISv6E9oB3jo4WIEK9puqDeFugE9qYSYfLe0b/ l7HXA1H5b9JgvTQMDNP4fb0M8brCZ8TWqYOpWApy+AYJr7kk4i3Hl+34ur7H9ZcR 0UXHB026MOoIa2yDKMzmfwY0N48NDOBxDQu2KjtNQoFOb0IbK4OPs0nCESMXHEZW u66i -----END CERTIFICATE-----Generated at Wed Aug 20 10:49:55 2025 by rpki-client