$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa File: 4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa (raw, json) Hash identifier: b8+i88IJY6buKvpLALdKicSTgUWm0/AqrF4NrW1AiEg= Subject key identifier: 12:D3:34:54:61:12:15:01:42:D9:CC:3A:25:9C:18:33:B2:39:E1:A9 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 1332B7501BF63FB94A634C650CDA2EBFDF060785 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa Signing time: Fri 01 Aug 2025 00:50:03 +0000 ROA not before: Fri 01 Aug 2025 00:50:03 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2403:b300:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:51:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:32:b7:50:1b:f6:3f:b9:4a:63:4c:65:0c:da:2e:bf:df:06:07:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Aug 1 00:50:03 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=c53e5a2eec48230353df66405f1eb68711ac21c32d8e008070c1445ebee65370, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:7a:2e:a9:57:b4:a7:fb:ea:16:4d:4c:42:46: c6:b2:c1:26:2d:83:2f:92:ac:06:98:81:f1:c6:e2: e5:8e:a6:54:c5:f5:fc:ad:de:fd:a0:aa:b5:f2:7d: 01:c2:1e:b4:23:32:5e:a0:e8:2c:9f:9d:be:c0:4b: 0d:f5:be:d1:b5:58:79:3f:8f:b5:88:00:5e:c7:ff: ec:03:21:88:69:ee:a8:c9:39:85:d4:c4:0a:fa:b4: 8f:6c:b1:3d:83:f3:b6:c0:63:a5:b4:67:a9:ef:06: b7:0c:c9:1d:8c:13:2e:fb:19:13:18:e0:9e:4c:6d: e2:06:0b:70:01:0d:40:2a:87:b4:ce:56:2d:ff:ba: 63:b0:d8:72:d9:fd:04:6a:f6:bb:7d:85:70:24:63: 3d:2a:8f:10:8c:b0:5d:ae:ab:b5:2f:d6:04:77:aa: 85:5b:dc:65:76:51:dc:a4:6f:fc:4d:a8:dc:52:4c: f2:fd:5e:99:f3:4d:bd:6e:70:9a:c3:56:d6:30:25: 30:8b:8b:bd:29:ff:4f:07:df:b0:2b:76:a1:4a:54: e3:33:48:10:d5:0d:f7:9c:56:bb:98:09:32:5d:51: 0a:7c:2b:20:a9:7d:1a:30:be:38:d3:67:00:eb:dc: a3:08:c6:41:93:ee:de:17:b2:ce:f3:0b:82:92:56: 4a:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:D3:34:54:61:12:15:01:42:D9:CC:3A:25:9C:18:33:B2:39:E1:A9 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/4bbd1bdf-866e-4b25-9ac6-e929a05080b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:1000::/48 Signature Algorithm: sha256WithRSAEncryption 81:de:a5:0e:f5:f4:3f:8f:20:df:ac:72:95:89:be:a9:bf:37: 5b:96:fb:6f:6e:8c:3e:7e:ee:9c:e6:13:05:89:a0:e5:25:68: 63:4b:67:44:b9:6e:4b:1d:9d:85:e4:3d:40:1a:ec:24:8b:2e: c9:ca:54:e7:fe:b1:a9:74:c6:a2:cf:f9:66:63:1d:06:00:e9: d6:bf:a0:d3:0c:5d:2f:9a:e3:59:c5:c4:57:ce:0c:96:f2:0b: f5:3d:ae:86:f3:15:08:f9:ce:92:f4:33:9e:03:ef:c6:f7:49: 04:81:8d:82:72:82:e0:72:36:2b:de:cd:ff:6e:c4:4e:aa:c1: d3:f4:de:39:29:cd:1d:81:c5:c0:36:a8:44:ca:33:2d:11:7d: 8b:1a:41:f2:37:a8:3b:5f:3d:54:ae:5b:77:bb:8b:ac:dd:e2: 40:d1:c1:1b:8a:26:ca:e1:cd:e2:a4:db:63:20:3d:05:5f:51: 1c:6b:7b:23:b4:61:39:c0:3b:08:05:6b:23:8d:55:6b:e5:35: 67:8b:a3:16:ff:34:05:50:e8:28:fb:d3:22:e3:9f:7e:c8:96: 10:ce:f0:d0:b6:83:09:cd:5d:0d:66:de:d8:1b:b4:c8:59:69: 7c:10:f1:c7:91:6a:36:05:ed:a3:48:54:9f:1e:09:1d:0a:fb: a0:a5:e8:88 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEzK3UBv2P7lKY0xlDNouv98GB4UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDgwMTAwNTAwM1oX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAYzUzZTVhMmVlYzQ4MjMwMzUzZGY2 NjQwNWYxZWI2ODcxMWFjMjFjMzJkOGUwMDgwNzBjMTQ0NWViZWU2NTM3MDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnouqVe0p/vqFk1MQkbGssEmLYMv kqwGmIHxxuLljqZUxfX8rd79oKq18n0Bwh60IzJeoOgsn52+wEsN9b7RtVh5P4+1 iABex//sAyGIae6oyTmF1MQK+rSPbLE9g/O2wGOltGep7wa3DMkdjBMu+xkTGOCe TG3iBgtwAQ1AKoe0zlYt/7pjsNhy2f0Eava7fYVwJGM9Ko8QjLBdrqu1L9YEd6qF W9xldlHcpG/8TajcUkzy/V6Z8029bnCaw1bWMCUwi4u9Kf9PB9+wK3ahSlTjM0gQ 1Q33nFa7mAkyXVEKfCsgqX0aML4402cA69yjCMZBk+7eF7LO8wuCklZK/QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBLTNFRhEhUBQtnMOiWcGDOyOeGpMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzRiYmQxYmRmLTg2NmUtNGIyNS05YWM2LWU5MjlhMDUwODBiOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzABAAMA0GCSqGSIb3DQEBCwUAA4IBAQCB3qUO9fQ/jyDfrHKV ib6pvzdblvtvbow+fu6c5hMFiaDlJWhjS2dEuW5LHZ2F5D1AGuwkiy7JylTn/rGp dMaiz/lmYx0GAOnWv6DTDF0vmuNZxcRXzgyW8gv1Pa6G8xUI+c6S9DOeA+/G90kE gY2CcoLgcjYr3s3/bsROqsHT9N45Kc0dgcXANqhEyjMtEX2LGkHyN6g7Xz1Urlt3 u4us3eJA0cEbiibK4c3ipNtjID0FX1Eca3sjtGE5wDsIBWsjjVVr5TVni6MW/zQF UOgo+9Mi459+yJYQzvDQtoMJzV0NZt7YG7TIWWl8EPHHkWo2Be2jSFSfHgkdCvug peiI -----END CERTIFICATE-----Generated at Mon Aug 4 14:59:01 2025 by rpki-client