$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: L8E1l2oiOWTrgiP9UWGjpUoQO6+qB00YWAWDpPNzJg0= Subject key identifier: A0:4C:5C:FB:A0:FC:0D:EE:C5:01:7E:F6:49:12:EC:A1:5F:3F:20:94 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 6D9AA2350D2B5356E3E6751A6E919DFFD5B51432 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Sat 09 Aug 2025 00:00:29 +0000 ROA not before: Sat 09 Aug 2025 00:00:29 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:03:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:9a:a2:35:0d:2b:53:56:e3:e6:75:1a:6e:91:9d:ff:d5:b5:14:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 9 00:00:29 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=6a10a480ec35cabfabe11f224ecc005e03c67b3fe767356c67fe666556ad85a4, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ed:a0:de:5d:76:99:25:3c:4d:77:6f:09:f6: fc:f5:56:26:91:4c:cb:56:06:1f:48:76:d4:cc:da: 14:1c:3d:b1:d3:df:31:fb:00:14:99:b6:86:fd:fa: d5:9d:a3:50:71:66:00:78:4a:5d:5b:79:6a:91:02: 73:c9:f8:60:40:0a:7b:c9:f4:8c:cf:7c:ed:0c:fa: 52:cf:2d:3c:28:de:02:e5:80:d4:39:36:ac:ed:f6: 73:99:00:1b:bd:87:e2:3a:ef:49:62:10:c2:3f:85: 9c:af:f3:15:f5:45:15:03:b3:e4:35:2a:b7:ba:54: bd:9a:c6:92:5e:b3:38:c4:1d:e5:d9:f5:c4:0c:a0: bd:e1:cb:c7:1c:cc:2d:73:9d:5e:df:67:34:57:98: 88:81:42:17:0a:92:5d:fb:db:9b:8b:95:ca:4e:58: d5:ed:57:4e:01:dc:d8:b2:cf:82:75:2e:2c:f9:45: fb:24:28:74:a2:f8:77:23:78:63:23:a5:ae:a7:62: 35:90:1d:c5:92:3e:c6:8f:05:86:21:5e:78:3b:ff: 07:86:c2:91:81:e8:ec:d1:04:44:7c:1a:6e:17:f6: 76:cb:4c:3d:13:04:a9:6c:70:1c:fb:d0:11:17:33: 4d:05:06:c9:10:d2:bf:b0:cb:3a:83:3a:93:b2:f2: 84:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:4C:5C:FB:A0:FC:0D:EE:C5:01:7E:F6:49:12:EC:A1:5F:3F:20:94 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 81:9e:fd:99:9f:04:f0:8b:4a:91:90:94:fa:9c:1e:a3:5e:bb: 29:fa:0a:68:47:7a:d6:9d:15:3c:02:bf:df:3a:4b:e5:f2:fa: 9d:a3:9d:f3:8e:cc:97:86:80:91:8f:62:37:45:a6:c5:21:d0: 87:2f:08:e5:83:05:ed:02:02:e3:01:b0:80:75:c9:9a:02:c3: b0:23:2d:b4:b4:7a:69:69:02:53:5a:95:a0:15:bd:65:8a:6c: 19:40:96:21:25:1e:1a:43:fb:e7:cd:d4:bb:ab:b6:60:73:66: 1b:68:90:99:64:02:04:f0:df:15:a2:c4:45:5e:28:cd:ee:00: 64:87:63:02:37:fb:6c:0b:b8:b0:b5:a6:2e:3b:5c:54:21:21: d1:0a:3d:7e:a4:9c:2f:d0:b1:12:b4:c0:6f:a7:8c:80:01:5d: 93:b7:5a:b3:62:7e:15:a1:34:f9:02:d5:9e:35:83:ab:a4:35: e7:39:fe:7b:90:d3:08:bb:6f:d1:b7:26:74:c3:c3:82:f3:69: 48:99:6f:83:09:85:ed:cd:29:77:b5:0b:5c:9a:e9:7d:b0:9b: 9f:bf:f8:d4:66:18:ab:1f:44:f9:31:96:9f:2a:64:f0:78:39: e5:4a:f6:c1:39:bd:f8:19:f4:54:a2:26:b0:c4:7b:d7:f8:11: fe:49:6d:f2 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUbZqiNQ0rU1bj5nUabpGd/9W1FDIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwOTAwMDAyOVoX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNANmExMGE0ODBlYzM1Y2FiZmFiZTEx ZjIyNGVjYzAwNWUwM2M2N2IzZmU3NjczNTZjNjdmZTY2NjU1NmFkODVhNDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe2g3l12mSU8TXdvCfb89VYmkUzL VgYfSHbUzNoUHD2x098x+wAUmbaG/frVnaNQcWYAeEpdW3lqkQJzyfhgQAp7yfSM z3ztDPpSzy08KN4C5YDUOTas7fZzmQAbvYfiOu9JYhDCP4Wcr/MV9UUVA7PkNSq3 ulS9msaSXrM4xB3l2fXEDKC94cvHHMwtc51e32c0V5iIgUIXCpJd+9ubi5XKTljV 7VdOAdzYss+CdS4s+UX7JCh0ovh3I3hjI6Wup2I1kB3Fkj7GjwWGIV54O/8HhsKR gejs0QREfBpuF/Z2y0w9EwSpbHAc+9ARFzNNBQbJENK/sMs6gzqTsvKEHQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFKBMXPug/A3uxQF+9kkS7KFfPyCUMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAgZ79mZ8E8ItKkZCU+pwe o167KfoKaEd61p0VPAK/3zpL5fL6naOd847Ml4aAkY9iN0WmxSHQhy8I5YMF7QIC 4wGwgHXJmgLDsCMttLR6aWkCU1qVoBW9ZYpsGUCWISUeGkP7583Uu6u2YHNmG2iQ mWQCBPDfFaLERV4oze4AZIdjAjf7bAu4sLWmLjtcVCEh0Qo9fqScL9CxErTAb6eM gAFdk7das2J+FaE0+QLVnjWDq6Q15zn+e5DTCLtv0bcmdMPDgvNpSJlvgwmF7c0p d7ULXJrpfbCbn7/41GYYqx9E+TGWnypk8Hg55Ur2wTm9+Bn0VKImsMR71/gR/klt 8g== -----END CERTIFICATE-----Generated at Sat Aug 23 06:38:08 2025 by rpki-client