$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: 7f76Hjx9Jo5sbH8kwC35W5zBnkstUM3B/+chvTNeyno= Subject key identifier: 03:EC:FA:47:AA:A7:54:F9:9F:5E:2D:C8:F2:55:DC:39:F9:EA:89:97 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 7ECEDA1D4CE2DF693957EF2F60A1A3D3E6771B82 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Mon 26 May 2025 15:00:04 +0000 ROA not before: Mon 26 May 2025 15:00:04 +0000 ROA not after: Mon 30 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:ce:da:1d:4c:e2:df:69:39:57:ef:2f:60:a1:a3:d3:e6:77:1b:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 26 15:00:04 2025 GMT Not After : Jun 30 23:59:59 2025 GMT Subject: serialNumber=c48638aa1d8c6adb0c65c7d4018925218ef599f3bb52288df69522ddfb95656f, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:73:49:eb:a8:80:ea:7e:af:eb:fd:f5:76:5e: 94:b9:a9:51:49:bd:95:c9:b5:6e:85:41:70:27:d1: 11:42:8c:a0:86:26:a0:90:1c:ad:c5:58:b7:50:c4: f7:81:d6:e5:fa:f1:21:18:d4:57:8e:79:a9:b5:4b: b0:1d:08:05:4b:40:a8:5c:f7:94:57:c4:e0:a3:2c: 87:b8:48:df:ab:46:c9:dd:0f:4e:e9:f3:9d:d2:e0: a0:09:81:a4:30:e7:98:8e:10:19:92:50:62:25:38: ae:8c:85:70:79:9b:4b:11:a8:8b:77:d2:24:b6:c8: 5f:73:f1:fe:5a:f6:ae:d5:f4:ab:af:9c:21:40:4c: fe:cd:9c:0b:63:d6:34:df:bc:68:0e:5d:85:be:14: 80:b0:ec:ef:ab:ce:ed:48:d3:4b:a7:05:e8:ec:d8: fc:11:1c:b2:49:e1:5b:1e:43:59:19:20:23:ad:ac: e3:6a:47:aa:8c:f3:ed:fc:a8:75:58:52:c1:e4:14: 2c:d1:58:13:b9:8f:e2:40:74:6e:ee:fe:52:56:b9: 41:7d:80:61:97:56:a2:d3:83:32:61:0c:4e:de:18: 2d:fb:f8:ca:8f:85:c0:0d:77:c7:05:cb:b3:8b:73: 62:ee:c0:00:e1:02:5d:e1:8b:05:23:4a:74:20:e8: f7:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:EC:FA:47:AA:A7:54:F9:9F:5E:2D:C8:F2:55:DC:39:F9:EA:89:97 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 35:d5:25:9c:e1:06:e1:7f:d6:0a:68:7e:0b:ec:3f:0d:ea:af: f3:97:c8:7c:ab:82:1e:eb:8f:82:5d:8e:89:c2:fe:dc:61:b7: a9:56:38:b6:5a:ae:77:3e:45:f4:d2:4b:c7:48:72:de:a5:18: 48:bc:82:26:cc:9d:36:0b:3e:53:7a:a7:3f:b9:4f:1a:7b:40: 6b:69:98:4f:7e:99:f7:7d:85:83:88:38:bb:18:d4:54:76:b4: 4d:97:65:e8:5c:3d:31:92:5f:f3:a1:e4:3b:ae:d4:3d:1b:4a: 66:f5:94:3b:dd:8d:88:f2:97:b8:24:a9:76:60:ad:00:a3:87: 01:e4:b2:0d:da:09:eb:d5:01:a6:6f:6c:e1:52:b7:62:f7:61: e5:b1:d0:38:44:22:5c:a4:c6:b9:4a:62:cc:9c:e2:80:93:e8: 09:2f:0f:ce:21:c3:15:0d:c3:75:b6:a0:87:c9:61:e4:4d:7c: 22:35:e5:97:44:86:3c:93:45:a5:24:77:64:47:30:fe:1d:d5: 77:1c:d1:59:4c:c4:2e:a9:71:53:ba:8a:9c:73:9a:c0:3b:9f: bc:71:d1:cd:24:4b:a6:a9:50:a0:ea:43:df:b3:c4:83:c9:6e: a4:e4:21:ce:a2:1a:9e:61:d2:91:06:b6:05:1d:81:1c:5f:d9: 21:18:56:9b -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUfs7aHUzi32k5V+8vYKGj0+Z3G4IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUyNjE1MDAwNFoX DTI1MDYzMDIzNTk1OVowejFJMEcGA1UEBRNAYzQ4NjM4YWExZDhjNmFkYjBjNjVj N2Q0MDE4OTI1MjE4ZWY1OTlmM2JiNTIyODhkZjY5NTIyZGRmYjk1NjU2ZjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnNJ66iA6n6v6/31dl6UualRSb2V ybVuhUFwJ9ERQoyghiagkBytxVi3UMT3gdbl+vEhGNRXjnmptUuwHQgFS0CoXPeU V8TgoyyHuEjfq0bJ3Q9O6fOd0uCgCYGkMOeYjhAZklBiJTiujIVweZtLEaiLd9Ik tshfc/H+Wvau1fSrr5whQEz+zZwLY9Y037xoDl2FvhSAsOzvq87tSNNLpwXo7Nj8 ERyySeFbHkNZGSAjrazjakeqjPPt/Kh1WFLB5BQs0VgTuY/iQHRu7v5SVrlBfYBh l1ai04MyYQxO3hgt+/jKj4XADXfHBcuzi3Ni7sAA4QJd4YsFI0p0IOj3MQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFAPs+keqp1T5n14tyPJV3Dn56omXMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEANdUlnOEG4X/WCmh+C+w/ Deqv85fIfKuCHuuPgl2OicL+3GG3qVY4tlqudz5F9NJLx0hy3qUYSLyCJsydNgs+ U3qnP7lPGntAa2mYT36Z932Fg4g4uxjUVHa0TZdl6Fw9MZJf86HkO67UPRtKZvWU O92NiPKXuCSpdmCtAKOHAeSyDdoJ69UBpm9s4VK3Yvdh5bHQOEQiXKTGuUpizJzi gJPoCS8PziHDFQ3Ddbagh8lh5E18IjXll0SGPJNFpSR3ZEcw/h3VdxzRWUzELqlx U7qKnHOawDufvHHRzSRLpqlQoOpD37PEg8lupOQhzqIanmHSkQa2BR2BHF/ZIRhW mw== -----END CERTIFICATE-----Generated at Mon Jun 2 04:46:31 2025 by rpki-client