$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: xDFKFWmyCl/TfAjq+rf2buTKeB89IHJYYw2ZcxEJJ8c= Subject key identifier: 3F:02:38:A9:64:C4:53:D2:FE:93:8A:E5:F8:3A:FB:6B:0E:8D:6E:9F Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2BCC47A2DF8F29B66E37CB0241C900D528DDD6A9 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Mon 26 May 2025 15:00:03 +0000 ROA not before: Mon 26 May 2025 15:00:03 +0000 ROA not after: Mon 30 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:cc:47:a2:df:8f:29:b6:6e:37:cb:02:41:c9:00:d5:28:dd:d6:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 26 15:00:03 2025 GMT Not After : Jun 30 23:59:59 2025 GMT Subject: serialNumber=6ab1b62445570c9e55769aec3eff60c0fa7e1304606c4c48df3d3f27f937a81c, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:33:a5:ed:70:60:a1:a5:22:b6:c3:1c:4c:26: 92:41:da:62:80:88:76:52:b7:32:91:3c:e0:77:63: 24:a4:ca:af:4b:22:2b:2a:36:f3:e0:29:8e:eb:2d: 03:6c:60:54:87:b3:d0:6e:60:18:cc:b2:25:67:37: c6:f7:9b:30:80:f4:c4:cb:a0:60:5c:8f:48:1b:ed: e2:e2:d4:d2:f5:11:c5:91:38:85:1b:71:77:af:ae: 98:57:1f:66:ab:72:d6:97:4d:cc:57:da:6e:54:72: 95:a7:c8:e9:a7:2f:b1:fd:24:f2:5d:2e:1d:b5:ec: cd:4d:7c:65:03:fe:9e:c5:bf:55:0a:e2:67:43:cc: 85:5c:c5:f9:74:bc:ac:c5:cc:d0:4a:23:68:41:d0: 3a:aa:02:0f:ec:45:05:2c:7a:cf:f6:e4:a1:5b:ee: 9a:25:04:ea:fb:ed:51:8b:0f:79:eb:9d:16:00:dc: d6:70:09:94:c1:72:84:83:8e:95:e7:5b:25:da:53: 14:74:2b:f6:dd:62:b3:25:a5:dc:76:e2:a6:1f:c3: 63:67:b2:40:d5:46:11:05:7e:18:39:c3:e4:94:03: 42:a0:87:16:4c:a6:2e:1e:60:8a:91:c5:cd:03:30: ba:9f:4e:3f:59:51:e4:44:e5:f9:ed:9b:21:a5:f2: c5:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:02:38:A9:64:C4:53:D2:FE:93:8A:E5:F8:3A:FB:6B:0E:8D:6E:9F X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 61:c1:7e:3a:89:e8:c7:83:f2:ce:fe:d4:d2:7e:a8:11:b2:28: cc:aa:56:4b:8a:69:61:09:24:5f:a7:db:aa:e0:1a:00:48:ca: 9f:25:69:46:4c:43:0e:77:7d:86:b7:3d:9e:9c:b1:95:61:8e: 2d:8d:f4:30:c0:b8:36:4a:a0:9a:6a:dc:fe:29:e9:2c:6c:97: b3:16:2f:71:c4:7c:ad:55:6c:ac:cb:3d:54:80:1a:97:81:00: 29:51:0a:84:df:f7:64:21:6a:c7:07:6f:4c:74:6b:3e:41:8b: 01:f7:87:91:d1:ab:5a:f9:a6:7c:dc:5a:8b:69:22:b0:77:d9: 39:cc:39:88:a0:03:a2:72:7a:a9:f6:75:85:13:9e:87:70:f4: 6b:c5:d7:1e:2d:1d:b2:18:85:c0:58:25:74:bf:7d:c0:4a:c2: 45:12:31:2c:e1:bd:38:93:6a:24:99:46:78:1b:78:4d:86:96: f6:67:5e:34:68:3b:4b:74:20:3c:65:eb:45:62:ac:b4:7b:5e: 0d:58:15:68:57:37:6f:3b:c2:e6:79:1b:c2:47:8b:a7:82:c7: a3:32:f1:b7:ad:5d:e6:cc:44:7c:55:e9:47:d8:6c:44:1e:b0: 66:39:f1:44:c9:d2:4d:3c:bd:b9:b4:76:ff:9d:47:0b:59:b1: eb:86:6e:38 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUK8xHot+PKbZuN8sCQckA1Sjd1qkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUyNjE1MDAwM1oX DTI1MDYzMDIzNTk1OVowejFJMEcGA1UEBRNANmFiMWI2MjQ0NTU3MGM5ZTU1NzY5 YWVjM2VmZjYwYzBmYTdlMTMwNDYwNmM0YzQ4ZGYzZDNmMjdmOTM3YTgxYzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTOl7XBgoaUitsMcTCaSQdpigIh2 UrcykTzgd2MkpMqvSyIrKjbz4CmO6y0DbGBUh7PQbmAYzLIlZzfG95swgPTEy6Bg XI9IG+3i4tTS9RHFkTiFG3F3r66YVx9mq3LWl03MV9puVHKVp8jppy+x/STyXS4d tezNTXxlA/6exb9VCuJnQ8yFXMX5dLysxczQSiNoQdA6qgIP7EUFLHrP9uShW+6a JQTq++1Riw95650WANzWcAmUwXKEg46V51sl2lMUdCv23WKzJaXcduKmH8NjZ7JA 1UYRBX4YOcPklANCoIcWTKYuHmCKkcXNAzC6n04/WVHkROX57ZshpfLFMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFD8COKlkxFPS/pOK5fg6+2sOjW6fMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQBhwX46iejHg/LO/tTS fqgRsijMqlZLimlhCSRfp9uq4BoASMqfJWlGTEMOd32Gtz2enLGVYY4tjfQwwLg2 SqCaatz+KeksbJezFi9xxHytVWysyz1UgBqXgQApUQqE3/dkIWrHB29MdGs+QYsB 94eR0ata+aZ83FqLaSKwd9k5zDmIoAOicnqp9nWFE56HcPRrxdceLR2yGIXAWCV0 v33ASsJFEjEs4b04k2okmUZ4G3hNhpb2Z140aDtLdCA8ZetFYqy0e14NWBVoVzdv O8LmeRvCR4ungsejMvG3rV3mzER8VelH2GxEHrBmOfFEydJNPL25tHb/nUcLWbHr hm44 -----END CERTIFICATE-----Generated at Mon Jun 2 04:49:55 2025 by rpki-client