$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: Feb3QUoa6V70mgxna5U4zkDiMpMtdSR8FEc6F9L2Hrk= Subject key identifier: 34:71:60:34:AA:6A:68:AE:6A:50:2D:4A:F8:3A:1A:78:C8:58:3D:FE Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 50072893916AB53179C7DCDC3BE91F46A7E90FCF Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Wed 03 Sep 2025 00:00:08 +0000 ROA not before: Wed 03 Sep 2025 00:00:08 +0000 ROA not after: Wed 08 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:07:28:93:91:6a:b5:31:79:c7:dc:dc:3b:e9:1f:46:a7:e9:0f:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Sep 3 00:00:08 2025 GMT Not After : Oct 8 23:59:59 2025 GMT Subject: serialNumber=2c5b4a8d97b16e5729dd7f91afd7f9fab85412e037ab46d013e3e0abd0e6b5dc, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8f:d0:a0:da:fd:92:e4:17:77:1d:71:c0:85: 1f:ab:16:ee:82:bc:c4:f0:1f:59:d8:c0:8c:d4:26: b3:5d:4f:29:f1:70:95:d7:38:38:4e:be:6a:e1:fb: 1c:af:be:2f:d6:6a:97:10:19:ca:b0:24:dc:64:c2: 0c:47:c1:80:e1:b4:e8:50:9e:a6:17:57:c6:e6:0e: 5e:90:be:b0:bc:bb:9c:e4:92:3b:58:64:c4:e3:8e: e3:3b:3a:06:39:b5:74:5c:f5:46:45:b0:31:13:87: d6:ee:a4:f0:8b:f0:11:34:ed:2b:cf:9b:74:5c:31: 1c:58:eb:c1:80:cf:44:bf:45:68:7a:b5:df:17:4e: cf:8d:f4:4e:c7:a8:62:a3:f8:5b:db:35:9d:49:81: 88:fd:56:32:f1:27:b9:03:16:d4:dc:f9:6e:2a:b7: 39:20:86:f3:58:ea:be:bd:12:2e:49:08:44:24:ea: c3:89:f4:0d:0f:ce:87:84:c8:c9:13:20:be:cd:4c: 71:7a:99:fb:a3:76:2d:d5:37:89:af:c9:a6:b7:dc: fb:90:1f:4e:bc:0a:61:5f:06:72:f0:fc:62:4c:a8: 4d:16:e4:5a:ba:90:ca:55:a4:e7:78:e5:9d:fd:0b: 9d:79:a0:56:71:0d:2b:d1:2d:0b:dd:bc:67:03:81: 81:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:71:60:34:AA:6A:68:AE:6A:50:2D:4A:F8:3A:1A:78:C8:58:3D:FE X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 62:7c:5e:87:c5:c1:03:49:ec:fe:30:f4:de:15:3c:5c:af:dc: f2:c3:b2:bd:76:65:71:db:68:ec:9e:41:dc:0b:13:b0:06:fd: 66:11:67:19:50:a8:ab:39:04:68:31:60:84:95:54:9a:27:f9: 7e:47:20:06:b1:44:a5:50:e9:83:f3:cb:f6:82:e9:68:14:1d: 95:5c:25:04:36:98:df:24:f0:34:75:a9:a7:78:f0:6e:97:42: 8b:c2:8b:b1:65:8c:a3:ae:3e:ea:b7:c5:5b:b3:0d:a6:10:13: e7:ce:24:09:3f:6b:64:cd:1d:50:0e:27:b1:4d:f1:6f:a8:02: a1:e1:77:e8:f2:ce:ea:4a:04:a6:37:bf:78:af:01:61:c0:86: ef:1b:df:ec:67:59:98:26:8d:ea:54:ba:09:26:ba:cc:93:5b: 34:13:8a:4a:48:ca:07:3f:63:63:43:d2:aa:b2:d5:84:8a:ac: b0:d9:65:c1:7a:8b:1c:28:20:af:9c:70:ce:9f:21:fa:99:af: fb:79:98:e9:12:4f:06:a0:e5:74:83:4a:1f:1e:5b:cb:0b:bf: 63:d6:a6:9e:c7:5b:55:13:d5:d5:af:76:b2:b7:f3:25:c8:56: 18:cb:b6:bb:ea:78:b9:6f:ee:99:ba:fb:db:e8:03:07:fb:c6: 14:39:f8:95 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUUAcok5FqtTF5x9zcO+kfRqfpD88wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDkwMzAwMDAwOFoX DTI1MTAwODIzNTk1OVowejFJMEcGA1UEBRNAMmM1YjRhOGQ5N2IxNmU1NzI5ZGQ3 ZjkxYWZkN2Y5ZmFiODU0MTJlMDM3YWI0NmQwMTNlM2UwYWJkMGU2YjVkYzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo/QoNr9kuQXdx1xwIUfqxbugrzE 8B9Z2MCM1CazXU8p8XCV1zg4Tr5q4fscr74v1mqXEBnKsCTcZMIMR8GA4bToUJ6m F1fG5g5ekL6wvLuc5JI7WGTE447jOzoGObV0XPVGRbAxE4fW7qTwi/ARNO0rz5t0 XDEcWOvBgM9Ev0VoerXfF07PjfROx6hio/hb2zWdSYGI/VYy8Se5AxbU3PluKrc5 IIbzWOq+vRIuSQhEJOrDifQND86HhMjJEyC+zUxxepn7o3Yt1TeJr8mmt9z7kB9O vAphXwZy8PxiTKhNFuRaupDKVaTneOWd/QudeaBWcQ0r0S0L3bxnA4GB+wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFDRxYDSqamiualAtSvg6GnjIWD3+MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAYnxeh8XBA0ns/jD03hU8 XK/c8sOyvXZlcdto7J5B3AsTsAb9ZhFnGVCoqzkEaDFghJVUmif5fkcgBrFEpVDp g/PL9oLpaBQdlVwlBDaY3yTwNHWpp3jwbpdCi8KLsWWMo64+6rfFW7MNphAT584k CT9rZM0dUA4nsU3xb6gCoeF36PLO6koEpje/eK8BYcCG7xvf7GdZmCaN6lS6CSa6 zJNbNBOKSkjKBz9jY0PSqrLVhIqssNllwXqLHCggr5xwzp8h+pmv+3mY6RJPBqDl dINKHx5bywu/Y9amnsdbVRPV1a92srfzJchWGMu2u+p4uW/umbr72+gDB/vGFDn4 lQ== -----END CERTIFICATE-----Generated at Tue Sep 9 01:07:16 2025 by rpki-client