$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: GpN9yKGSI5MwTuaG/P7otT6SrcPR6vZF8AXvS4wz+uI= Subject key identifier: EA:2B:6A:EC:BA:AE:99:2E:16:C0:D5:32:BF:DC:72:9B:EA:BE:F4:19 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 28A7AB7767CD26A5A1C5F64E3A42BB79CEFEF55D Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Sat 09 Aug 2025 00:00:27 +0000 ROA not before: Sat 09 Aug 2025 00:00:27 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:a7:ab:77:67:cd:26:a5:a1:c5:f6:4e:3a:42:bb:79:ce:fe:f5:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 9 00:00:27 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=0b826500f0b965d94263d51484700babaa0ea01992f746832ed7eb18ee289326, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:01:a1:54:21:a1:ed:33:eb:f7:5f:7e:66:e1: f3:95:b4:64:8f:16:1f:29:a8:06:d3:5f:e6:7d:91: 9c:0b:c0:21:d2:c1:db:70:14:08:a4:13:fc:0f:9c: 7c:fc:ea:28:ca:c2:28:1e:c3:ff:fc:93:60:07:06: 97:f9:af:63:d1:3b:7a:0c:7b:6a:fd:b8:e2:c6:9a: f6:24:92:77:cf:59:bc:13:d9:3a:35:eb:bb:3f:b5: ea:77:35:f0:81:2b:a6:36:ad:68:44:33:6a:5a:b0: b6:b9:22:b1:c7:4c:d7:5a:85:f9:91:08:a6:4f:f4: 55:40:27:ad:63:c3:c1:ec:bc:dd:6b:ec:25:fe:ca: e4:a4:1c:b6:59:8f:22:ca:6b:d5:a7:8c:9e:af:56: 45:5c:d1:3c:e0:42:4d:05:ad:24:9f:41:43:d9:6a: ba:44:ba:da:79:9b:07:90:ce:ed:23:a6:4d:48:fb: 93:76:c0:23:96:ae:15:28:aa:26:bd:92:60:f8:e1: 93:dd:a8:fa:a1:48:bf:2e:4e:63:0f:97:aa:d1:2a: 65:f4:66:5b:56:05:a6:ea:e1:1c:a7:44:e1:c1:0a: 1b:95:ea:30:82:54:5a:43:aa:9c:f4:1d:64:10:fe: 5a:2b:a9:df:55:2b:76:a3:2c:1f:20:5d:4c:b6:a1: 47:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:2B:6A:EC:BA:AE:99:2E:16:C0:D5:32:BF:DC:72:9B:EA:BE:F4:19 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 4a:8a:7a:10:6a:32:10:ea:45:10:da:ec:bd:9c:ef:1d:05:49: 90:f1:97:cc:c7:6e:e7:13:19:1a:a9:a4:0c:c1:37:c4:a1:54: 34:9a:a2:da:ef:17:26:b6:de:24:4d:ea:45:82:09:ab:02:4b: c6:55:0b:44:be:8a:48:e3:f3:a5:a7:e9:02:4c:1a:2b:78:b3: e3:61:fd:a2:a0:88:d8:25:30:56:31:07:3c:c5:dc:fd:e3:bc: 21:76:38:e1:96:57:e9:55:a8:8c:ec:57:c7:5c:a4:85:41:da: fd:a1:20:e8:ad:bf:66:33:55:46:26:09:74:c6:bd:3f:d5:14: 79:05:4e:67:9f:b6:3b:7a:f8:f3:fc:c1:29:ec:b5:37:c7:44: d4:b4:e3:ee:7a:3d:7d:bd:3c:b6:4c:82:c0:7d:13:56:eb:2f: a9:80:9f:28:93:ac:fc:7a:e3:be:f3:31:4b:43:d7:f9:53:b3: c6:bf:ef:8a:7a:81:b5:0b:0a:8f:23:47:fc:67:e3:2f:cd:8a: e0:be:e8:e4:03:33:1d:25:3f:f8:ed:68:74:c4:93:a6:d4:e8: 8c:47:b0:b4:ad:ea:7a:fd:67:93:84:89:f3:7a:03:c8:41:d3: 4b:49:c4:64:14:a0:66:f3:0b:d6:38:23:e8:72:d2:20:ee:0b: 4b:d5:f8:6f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKKerd2fNJqWhxfZOOkK7ec7+9V0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwOTAwMDAyN1oX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNAMGI4MjY1MDBmMGI5NjVkOTQyNjNk NTE0ODQ3MDBiYWJhYTBlYTAxOTkyZjc0NjgzMmVkN2ViMThlZTI4OTMyNjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAGhVCGh7TPr919+ZuHzlbRkjxYf KagG01/mfZGcC8Ah0sHbcBQIpBP8D5x8/OooysIoHsP//JNgBwaX+a9j0Tt6DHtq /bjixpr2JJJ3z1m8E9k6Neu7P7XqdzXwgSumNq1oRDNqWrC2uSKxx0zXWoX5kQim T/RVQCetY8PB7Lzda+wl/srkpBy2WY8iymvVp4yer1ZFXNE84EJNBa0kn0FD2Wq6 RLraeZsHkM7tI6ZNSPuTdsAjlq4VKKomvZJg+OGT3aj6oUi/Lk5jD5eq0Spl9GZb VgWm6uEcp0ThwQobleowglRaQ6qc9B1kEP5aK6nfVSt2oywfIF1MtqFHlQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOorauy6rpkuFsDVMr/ccpvqvvQZMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQBKinoQajIQ6kUQ2uy9 nO8dBUmQ8ZfMx27nExkaqaQMwTfEoVQ0mqLa7xcmtt4kTepFggmrAkvGVQtEvopI 4/Olp+kCTBoreLPjYf2ioIjYJTBWMQc8xdz947whdjjhllfpVaiM7FfHXKSFQdr9 oSDorb9mM1VGJgl0xr0/1RR5BU5nn7Y7evjz/MEp7LU3x0TUtOPuej19vTy2TILA fRNW6y+pgJ8ok6z8euO+8zFLQ9f5U7PGv++KeoG1CwqPI0f8Z+MvzYrgvujkAzMd JT/47Wh0xJOm1OiMR7C0rep6/WeThInzegPIQdNLScRkFKBm8wvWOCPoctIg7gtL 1fhv -----END CERTIFICATE-----Generated at Wed Aug 20 10:44:46 2025 by rpki-client