$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: btx/opP9Qtsy/2G/bpONUhHndKqqH++egKns+RlBMcE= Subject key identifier: C1:E9:A2:90:1F:E7:02:AC:9D:C3:AF:50:D1:27:30:B0:E3:BA:5E:36 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 4402AED1DBAF610297B42692373F4CE00757E8AF Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Fri 20 Jun 2025 00:00:00 +0000 ROA not before: Fri 20 Jun 2025 00:00:00 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:02:ae:d1:db:af:61:02:97:b4:26:92:37:3f:4c:e0:07:57:e8:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jun 20 00:00:00 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=fa53471c20ceafb0c64c01a776a925ff15c7dc913027c42abb81ca1ee1b9b64a, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:38:16:31:70:f3:00:61:8e:bb:6a:ef:0d:0b: 39:e6:f8:ce:e6:14:2c:1b:5e:17:85:e5:47:43:19: 6c:50:16:25:e2:60:17:aa:6c:0a:16:31:ec:99:32: 1a:ca:df:f9:71:e2:e6:fb:d8:6b:e6:d7:5b:57:2b: f0:cd:d9:e9:ed:ff:2f:2f:d4:bd:73:c3:71:5c:c9: 76:86:3e:f6:45:41:63:3f:8c:ee:fa:3a:b4:5e:4b: f5:2b:3e:a8:80:d9:37:18:d5:95:63:0b:6a:61:d3: 7c:2c:2b:ff:2a:b0:e8:d4:db:02:31:42:2e:66:4c: 39:a0:d9:30:89:e2:82:e4:ec:78:27:9f:df:7f:5d: 2a:fa:82:ce:ee:7a:31:63:35:09:29:be:06:24:cd: ed:c1:d7:db:54:3c:1f:d7:11:b5:7c:56:0f:a8:0c: af:3d:e1:50:a1:9f:33:eb:b8:57:17:fd:cd:84:ba: ee:5b:c8:ea:fd:70:27:3f:d3:f4:16:78:f6:96:86: 7a:70:7d:64:c5:60:84:fa:ce:1e:9c:27:fa:39:65: 4f:7c:fe:76:47:10:a2:d2:87:73:48:bb:76:df:e1: 79:db:02:c6:51:bb:01:8d:9c:71:06:5d:27:6b:52: fd:35:53:a1:2f:d2:5e:01:92:07:5d:8c:09:4f:2f: bd:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:E9:A2:90:1F:E7:02:AC:9D:C3:AF:50:D1:27:30:B0:E3:BA:5E:36 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 02:a4:49:4f:ea:66:27:5d:18:e5:4c:b9:1c:70:b9:39:bd:c8: b9:be:18:c7:a0:fa:87:d9:19:2b:a3:24:1e:7c:32:a7:e2:31: 4d:45:f3:38:5d:55:63:53:7d:d0:07:4a:c1:61:b7:50:55:5b: c5:06:78:29:d0:d3:32:3f:38:d8:86:ae:83:aa:d2:3a:bd:a3: a0:f1:20:17:20:41:5d:6a:08:65:de:4d:7f:94:6a:8e:e6:5e: 23:6d:7c:97:7f:03:c5:f8:67:45:b6:65:9c:33:54:13:28:59: db:4e:db:f9:ae:4a:b8:92:b5:ab:73:1b:93:f0:d2:dc:32:09: b9:cb:99:54:3c:68:13:54:8a:ac:f1:86:8c:dd:a2:4d:d2:e1: 7c:8c:09:32:a9:3e:1d:48:bc:d2:f8:0e:fa:ca:8b:94:66:13: 78:2d:63:c8:3e:2e:01:90:b2:35:8a:da:61:62:61:5c:80:a9: 60:ae:1d:1b:de:56:9e:78:b9:f6:aa:de:2f:cb:b7:d6:58:30: 98:3a:82:81:be:62:d9:0b:04:c7:ee:8a:64:74:da:65:be:6e: 1a:09:36:9d:fb:30:2f:03:09:14:1f:a3:44:9e:81:1a:50:4f: 23:35:84:17:f5:3e:b0:88:ec:04:06:3b:45:72:99:5c:ca:0a: b4:7c:e6:d1 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURAKu0duvYQKXtCaSNz9M4AdX6K8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDYyMDAwMDAwMFoX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNAZmE1MzQ3MWMyMGNlYWZiMGM2NGMw MWE3NzZhOTI1ZmYxNWM3ZGM5MTMwMjdjNDJhYmI4MWNhMWVlMWI5YjY0YTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTgWMXDzAGGOu2rvDQs55vjO5hQs G14XheVHQxlsUBYl4mAXqmwKFjHsmTIayt/5ceLm+9hr5tdbVyvwzdnp7f8vL9S9 c8NxXMl2hj72RUFjP4zu+jq0Xkv1Kz6ogNk3GNWVYwtqYdN8LCv/KrDo1NsCMUIu Zkw5oNkwieKC5Ox4J5/ff10q+oLO7noxYzUJKb4GJM3twdfbVDwf1xG1fFYPqAyv PeFQoZ8z67hXF/3NhLruW8jq/XAnP9P0Fnj2loZ6cH1kxWCE+s4enCf6OWVPfP52 RxCi0odzSLt23+F52wLGUbsBjZxxBl0na1L9NVOhL9JeAZIHXYwJTy+9qQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMHpopAf5wKsncOvUNEnMLDjul42MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQACpElP6mYnXRjlTLkc cLk5vci5vhjHoPqH2RkroyQefDKn4jFNRfM4XVVjU33QB0rBYbdQVVvFBngp0NMy PzjYhq6DqtI6vaOg8SAXIEFdaghl3k1/lGqO5l4jbXyXfwPF+GdFtmWcM1QTKFnb Ttv5rkq4krWrcxuT8NLcMgm5y5lUPGgTVIqs8YaM3aJN0uF8jAkyqT4dSLzS+A76 youUZhN4LWPIPi4BkLI1itphYmFcgKlgrh0b3laeeLn2qt4vy7fWWDCYOoKBvmLZ CwTH7opkdNplvm4aCTad+zAvAwkUH6NEnoEaUE8jNYQX9T6wiOwEBjtFcplcygq0 fObR -----END CERTIFICATE-----Generated at Sun Jun 29 04:35:01 2025 by rpki-client