$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: eOJD4Hwy0ynyjKIYG3gjU9NXRqe5UX6yG9jE0p7lZ8o= Subject key identifier: BF:78:21:F8:6A:7F:9E:78:4D:95:AD:84:A7:81:C8:69:0E:59:78:27 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2EAF54CF8EBF5620721F880D015BF981926B6D69 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Wed 03 Sep 2025 00:00:07 +0000 ROA not before: Wed 03 Sep 2025 00:00:07 +0000 ROA not after: Wed 08 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 00:04:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:af:54:cf:8e:bf:56:20:72:1f:88:0d:01:5b:f9:81:92:6b:6d:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Sep 3 00:00:07 2025 GMT Not After : Oct 8 23:59:59 2025 GMT Subject: serialNumber=d9bfb753d0d0a6f5ec358a7d811a92297b0104ffb88a19389d467063379d8301, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:1c:79:67:49:84:9c:a7:d7:c9:b7:6a:71:f6: a7:0c:ca:48:31:ad:c8:16:53:42:22:b4:c7:ab:6e: 54:78:a6:85:fe:cd:7b:06:bc:ac:d6:2d:36:52:6d: d0:41:c9:08:82:0e:79:3c:7e:fb:bc:6c:29:e8:83: 20:d8:93:7d:e5:27:a0:ca:cf:cf:74:60:bd:25:b5: 5c:01:a6:be:84:60:a9:68:93:11:f6:96:d4:2e:d0: dc:c0:71:a1:a8:7b:61:ea:62:a2:22:3f:67:68:bf: 5b:90:1c:a6:29:a8:49:0b:13:98:89:32:2e:e2:e1: d8:50:04:b6:63:87:a9:56:fe:bd:04:9a:2a:bd:ca: 5e:7c:56:83:4b:ce:68:17:30:01:79:ec:6f:4a:69: 62:e7:76:ca:ca:72:a9:6d:a9:65:f3:81:b5:d2:9e: 5f:12:e0:c1:11:9f:3a:0e:4a:14:2c:b3:7d:13:08: 2f:a1:c6:bd:6e:af:fc:e9:90:35:07:fd:d5:d2:65: 01:9e:70:df:59:9b:0a:63:74:52:dc:5e:50:09:a2: e0:3c:fb:85:29:e5:44:ae:43:61:1a:11:da:ad:ee: 53:6a:c5:7c:db:67:59:db:b5:5a:d4:5c:9e:76:45: eb:f0:41:99:35:53:84:fa:c7:9f:19:6c:e0:6b:6c: a1:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:78:21:F8:6A:7F:9E:78:4D:95:AD:84:A7:81:C8:69:0E:59:78:27 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 62:6f:d0:f4:e9:fb:e8:41:f9:15:56:30:a7:19:c7:19:25:21: fe:c5:54:f2:9d:84:97:3e:ff:60:46:15:99:b1:a1:1a:4a:0c: 38:a1:6e:23:d2:dd:d8:36:06:a3:05:05:91:d5:fb:ea:af:ed: 35:fa:03:8e:2b:12:45:c6:9c:dd:16:ca:fb:92:e2:9a:8c:26: 94:e3:35:f5:43:6a:14:66:c5:89:08:a8:b7:7c:d0:0c:f1:67: 1c:36:1a:b0:26:55:b4:6e:90:92:d5:79:b4:ce:70:ef:b9:e0: 6a:77:d6:ef:a6:25:9c:d6:9d:21:35:39:3e:7b:97:46:e1:fd: 2b:19:c5:51:9c:1a:d1:c2:c7:11:c2:8f:be:a9:cb:50:c7:c5: 1a:70:c7:91:6d:1c:f9:d5:6f:cc:bf:35:9b:e5:ee:11:77:54: 12:0c:06:b7:19:64:90:e1:76:0c:f1:bf:10:b4:69:dc:3e:a1: 71:7a:dc:b6:68:03:56:4a:5e:12:9c:82:24:1d:13:a0:10:c9: 05:d6:de:13:75:68:de:d1:fb:a1:44:c8:3e:6c:00:21:ba:a4: 2a:fc:5f:68:1c:59:6b:c7:80:d2:ba:da:0c:f1:25:9a:9e:9a: 63:be:d8:ce:dd:39:1b:03:4f:b9:1f:97:9f:cb:bc:23:77:4d: 6a:e6:49:9e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULq9Uz46/ViByH4gNAVv5gZJrbWkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDkwMzAwMDAwN1oX DTI1MTAwODIzNTk1OVowejFJMEcGA1UEBRNAZDliZmI3NTNkMGQwYTZmNWVjMzU4 YTdkODExYTkyMjk3YjAxMDRmZmI4OGExOTM4OWQ0NjcwNjMzNzlkODMwMTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Bx5Z0mEnKfXybdqcfanDMpIMa3I FlNCIrTHq25UeKaF/s17Brys1i02Um3QQckIgg55PH77vGwp6IMg2JN95Segys/P dGC9JbVcAaa+hGCpaJMR9pbULtDcwHGhqHth6mKiIj9naL9bkBymKahJCxOYiTIu 4uHYUAS2Y4epVv69BJoqvcpefFaDS85oFzABeexvSmli53bKynKpball84G10p5f EuDBEZ86DkoULLN9Ewgvoca9bq/86ZA1B/3V0mUBnnDfWZsKY3RS3F5QCaLgPPuF KeVErkNhGhHare5TasV822dZ27Va1FyedkXr8EGZNVOE+sefGWzga2yhJwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL94Ifhqf554TZWthKeByGkOWXgnMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQBib9D06fvoQfkVVjCn GccZJSH+xVTynYSXPv9gRhWZsaEaSgw4oW4j0t3YNgajBQWR1fvqr+01+gOOKxJF xpzdFsr7kuKajCaU4zX1Q2oUZsWJCKi3fNAM8WccNhqwJlW0bpCS1Xm0znDvueBq d9bvpiWc1p0hNTk+e5dG4f0rGcVRnBrRwscRwo++qctQx8UacMeRbRz51W/MvzWb 5e4Rd1QSDAa3GWSQ4XYM8b8QtGncPqFxety2aANWSl4SnIIkHROgEMkF1t4TdWje 0fuhRMg+bAAhuqQq/F9oHFlrx4DSutoM8SWanppjvtjO3TkbA0+5H5efy7wjd01q 5kme -----END CERTIFICATE-----Generated at Wed Sep 17 20:42:52 2025 by rpki-client