$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: rLzzd2tpxPzSHeVq4ufO95LK6Vwc/XYwCCbCUOPEqcM= Subject key identifier: A3:CD:E1:AA:21:3D:7C:03:37:FC:C8:2E:47:13:F4:E2:EA:51:5F:83 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 1D36B02B35F73A044E7FE8B687E37DA14102F459 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Fri 20 Jun 2025 00:00:26 +0000 ROA not before: Fri 20 Jun 2025 00:00:26 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:03:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:36:b0:2b:35:f7:3a:04:4e:7f:e8:b6:87:e3:7d:a1:41:02:f4:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jun 20 00:00:26 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=0b7437a5610a3a27ba12d3eaf001a558aaba657fe8d4a62bc0dd43badf361f33, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ef:c6:03:42:8e:b4:23:57:2a:46:0e:2f:54: 8a:33:71:17:76:ab:59:20:04:b1:99:1e:9a:ba:67: fe:4a:0c:3c:db:cb:96:46:b7:ed:81:06:d6:85:9f: 82:3b:97:b0:c4:90:17:bc:43:b4:5b:ee:51:b2:75: 6c:fd:96:d3:1a:fe:54:c8:6b:a4:77:36:86:d3:d6: ac:57:c6:ff:1a:02:01:9f:68:e2:46:25:13:73:fe: 2c:2d:9c:38:40:bc:6b:29:e3:0d:d2:be:e8:2e:8e: bb:cc:a7:38:ef:8d:0c:62:5d:03:46:13:1b:b2:01: d6:7c:0c:4b:f0:f9:70:40:aa:21:2c:98:99:25:49: 77:76:7d:64:fb:9b:54:d0:60:a0:b7:5c:01:bf:30: 9f:49:28:79:4f:68:96:f9:e6:f6:79:53:8b:b3:da: 53:46:db:ed:ee:f1:45:82:45:95:d2:56:da:74:81: ba:0d:37:30:10:0b:dd:7d:02:7c:2a:cb:b6:72:4a: 72:e5:3f:1b:12:4b:c7:07:3c:5f:fb:01:4b:fc:e0: cd:cc:1f:6f:8b:45:ca:fb:a7:78:00:34:b1:18:b9: 66:bc:77:a3:98:10:b0:a8:e8:99:37:f7:b2:19:ff: 61:89:00:bc:73:df:37:dc:04:4f:38:28:26:c1:aa: 42:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:CD:E1:AA:21:3D:7C:03:37:FC:C8:2E:47:13:F4:E2:EA:51:5F:83 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 82:87:a2:54:45:0f:1a:3e:da:26:62:4b:54:29:6b:af:d1:93: 22:b3:8b:5d:72:42:13:38:f4:88:39:82:26:f1:6a:02:84:1a: bc:ce:a1:d3:ca:74:80:38:13:e8:67:dc:2c:55:84:8b:49:ce: 61:66:b4:53:fa:d4:ae:1a:56:76:96:3d:0b:7a:c5:07:68:a2: 43:8a:33:75:6a:1d:92:e3:43:b8:e7:b9:fa:e9:95:25:f1:f5: b2:fb:00:74:d9:f2:b9:30:bf:fd:1c:68:21:20:cd:0e:0e:2f: c2:c0:d8:84:92:48:ea:7b:66:59:76:92:ea:2c:d2:04:70:42: 26:6a:e7:f2:5c:af:20:59:b1:bc:18:8b:6e:3a:91:3f:f3:b8: f7:6d:17:eb:02:3e:04:d7:c1:28:25:79:e8:31:8b:dd:03:7c: ec:ab:6d:08:14:7c:70:1a:7f:b1:f8:99:3b:8d:ca:c3:bb:9e: 7c:c0:65:f9:b7:26:42:61:30:b9:0a:ec:45:19:aa:e2:d4:57: dd:9d:50:27:c8:df:bd:a4:13:69:da:07:98:4b:39:5a:42:cc: 34:5f:51:58:5d:c0:2d:53:46:38:2d:22:53:3d:3e:14:4a:9c: dc:d4:bc:fa:83:79:17:ff:ed:0d:f6:70:b2:1f:84:71:82:dd: 01:79:03:59 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHTawKzX3OgROf+i2h+N9oUEC9FkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDYyMDAwMDAyNloX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNAMGI3NDM3YTU2MTBhM2EyN2JhMTJk M2VhZjAwMWE1NThhYWJhNjU3ZmU4ZDRhNjJiYzBkZDQzYmFkZjM2MWYzMzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO/GA0KOtCNXKkYOL1SKM3EXdqtZ IASxmR6aumf+Sgw828uWRrftgQbWhZ+CO5ewxJAXvEO0W+5RsnVs/ZbTGv5UyGuk dzaG09asV8b/GgIBn2jiRiUTc/4sLZw4QLxrKeMN0r7oLo67zKc4740MYl0DRhMb sgHWfAxL8PlwQKohLJiZJUl3dn1k+5tU0GCgt1wBvzCfSSh5T2iW+eb2eVOLs9pT Rtvt7vFFgkWV0lbadIG6DTcwEAvdfQJ8Ksu2ckpy5T8bEkvHBzxf+wFL/ODNzB9v i0XK+6d4ADSxGLlmvHejmBCwqOiZN/eyGf9hiQC8c9833ARPOCgmwapCVwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKPN4aohPXwDN/zILkcT9OLqUV+DMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCCh6JURQ8aPtomYktU KWuv0ZMis4tdckITOPSIOYIm8WoChBq8zqHTynSAOBPoZ9wsVYSLSc5hZrRT+tSu GlZ2lj0LesUHaKJDijN1ah2S40O457n66ZUl8fWy+wB02fK5ML/9HGghIM0ODi/C wNiEkkjqe2ZZdpLqLNIEcEImaufyXK8gWbG8GItuOpE/87j3bRfrAj4E18EoJXno MYvdA3zsq20IFHxwGn+x+Jk7jcrDu558wGX5tyZCYTC5CuxFGari1FfdnVAnyN+9 pBNp2geYSzlaQsw0X1FYXcAtU0Y4LSJTPT4USpzc1Lz6g3kX/+0N9nCyH4Rxgt0B eQNZ -----END CERTIFICATE-----Generated at Sun Jun 29 11:21:56 2025 by rpki-client