$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: 42D2MpM7D8MbZHMxL6Bn0db+gMi54+8csOxmsP/LWZU= Subject key identifier: 59:4F:62:0E:6D:59:A0:4C:6A:00:CC:1D:F7:99:6C:A5:1F:D3:58:CD Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 68425A254827A5086894CCBA307FA63CBA1A4DD0 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Sat 09 Aug 2025 00:00:03 +0000 ROA not before: Sat 09 Aug 2025 00:00:03 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:42:5a:25:48:27:a5:08:68:94:cc:ba:30:7f:a6:3c:ba:1a:4d:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 9 00:00:03 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=27e9d52a95f0fd66deeb9b5089a996be56a2ec0965a6ad02838963d7437583cd, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:64:8b:7c:6e:4d:11:56:63:93:a0:dc:07:71: b6:14:08:4d:3f:99:8a:9c:78:43:61:57:98:48:98: e6:21:5a:97:25:0f:71:97:55:e5:60:40:15:ba:fc: dc:f2:ef:0c:90:d0:98:ee:fc:76:4b:a7:43:44:d4: 85:b3:53:86:37:54:da:5c:7c:08:80:9b:9c:8b:aa: 1e:13:0d:57:f2:96:90:e7:fb:99:3e:12:b3:0d:71: 77:66:d8:14:f5:c1:31:be:56:13:0a:d2:91:fc:94: 4a:0e:30:8f:5f:61:c0:e6:d4:e8:c0:c1:56:b5:f7: a7:98:e8:08:a0:9a:0b:a3:7b:f3:ed:82:4d:01:92: 02:43:38:12:c3:5c:5f:36:42:77:28:b8:81:85:8e: 5b:2e:d2:63:7d:7a:b3:41:30:9a:f0:e8:69:c2:b3: 50:82:83:ad:44:b1:aa:36:c0:7c:10:e2:89:ef:cc: 61:d4:44:7f:a6:d1:ef:36:f0:9e:18:23:64:63:4d: 59:fa:77:2f:9f:28:92:37:22:66:a0:86:d2:d8:cd: e5:ff:84:9d:d8:85:d3:39:42:01:03:ab:22:d2:cc: 14:c9:0d:0b:2c:ec:01:39:2d:86:40:62:2a:91:25: a9:37:9b:46:80:81:4e:1a:6d:62:d3:86:e8:cd:43: 65:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:4F:62:0E:6D:59:A0:4C:6A:00:CC:1D:F7:99:6C:A5:1F:D3:58:CD X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption a7:2a:ac:ef:95:83:50:10:81:6c:da:6f:d1:7e:5a:fa:5b:f7: 08:bd:18:de:73:36:93:f7:ce:79:d5:a0:87:5e:fe:bd:65:e5: b0:98:fe:f7:4f:b8:00:2a:bd:9e:46:8c:83:58:c1:fb:62:e6: d2:de:aa:da:b8:9f:09:7e:b2:15:b3:8b:10:5c:8c:9a:47:16: cf:5e:cc:fe:2c:a1:b2:c6:3d:a5:b4:d4:48:6f:eb:62:9e:d5: 8c:21:8d:52:58:6e:21:74:4e:87:12:ca:19:58:cb:34:f9:6e: f0:ca:47:51:01:37:e8:04:ad:fa:d5:55:eb:73:0f:d9:36:a9: ac:1d:2b:05:e4:c3:79:52:40:c7:a7:fb:3d:1c:6e:dc:32:6e: d8:8a:b2:06:5e:61:b1:22:1c:b0:05:51:df:a1:c0:82:c3:61: 6b:69:76:c5:34:04:7f:b9:f5:d6:a6:2d:2a:7d:6d:ce:18:aa: f9:66:bc:1c:35:be:c9:f5:3b:36:c1:ca:69:14:cd:d6:09:70: 49:05:74:61:8c:87:97:41:6f:51:f8:f6:a8:87:51:17:69:31: fc:4c:0b:44:60:7c:b6:c4:fd:13:de:de:0d:bf:50:13:e7:dd: 79:0d:24:c5:e9:2a:71:0c:85:cf:9d:56:52:bd:fb:05:7b:c6: 75:a9:a2:09 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUaEJaJUgnpQholMy6MH+mPLoaTdAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwOTAwMDAwM1oX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNAMjdlOWQ1MmE5NWYwZmQ2NmRlZWI5 YjUwODlhOTk2YmU1NmEyZWMwOTY1YTZhZDAyODM4OTYzZDc0Mzc1ODNjZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GSLfG5NEVZjk6DcB3G2FAhNP5mK nHhDYVeYSJjmIVqXJQ9xl1XlYEAVuvzc8u8MkNCY7vx2S6dDRNSFs1OGN1TaXHwI gJuci6oeEw1X8paQ5/uZPhKzDXF3ZtgU9cExvlYTCtKR/JRKDjCPX2HA5tTowMFW tfenmOgIoJoLo3vz7YJNAZICQzgSw1xfNkJ3KLiBhY5bLtJjfXqzQTCa8OhpwrNQ goOtRLGqNsB8EOKJ78xh1ER/ptHvNvCeGCNkY01Z+ncvnyiSNyJmoIbS2M3l/4Sd 2IXTOUIBA6si0swUyQ0LLOwBOS2GQGIqkSWpN5tGgIFOGm1i04bozUNlwwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFFlPYg5tWaBMagDMHfeZbKUf01jNMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEApyqs75WDUBCBbNpv0X5a +lv3CL0Y3nM2k/fOedWgh17+vWXlsJj+90+4ACq9nkaMg1jB+2Lm0t6q2rifCX6y FbOLEFyMmkcWz17M/iyhssY9pbTUSG/rYp7VjCGNUlhuIXROhxLKGVjLNPlu8MpH UQE36ASt+tVV63MP2TaprB0rBeTDeVJAx6f7PRxu3DJu2IqyBl5hsSIcsAVR36HA gsNha2l2xTQEf7n11qYtKn1tzhiq+Wa8HDW+yfU7NsHKaRTN1glwSQV0YYyHl0Fv Ufj2qIdRF2kx/EwLRGB8tsT9E97eDb9QE+fdeQ0kxekqcQyFz51WUr37BXvGdami CQ== -----END CERTIFICATE-----Generated at Wed Aug 20 10:42:58 2025 by rpki-client