$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa File: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (raw, json) Hash identifier: AWFQYtS4JtKBF+AL8ufVYLUue9fKdNy3u57RAQGJ+Rc= Subject key identifier: 30:EF:59:CB:94:98:44:EE:A5:4F:E9:6D:FC:C0:A9:56:4C:B8:A2:26 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 0D2353420F98C2ADB7750DC28A55815A1CCA5E4B Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa Signing time: Fri 20 Jun 2025 00:00:00 +0000 ROA not before: Fri 20 Jun 2025 00:00:00 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:23:53:42:0f:98:c2:ad:b7:75:0d:c2:8a:55:81:5a:1c:ca:5e:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 20 00:00:00 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=b7eb33b606803542f623685f4c41315e745dbca544f7e2dc9b34e74e69deb883, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:54:0b:25:c0:a1:fe:72:cc:58:9b:56:a4:37: 7b:4f:f7:3e:6c:d5:b0:17:28:da:9c:5f:d6:06:f3: 9d:b9:44:72:ab:0c:56:bb:61:c3:4c:05:40:65:d5: b3:69:7b:ca:8b:b3:dc:1f:07:62:21:53:88:c3:8e: 5c:0c:3e:59:80:e5:8f:ba:b7:a4:ae:14:3b:fd:97: e8:65:02:0b:30:81:dc:f1:c8:fa:82:4d:44:c2:49: c5:dd:1b:06:3a:bb:08:3e:60:fd:09:21:e3:da:4d: 39:41:4a:5c:0d:d2:fb:d6:7a:b5:82:78:82:ef:47: cd:2d:e1:5c:72:cf:5a:5e:2f:aa:bb:3a:94:0f:4e: e3:74:7c:0d:a1:ed:c4:49:aa:b5:18:b9:18:14:e8: ce:b1:05:74:65:60:3d:33:e8:2a:59:d7:49:77:ec: ac:42:d9:c8:2f:ff:66:bb:42:a3:7e:54:02:26:96: b2:96:33:45:d4:6f:ef:2c:a0:c0:b0:16:5c:eb:78: 28:82:20:bf:e7:55:f3:fa:f5:26:61:06:9f:a2:40: 5d:5f:6f:ff:5d:10:33:29:1c:1c:80:2d:e1:71:8a: e4:b5:0f:b8:b0:2a:75:e1:ff:fe:46:4e:cd:91:5b: 7e:33:93:14:56:53:72:7d:38:d4:e3:90:ba:1b:3b: 66:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:EF:59:CB:94:98:44:EE:A5:4F:E9:6D:FC:C0:A9:56:4C:B8:A2:26 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 7f:57:3b:04:a3:c0:8b:15:3a:92:af:57:38:28:f9:ab:99:d3: 1a:65:cd:7e:1a:ef:83:04:d2:35:30:d5:e3:f0:64:c5:94:4c: 40:7b:7a:68:b1:87:3d:31:9c:43:bd:09:43:36:e9:fa:63:cc: d3:b3:08:3c:ff:6b:f1:f9:94:74:49:10:2c:33:1c:a3:01:1d: cc:30:f8:9f:d5:4e:ba:2e:0e:46:cb:53:5c:5c:64:55:af:df: 7b:97:d0:38:30:6b:5f:e2:03:f2:5a:03:5d:3e:e6:9f:d3:08: c0:8b:b5:98:21:18:1a:f0:32:12:bd:bc:e8:45:91:68:b1:98: d3:26:ba:58:85:9b:20:3d:de:fe:12:d6:1c:2d:49:22:66:c8: af:11:e1:49:d8:6c:19:26:8b:58:5a:d8:36:e9:e4:fd:dc:82: 2c:77:b9:e2:8b:71:4c:d7:22:53:ed:a0:f5:5b:bd:5d:b8:19: d8:0e:21:be:d4:af:e3:79:22:a2:86:c2:41:a7:2f:f6:90:6e: de:31:ed:94:f6:fd:a2:bc:dd:be:c4:85:a4:2d:01:cf:70:6a: 16:16:89:26:b4:f7:2d:95:49:42:60:0e:78:b6:8a:01:ff:0d: bc:2d:82:bf:b4:c1:58:1d:24:86:92:b2:eb:ea:de:08:a1:a8: 09:e8:2f:9a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDSNTQg+Ywq23dQ3CilWBWhzKXkswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYyMDAwMDAwMFoX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNAYjdlYjMzYjYwNjgwMzU0MmY2MjM2 ODVmNGM0MTMxNWU3NDVkYmNhNTQ0ZjdlMmRjOWIzNGU3NGU2OWRlYjg4MzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lQLJcCh/nLMWJtWpDd7T/c+bNWw FyjanF/WBvOduURyqwxWu2HDTAVAZdWzaXvKi7PcHwdiIVOIw45cDD5ZgOWPurek rhQ7/ZfoZQILMIHc8cj6gk1EwknF3RsGOrsIPmD9CSHj2k05QUpcDdL71nq1gniC 70fNLeFccs9aXi+quzqUD07jdHwNoe3ESaq1GLkYFOjOsQV0ZWA9M+gqWddJd+ys QtnIL/9mu0KjflQCJpayljNF1G/vLKDAsBZc63gogiC/51Xz+vUmYQafokBdX2// XRAzKRwcgC3hcYrktQ+4sCp14f/+Rk7NkVt+M5MUVlNyfTjU45C6GztmeQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDDvWcuUmETupU/pbfzAqVZMuKImMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2ZjZDZhZGFiLTA2ZjAtNDY3Ni05NTY4LTZkNGQ0OGY3NjU4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQB/VzsEo8CLFTqSr1c4 KPmrmdMaZc1+Gu+DBNI1MNXj8GTFlExAe3posYc9MZxDvQlDNun6Y8zTswg8/2vx +ZR0SRAsMxyjAR3MMPif1U66Lg5Gy1NcXGRVr997l9A4MGtf4gPyWgNdPuaf0wjA i7WYIRga8DISvbzoRZFosZjTJrpYhZsgPd7+EtYcLUkiZsivEeFJ2GwZJotYWtg2 6eT93IIsd7nii3FM1yJT7aD1W71duBnYDiG+1K/jeSKihsJBpy/2kG7eMe2U9v2i vN2+xIWkLQHPcGoWFokmtPctlUlCYA54tooB/w28LYK/tMFYHSSGkrLr6t4IoagJ 6C+a -----END CERTIFICATE-----Generated at Sun Jun 29 14:41:08 2025 by rpki-client