$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json) Hash identifier: MBBURHoJjiep+ngnHEbiXVRyVNgTtuyKd5xlhKmwbz8= Subject key identifier: 69:E7:72:C1:45:44:02:E9:69:2B:C5:99:7B:E4:01:59:C1:6D:0F:E5 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 775A1D0A4F93CE2F102D1A740D63BB3ED109A6A4 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa Signing time: Tue 20 May 2025 00:00:00 +0000 ROA not before: Tue 20 May 2025 00:00:00 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:5a:1d:0a:4f:93:ce:2f:10:2d:1a:74:0d:63:bb:3e:d1:09:a6:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 20 00:00:00 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=99331a6bc47d926cc39bb2ec9dce2bec81056ce54bbd895d85e6427c820990a9, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a4:4f:8a:31:0e:ab:72:0f:a7:dc:d6:1c:63: f2:a8:ed:8c:a8:27:6b:5a:88:bd:91:12:df:ba:d7: 5f:00:f9:17:74:a3:2c:cd:7f:93:bb:ac:4c:f5:19: d7:20:68:76:60:28:3e:2c:e0:ec:75:8f:c4:46:72: 37:d9:27:4f:f7:94:64:84:b0:6b:ef:df:87:0e:47: 94:2e:74:e8:6e:87:97:e8:de:e5:13:7f:67:a2:a8: 93:7b:66:ed:ac:8c:23:7e:26:1b:3a:3e:1d:95:44: 21:22:9c:8c:cf:2b:32:64:89:0c:8a:0f:7b:c1:0c: 6d:de:d0:24:e2:fb:9e:47:ca:8b:2f:a5:8b:03:d0: 87:2c:79:4b:b5:57:c5:1d:65:2e:e2:f5:9a:77:d1: 55:15:0e:f2:25:e5:7a:dd:d6:66:cb:4d:2f:82:e1: d7:9a:b8:70:a0:6d:17:92:d9:19:1e:d7:66:d4:8d: 84:08:6b:14:06:6d:0a:e6:8b:14:f0:11:ee:3d:dc: 5b:dc:66:b8:54:1d:d7:52:e4:06:87:e4:2a:c4:21: 5d:f2:92:39:11:30:36:71:fa:54:90:f5:ce:dc:87: 35:25:92:10:7f:c6:b1:1f:6e:f5:3f:83:71:bf:92: 50:13:85:49:0b:90:cc:31:df:f7:36:d2:6d:9f:eb: 6a:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:E7:72:C1:45:44:02:E9:69:2B:C5:99:7B:E4:01:59:C1:6D:0F:E5 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/48 Signature Algorithm: sha256WithRSAEncryption 4c:58:45:52:19:94:68:ce:86:a4:05:aa:e5:f2:16:84:dd:e8: 87:c4:8e:7e:35:7d:22:92:c0:43:f1:1e:31:26:11:0f:b4:c6: 15:94:b5:5d:0e:40:a1:1b:8d:30:b5:1b:a0:a8:9f:11:e9:02: 67:a4:c1:97:af:cb:b4:67:de:29:6d:14:c8:0b:1a:bf:9f:64: 75:1f:b8:03:cd:35:6b:4a:63:16:42:1e:21:ad:4a:f5:b3:f0: 96:34:aa:5f:f8:79:35:29:35:72:b2:12:47:05:89:4d:e8:bb: c6:7b:d7:9c:2c:11:10:a6:92:ff:b3:2f:e7:21:53:8c:51:0c: 45:3d:ce:09:b5:cf:07:f6:35:85:3b:15:84:f5:1a:dd:64:95: c0:39:33:e0:21:12:45:c9:5b:ee:b5:16:a0:d0:e1:bd:1e:6e: cd:4d:c4:28:70:cc:31:e2:9b:00:50:5c:e6:d1:3d:53:99:cf: f8:af:4a:d9:3c:86:ee:3d:84:03:1a:de:9a:2e:75:e1:9e:c9: f3:9f:5e:72:a2:f6:dc:af:93:2c:95:d9:11:f7:03:63:5b:4c: 47:cd:3d:5c:61:74:53:79:c4:51:5c:e3:78:dc:1e:56:68:99: 2e:73:aa:a9:7f:90:74:64:50:59:62:58:29:8f:82:00:c7:d0: 4b:b4:64:59 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUd1odCk+Tzi8QLRp0DWO7PtEJpqQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUyMDAwMDAwMFoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAOTkzMzFhNmJjNDdkOTI2Y2MzOWJi MmVjOWRjZTJiZWM4MTA1NmNlNTRiYmQ4OTVkODVlNjQyN2M4MjA5OTBhOTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6RPijEOq3IPp9zWHGPyqO2MqCdr Woi9kRLfutdfAPkXdKMszX+Tu6xM9RnXIGh2YCg+LODsdY/ERnI32SdP95RkhLBr 79+HDkeULnToboeX6N7lE39noqiTe2btrIwjfiYbOj4dlUQhIpyMzysyZIkMig97 wQxt3tAk4vueR8qLL6WLA9CHLHlLtVfFHWUu4vWad9FVFQ7yJeV63dZmy00vguHX mrhwoG0XktkZHtdm1I2ECGsUBm0K5osU8BHuPdxb3Ga4VB3XUuQGh+QqxCFd8pI5 ETA2cfpUkPXO3Ic1JZIQf8axH271P4Nxv5JQE4VJC5DMMd/3NtJtn+tqvQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGnncsFFRALpaSvFmXvkAVnBbQ/lMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBMWEVSGZRozoakBarl 8haE3eiHxI5+NX0iksBD8R4xJhEPtMYVlLVdDkChG40wtRugqJ8R6QJnpMGXr8u0 Z94pbRTICxq/n2R1H7gDzTVrSmMWQh4hrUr1s/CWNKpf+Hk1KTVyshJHBYlN6LvG e9ecLBEQppL/sy/nIVOMUQxFPc4Jtc8H9jWFOxWE9RrdZJXAOTPgIRJFyVvutRag 0OG9Hm7NTcQocMwx4psAUFzm0T1Tmc/4r0rZPIbuPYQDGt6aLnXhnsnzn15yovbc r5MsldkR9wNjW0xHzT1cYXRTecRRXON43B5WaJkuc6qpf5B0ZFBZYlgpj4IAx9BL tGRZ -----END CERTIFICATE-----Generated at Mon Jun 2 04:49:57 2025 by rpki-client