$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json) Hash identifier: 3aIN/XRsql+YV4C3dYNWqS31HTBIodwU84Th5RRnY/U= Subject key identifier: 7F:D1:11:E8:8F:7D:89:8B:B5:CA:38:06:C7:E3:DC:27:E9:DA:72:AC Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 66866BFB99F76D7E278D0A79F1A2EE3BE88AD417 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa Signing time: Mon 04 Aug 2025 15:00:46 +0000 ROA not before: Mon 04 Aug 2025 15:00:46 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:03:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:86:6b:fb:99:f7:6d:7e:27:8d:0a:79:f1:a2:ee:3b:e8:8a:d4:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 4 15:00:46 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=48328468455c11e806d97cd481783f1c3ac726b5063d88827b4aaabc01f058c1, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:6c:3f:95:5f:82:db:57:f0:57:9a:9e:82:cf: 07:bd:ab:3e:fe:c5:50:50:99:b5:46:a4:46:64:c4: d0:4d:c4:b5:9a:8f:25:5c:73:5d:58:af:96:fc:55: 0c:ed:f9:86:d2:08:81:d4:29:23:91:7b:38:93:26: b1:9d:99:be:f0:34:cf:25:6c:fe:cd:e2:94:f0:bb: fa:25:eb:b2:58:d7:13:15:9e:23:d7:71:21:d2:ed: 75:2f:1b:39:86:7d:98:b8:6e:41:5c:6d:4c:17:70: 2a:d6:a1:3d:b9:2b:24:c3:ca:97:d8:de:ef:5d:cf: 21:78:c2:be:96:a5:90:3d:0b:eb:00:99:5a:2b:55: 45:2c:7b:ed:6b:3c:7d:cd:64:d9:71:84:be:54:3e: 53:80:b5:02:4d:ae:61:b9:0c:e5:95:b4:0b:de:b3: 38:27:d8:d7:b8:d3:a5:bf:24:bb:7f:e2:53:e6:06: 19:5c:05:82:e8:b1:81:c9:e0:f4:6f:2f:9d:12:87: 3b:94:6e:17:27:e0:d8:a8:ec:60:2c:81:69:9a:2d: c7:d9:63:09:7c:30:b5:96:eb:90:3c:76:7a:29:b3: 95:48:a6:c1:21:d9:ce:0f:45:81:27:3d:0a:2a:45: 0f:5c:7a:48:71:23:31:15:a6:64:3e:df:d8:4c:ba: 76:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:D1:11:E8:8F:7D:89:8B:B5:CA:38:06:C7:E3:DC:27:E9:DA:72:AC X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/48 Signature Algorithm: sha256WithRSAEncryption ba:cb:4a:91:b7:43:cd:dc:fb:8a:33:cb:fe:4f:eb:6b:b8:69: 9c:37:89:f1:97:26:f5:f0:ae:a2:47:0b:f2:91:5e:da:ca:16: f2:4d:d6:bf:6d:6f:50:85:2e:56:70:e7:81:c2:60:0d:4d:1e: 99:07:b6:9e:c5:71:d8:ec:7f:54:5c:a6:80:a7:5e:37:f5:bc: 17:be:02:14:3f:97:ba:2f:80:82:2d:72:7c:1d:df:4c:64:04: f4:f4:a5:bb:f7:0e:75:28:40:88:b8:43:02:d1:6f:54:fc:2c: 38:fb:48:05:56:e9:2c:f6:e3:d0:1e:53:8d:2a:4d:32:c9:78: 39:a1:6c:07:09:c1:f5:7a:82:80:63:97:e8:2e:63:12:56:60: 18:66:65:e7:1c:24:bf:1a:38:5f:bb:dc:84:25:bb:c7:71:bd: d4:37:23:73:8e:1d:f5:5d:66:e3:48:34:1e:ce:77:81:78:92: 12:83:c9:49:0e:da:87:7c:4a:24:84:dd:ed:96:ef:05:4b:3e: f4:88:4d:95:79:4d:ec:2f:cc:59:fe:e3:d0:0d:b1:0e:1c:9c: d5:f6:91:3b:43:73:40:d0:7d:59:4a:f5:2b:6b:3e:7e:8b:5c: a3:7b:7d:02:f2:e4:36:ae:22:03:00:18:04:87:35:92:55:4e: 8c:38:97:a6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZoZr+5n3bX4njQp58aLuO+iK1BcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwNDE1MDA0NloX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNANDgzMjg0Njg0NTVjMTFlODA2ZDk3 Y2Q0ODE3ODNmMWMzYWM3MjZiNTA2M2Q4ODgyN2I0YWFhYmMwMWYwNThjMTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWw/lV+C21fwV5qegs8Hvas+/sVQ UJm1RqRGZMTQTcS1mo8lXHNdWK+W/FUM7fmG0giB1CkjkXs4kyaxnZm+8DTPJWz+ zeKU8Lv6JeuyWNcTFZ4j13Eh0u11Lxs5hn2YuG5BXG1MF3Aq1qE9uSskw8qX2N7v Xc8heMK+lqWQPQvrAJlaK1VFLHvtazx9zWTZcYS+VD5TgLUCTa5huQzllbQL3rM4 J9jXuNOlvyS7f+JT5gYZXAWC6LGByeD0by+dEoc7lG4XJ+DYqOxgLIFpmi3H2WMJ fDC1luuQPHZ6KbOVSKbBIdnOD0WBJz0KKkUPXHpIcSMxFaZkPt/YTLp2SwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFH/REeiPfYmLtco4Bsfj3Cfp2nKsMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQC6y0qRt0PN3PuKM8v+ T+truGmcN4nxlyb18K6iRwvykV7ayhbyTda/bW9QhS5WcOeBwmANTR6ZB7aexXHY 7H9UXKaAp1439bwXvgIUP5e6L4CCLXJ8Hd9MZAT09KW79w51KECIuEMC0W9U/Cw4 +0gFVuks9uPQHlONKk0yyXg5oWwHCcH1eoKAY5foLmMSVmAYZmXnHCS/Gjhfu9yE JbvHcb3UNyNzjh31XWbjSDQezneBeJISg8lJDtqHfEokhN3tlu8FSz70iE2VeU3s L8xZ/uPQDbEOHJzV9pE7Q3NA0H1ZSvUraz5+i1yje30C8uQ2riIDABgEhzWSVU6M OJem -----END CERTIFICATE-----Generated at Sat Aug 23 08:12:46 2025 by rpki-client