$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: +dzONGNai6iYaWAA/mZLCMKzE3BXs0Z2YT+0LpelQQk= Subject key identifier: 86:19:2E:DB:8B:D5:55:BD:AA:34:F1:E4:89:5E:D4:5F:7F:5C:CF:86 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 4B3D676925131AA5B7AF8E5302F699C8BEDAF34D Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Fri 20 Jun 2025 00:00:01 +0000 ROA not before: Fri 20 Jun 2025 00:00:01 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:3d:67:69:25:13:1a:a5:b7:af:8e:53:02:f6:99:c8:be:da:f3:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jun 20 00:00:01 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=0e04963d0e4a347cb270f39ab1fd0ce36f10ccf94907aa264ef864e448cec514, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7f:f3:e6:f9:bd:35:5c:06:45:80:b8:eb:9f: 25:e2:bf:ff:fc:3c:aa:de:2b:98:82:0d:ee:43:ef: bc:b8:1e:42:0d:4a:6f:75:7d:8b:91:82:de:d9:cf: b8:bb:fa:92:46:d5:7e:c1:44:c9:2e:49:c3:ac:96: ad:9a:c4:7e:ac:bf:07:8c:a6:89:94:93:e6:70:88: cc:66:b1:08:fd:01:b9:73:b7:65:54:9a:c2:a3:a8: f0:5b:bb:97:46:81:ae:3f:96:cb:65:e0:03:07:ae: 07:7c:30:84:e9:e9:ff:d2:a4:85:10:a0:ce:30:3d: 79:24:bd:f6:17:f9:2b:27:4c:dd:30:86:d5:c4:8f: f0:bd:8d:fc:d1:19:5b:c8:b9:76:8b:8f:ba:77:b9: 98:c1:50:3f:0a:7c:ff:93:11:ca:48:db:77:54:bd: 2e:c7:57:14:5e:4d:b2:f3:e7:99:24:f4:53:33:3f: 0c:8b:2d:73:9b:e6:cd:06:95:35:23:34:e0:84:90: bc:e3:5f:c7:a6:b8:12:34:d8:a4:04:3d:2b:22:b9: 73:28:fb:ad:4d:b2:5d:93:6e:52:18:e8:74:e0:ea: 60:d8:83:cc:7c:0f:02:ca:3e:b1:ed:3c:4b:88:4d: 6b:b5:2a:25:71:91:69:18:90:9c:ba:01:91:27:4a: 10:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:19:2E:DB:8B:D5:55:BD:AA:34:F1:E4:89:5E:D4:5F:7F:5C:CF:86 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 76:2f:3c:3a:7c:ef:8d:24:47:9a:a2:b2:11:77:3a:c5:74:bc: c5:12:fd:ac:f7:e5:e9:25:b9:05:2f:35:be:18:57:f3:37:ab: 60:7d:ed:75:8e:e4:6a:06:24:98:2a:b9:60:c9:6d:80:a9:f6: 06:fb:89:3e:cd:74:02:8b:a4:09:fb:6b:cf:d1:94:bd:f3:ee: 5d:d6:b3:d8:1a:72:51:66:c2:2a:4b:79:31:19:b6:da:f2:a6: 0f:ef:af:6f:e4:03:d9:b5:8e:0b:73:76:89:25:4c:4a:a8:ea: d9:48:71:40:36:fc:a9:17:5a:74:9d:ab:f5:36:c3:bb:55:94: 47:68:30:e1:5f:dd:5c:f7:75:57:44:d1:e6:fe:ff:5f:65:d0: c6:62:d8:c6:76:d0:4b:a7:77:07:4e:44:3a:e9:b1:07:eb:b8: 2d:31:ff:fe:82:70:6d:ec:dd:78:16:bb:0c:0d:c9:54:fe:38: ec:02:6f:40:f5:1b:d5:06:dc:34:5e:ef:0a:d4:31:51:59:83: 15:e3:28:e3:47:ac:18:4d:71:30:23:10:85:0d:31:4c:7b:50: 4a:45:ca:c3:b1:6b:fa:bc:02:aa:55:7e:45:cf:48:2c:d4:3c: 8d:df:0d:23:17:18:a3:12:60:9a:c4:a8:34:e8:87:6e:4c:c0: 02:ef:54:83 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUSz1naSUTGqW3r45TAvaZyL7a800wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDYyMDAwMDAwMVoX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNAMGUwNDk2M2QwZTRhMzQ3Y2IyNzBm MzlhYjFmZDBjZTM2ZjEwY2NmOTQ5MDdhYTI2NGVmODY0ZTQ0OGNlYzUxNDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13/z5vm9NVwGRYC4658l4r///Dyq 3iuYgg3uQ++8uB5CDUpvdX2LkYLe2c+4u/qSRtV+wUTJLknDrJatmsR+rL8HjKaJ lJPmcIjMZrEI/QG5c7dlVJrCo6jwW7uXRoGuP5bLZeADB64HfDCE6en/0qSFEKDO MD15JL32F/krJ0zdMIbVxI/wvY380RlbyLl2i4+6d7mYwVA/Cnz/kxHKSNt3VL0u x1cUXk2y8+eZJPRTMz8Miy1zm+bNBpU1IzTghJC841/HprgSNNikBD0rIrlzKPut TbJdk25SGOh04Opg2IPMfA8Cyj6x7TxLiE1rtSolcZFpGJCcugGRJ0oQhwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFIYZLtuL1VW9qjTx5Ile1F9/XM+GMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAdi88OnzvjSRHmqKyEXc6 xXS8xRL9rPfl6SW5BS81vhhX8zerYH3tdY7kagYkmCq5YMltgKn2BvuJPs10Aouk Cftrz9GUvfPuXdaz2BpyUWbCKkt5MRm22vKmD++vb+QD2bWOC3N2iSVMSqjq2Uhx QDb8qRdadJ2r9TbDu1WUR2gw4V/dXPd1V0TR5v7/X2XQxmLYxnbQS6d3B05EOumx B+u4LTH//oJwbezdeBa7DA3JVP447AJvQPUb1QbcNF7vCtQxUVmDFeMo40esGE1x MCMQhQ0xTHtQSkXKw7Fr+rwCqlV+Rc9ILNQ8jd8NIxcYoxJgmsSoNOiHbkzAAu9U gw== -----END CERTIFICATE-----Generated at Sun Jun 29 03:53:06 2025 by rpki-client