$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json) Hash identifier: e31xJy00zED7oThBhR0QKELvdOdLiwRftPQEXNFJ2bs= Subject key identifier: A0:17:AE:1C:AF:97:FE:36:12:96:AD:4B:27:4F:EF:BC:41:64:2F:99 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 73694C31506C9AA0340E040DAFD4FE1816ABF0F6 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa Signing time: Fri 29 Aug 2025 00:00:08 +0000 ROA not before: Fri 29 Aug 2025 00:00:08 +0000 ROA not after: Fri 03 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:69:4c:31:50:6c:9a:a0:34:0e:04:0d:af:d4:fe:18:16:ab:f0:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 29 00:00:08 2025 GMT Not After : Oct 3 23:59:59 2025 GMT Subject: serialNumber=be013a7b090fcb7029560c29ba8dabd3ad39f0858308b3b89c1d1822b64da295, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:93:4d:40:83:b3:df:cb:cc:06:47:9c:18:e1: c9:1f:24:4e:59:2a:6a:26:71:ec:68:1d:38:a4:f3: 4e:77:a0:45:d1:ca:65:10:0e:35:74:3e:c1:85:a3: 58:38:10:2c:91:7b:06:56:ec:c1:a4:74:bd:9f:43: 86:4a:ac:5c:15:05:0a:45:20:13:43:4e:b5:57:5b: 94:d7:12:81:1d:28:59:c6:e6:23:c0:88:b0:b1:f7: cd:55:f2:0f:be:06:f3:80:7d:65:ed:a9:b6:ed:1c: c8:2d:2e:f3:e1:8d:6a:33:7f:85:66:9b:d0:7a:8c: 6a:09:d8:60:02:40:f9:1e:92:5e:b7:10:db:b9:bb: 18:6a:74:a8:e7:a4:78:21:ba:0f:70:91:da:02:35: 3c:76:dc:73:c1:0c:ee:2c:b0:38:78:ad:08:fa:5f: 44:1f:03:1e:cd:7b:3c:b0:c5:71:cd:c3:95:d1:04: 96:a9:54:1a:0c:18:97:0f:e5:99:07:88:da:3a:c8: 84:25:3e:41:61:40:fa:fb:87:fb:07:0b:fe:92:b3: 15:bd:3d:ef:2b:29:f3:46:3f:41:0b:06:09:0e:2f: cc:d4:b1:d0:7f:5f:fa:4b:c6:c0:97:90:14:5b:af: 99:e8:cf:8f:bf:84:b5:0a:87:05:c8:7a:4e:6d:f4: cb:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:17:AE:1C:AF:97:FE:36:12:96:AD:4B:27:4F:EF:BC:41:64:2F:99 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/48 Signature Algorithm: sha256WithRSAEncryption b6:55:28:21:4f:1c:d3:09:b2:fe:45:e5:98:6e:39:2d:1d:b0: 23:41:8e:61:1e:5e:ec:30:2d:77:32:1c:4c:ee:ef:31:e6:97: b0:19:3b:8e:5b:3a:00:23:91:20:23:76:6e:b5:dc:08:2d:5d: 89:54:50:88:6b:63:02:d2:30:96:5b:05:3f:97:08:9a:b6:bd: 23:60:8d:90:7c:74:3b:37:be:e5:3c:89:24:0a:8b:34:1c:55: 8a:1d:00:a3:dd:67:59:d6:ab:de:06:a6:a1:31:66:96:ba:26: 6e:94:41:24:3f:6d:e0:cc:91:ce:35:06:a1:64:84:98:77:2d: 7e:00:99:b6:6d:0d:6a:17:6f:6f:09:b5:57:74:e3:06:ea:b9: 1e:ad:35:7c:b6:9e:8d:eb:15:eb:81:bc:aa:63:ac:2a:3d:ae: 1b:f1:5f:ac:be:61:53:f5:1a:bc:c8:7a:09:13:27:80:97:a1: 18:88:0a:4f:14:d4:46:6e:aa:43:e3:8e:81:db:30:77:f5:75: c7:cd:20:07:62:28:2b:af:7b:1c:b6:14:dc:2e:0f:89:b6:66: 43:1f:bf:02:42:ff:36:13:9a:fc:a4:5f:db:c4:35:5e:ba:33: 7b:ff:e7:16:ef:5b:f8:d4:74:6b:0f:bd:ec:0b:e2:66:d8:83: b9:88:78:0d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUc2lMMVBsmqA0DgQNr9T+GBar8PYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyOTAwMDAwOFoX DTI1MTAwMzIzNTk1OVowejFJMEcGA1UEBRNAYmUwMTNhN2IwOTBmY2I3MDI5NTYw YzI5YmE4ZGFiZDNhZDM5ZjA4NTgzMDhiM2I4OWMxZDE4MjJiNjRkYTI5NTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJNNQIOz38vMBkecGOHJHyROWSpq JnHsaB04pPNOd6BF0cplEA41dD7BhaNYOBAskXsGVuzBpHS9n0OGSqxcFQUKRSAT Q061V1uU1xKBHShZxuYjwIiwsffNVfIPvgbzgH1l7am27RzILS7z4Y1qM3+FZpvQ eoxqCdhgAkD5HpJetxDbubsYanSo56R4IboPcJHaAjU8dtxzwQzuLLA4eK0I+l9E HwMezXs8sMVxzcOV0QSWqVQaDBiXD+WZB4jaOsiEJT5BYUD6+4f7Bwv+krMVvT3v KynzRj9BCwYJDi/M1LHQf1/6S8bAl5AUW6+Z6M+Pv4S1CocFyHpObfTLfwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKAXrhyvl/42EpatSydP77xBZC+ZMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQC2VSghTxzTCbL+ReWY bjktHbAjQY5hHl7sMC13MhxM7u8x5pewGTuOWzoAI5EgI3ZutdwILV2JVFCIa2MC 0jCWWwU/lwiatr0jYI2QfHQ7N77lPIkkCos0HFWKHQCj3WdZ1qveBqahMWaWuiZu lEEkP23gzJHONQahZISYdy1+AJm2bQ1qF29vCbVXdOMG6rkerTV8tp6N6xXrgbyq Y6wqPa4b8V+svmFT9Rq8yHoJEyeAl6EYiApPFNRGbqpD446B2zB39XXHzSAHYigr r3scthTcLg+JtmZDH78CQv82E5r8pF/bxDVeujN7/+cW71v41HRrD73sC+Jm2IO5 iHgN -----END CERTIFICATE-----Generated at Tue Sep 9 01:09:49 2025 by rpki-client