$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa File: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (raw, json) Hash identifier: 8BZFocgKPkGBJ81xSolcBX4ocQRaTMnybA4zb1BOLOA= Subject key identifier: E1:3A:80:A9:D3:B9:F5:59:F0:70:B6:87:95:25:96:85:F9:87:5B:FA Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4E22D8CB22D01C4A47D0728BB097998F34330FAA Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa Signing time: Sat 09 Aug 2025 00:00:03 +0000 ROA not before: Sat 09 Aug 2025 00:00:03 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:03:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:22:d8:cb:22:d0:1c:4a:47:d0:72:8b:b0:97:99:8f:34:33:0f:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 9 00:00:03 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=45701c63e0008ec513b194aceca65e50444e14b55e5d913d6528ec0a15e36134, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ac:11:cb:af:8b:60:7f:a5:2e:14:a0:a5:c8: 5d:91:06:ca:be:17:07:fd:85:20:36:60:43:65:96: 4a:0f:3d:4f:07:28:20:f9:40:d1:2d:38:65:10:cb: bc:ba:f9:ce:ae:e1:eb:40:f8:d4:c0:f8:ed:7e:86: 54:8b:7e:70:ce:3e:8d:21:af:cb:96:57:b9:83:92: 11:85:1d:d9:80:db:0f:ee:70:d8:23:20:00:7d:43: 68:59:24:8d:b3:bc:69:50:b5:a3:be:7e:e1:7a:7d: 78:7b:05:b6:76:d8:cf:dd:8d:5b:42:6a:cf:cf:1f: 8a:03:58:7b:ec:7b:a9:93:f0:df:83:87:52:49:33: 38:56:e7:10:32:a4:f5:c9:c5:16:b8:c5:6a:49:91: ea:4b:b3:e1:6a:e2:97:cb:c9:81:f5:96:2a:1a:ea: ca:56:66:ab:1a:54:f2:44:d6:62:e5:31:12:fa:92: 21:ce:da:9f:9f:68:22:66:7b:8e:f0:37:75:54:aa: ed:c3:e0:2e:be:e1:90:64:5b:19:25:fb:72:f0:05: 89:33:ed:27:9a:c3:44:9f:b9:61:4b:69:f8:61:b8: 70:6b:f2:9a:15:a6:13:98:d1:04:91:9a:ff:a1:82: ac:30:07:20:a9:60:59:d1:2c:96:85:1a:04:1e:72: cd:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:3A:80:A9:D3:B9:F5:59:F0:70:B6:87:95:25:96:85:F9:87:5B:FA X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 7a:29:b5:79:d5:25:9e:ec:c0:cf:84:34:93:74:69:2b:b1:d6: 87:3e:c4:05:49:e3:2c:b7:92:04:23:7c:ad:e8:cc:f9:b2:62: 84:c1:40:c9:b0:3d:3e:2e:6e:c3:a3:86:e5:cc:a6:1f:b4:37: 6f:61:f8:d5:b6:5d:42:02:e4:41:8a:0e:9e:34:f0:5b:4c:56: 2a:a8:21:04:38:4a:7d:fc:b8:3a:cd:0a:64:2e:95:42:1e:84: 62:1e:24:54:2e:59:5b:f1:ee:a3:cd:4a:61:64:47:5b:9b:95: d9:e3:82:fa:46:b7:a0:a5:81:99:86:f9:f3:db:13:f7:73:58: ba:86:41:bc:74:56:fd:1f:e8:fc:d7:c2:28:37:11:a6:1f:ac: 15:07:5a:02:c8:40:f2:98:fd:79:f4:e1:13:44:17:67:1b:4e: 48:0c:ad:c8:ee:b5:07:0d:36:f4:38:60:d3:ad:d1:6a:13:64: cc:c3:8c:08:47:57:20:34:bc:62:04:e1:e8:57:09:e9:0c:56: 7c:44:6c:af:9b:50:e8:0e:ef:9d:3e:1c:05:2b:57:62:9c:12: 8e:fb:c8:cd:3f:fb:1e:05:26:6b:92:c2:4b:1b:9a:fb:11:7d: fe:0e:48:f5:6e:d3:de:40:31:d0:46:4a:8e:90:d0:2b:5c:29: a3:1d:a9:df -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTiLYyyLQHEpH0HKLsJeZjzQzD6owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwOTAwMDAwM1oX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNANDU3MDFjNjNlMDAwOGVjNTEzYjE5 NGFjZWNhNjVlNTA0NDRlMTRiNTVlNWQ5MTNkNjUyOGVjMGExNWUzNjEzNDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6wRy6+LYH+lLhSgpchdkQbKvhcH /YUgNmBDZZZKDz1PBygg+UDRLThlEMu8uvnOruHrQPjUwPjtfoZUi35wzj6NIa/L lle5g5IRhR3ZgNsP7nDYIyAAfUNoWSSNs7xpULWjvn7hen14ewW2dtjP3Y1bQmrP zx+KA1h77Hupk/Dfg4dSSTM4VucQMqT1ycUWuMVqSZHqS7PhauKXy8mB9ZYqGurK VmarGlTyRNZi5TES+pIhztqfn2giZnuO8Dd1VKrtw+AuvuGQZFsZJfty8AWJM+0n msNEn7lhS2n4Ybhwa/KaFaYTmNEEkZr/oYKsMAcgqWBZ0SyWhRoEHnLNOwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOE6gKnTufVZ8HC2h5UlloX5h1v6MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2ZjZDZhZGFiLTA2ZjAtNDY3Ni05NTY4LTZkNGQ0OGY3NjU4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQB6KbV51SWe7MDPhDST dGkrsdaHPsQFSeMst5IEI3yt6Mz5smKEwUDJsD0+Lm7Do4blzKYftDdvYfjVtl1C AuRBig6eNPBbTFYqqCEEOEp9/Lg6zQpkLpVCHoRiHiRULllb8e6jzUphZEdbm5XZ 44L6RregpYGZhvnz2xP3c1i6hkG8dFb9H+j818IoNxGmH6wVB1oCyEDymP159OET RBdnG05IDK3I7rUHDTb0OGDTrdFqE2TMw4wIR1cgNLxiBOHoVwnpDFZ8RGyvm1Do Du+dPhwFK1dinBKO+8jNP/seBSZrksJLG5r7EX3+Dkj1btPeQDHQRkqOkNArXCmj Hanf -----END CERTIFICATE-----Generated at Wed Aug 20 10:45:24 2025 by rpki-client