$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: fETUbKY+RD96BbxsXAfAiGaDWB2jsZUhDvXgLfPGlFU= Subject key identifier: 09:2A:7E:1A:5D:28:D2:7B:90:C5:48:10:53:BE:A7:3F:19:CE:27:6A Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 6FB56C373BED997F99485D9356BCC50BE106116E Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Tue 15 Jul 2025 00:00:05 +0000 ROA not before: Tue 15 Jul 2025 00:00:05 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:51:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:b5:6c:37:3b:ed:99:7f:99:48:5d:93:56:bc:c5:0b:e1:06:11:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jul 15 00:00:05 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=3f5eeeb3d964d2e9b48c62f610e29e3251f6bf7094cbc097452fa8ef6bc7b2a9, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:3a:a9:ec:2b:0d:a5:4b:3b:ec:2c:63:b3:75: c2:fe:7f:39:99:bf:ae:03:18:17:7f:23:3f:70:f8: 17:4b:7b:d6:e7:e1:20:9b:55:bf:65:c8:ad:22:5a: 69:3e:48:1d:68:43:44:9d:ca:4c:6f:46:67:2e:15: bc:03:ba:0c:8e:87:88:ff:a1:26:77:de:53:b1:ee: c7:1a:8a:6d:ee:9e:36:6c:c8:ee:a1:f8:31:c7:53: 1f:f6:ba:fe:91:89:68:29:bc:8e:26:13:fe:87:d6: 3f:a2:45:c6:0f:23:0a:ec:b3:33:d1:d0:56:4e:61: 3b:dd:96:7c:cb:35:53:01:70:0b:04:e4:50:4e:5e: 77:10:ee:22:83:28:cf:74:64:de:9f:82:73:ac:89: e9:97:4f:cc:1a:bd:03:3e:cb:61:ff:df:0c:74:9b: aa:4d:b1:2c:54:5a:74:10:59:ce:d7:b4:b8:a1:fc: 23:c3:03:e2:f2:a5:d3:49:77:b1:73:7e:cd:d7:5c: 03:10:3c:a3:12:64:26:4e:af:63:98:a9:ab:6f:50: c9:14:37:a7:c0:41:89:4d:80:a6:7d:bb:3c:e9:df: 50:e5:d1:e1:b5:69:80:a3:f4:63:d3:7c:e5:54:4c: 56:c5:48:31:fa:cc:bc:95:13:69:8d:03:4f:70:1f: a3:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:2A:7E:1A:5D:28:D2:7B:90:C5:48:10:53:BE:A7:3F:19:CE:27:6A X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 30:12:5d:da:a2:1d:6e:3b:dd:e0:99:ed:34:e6:90:5f:ee:97: b8:0a:97:19:0d:39:ed:4d:24:8a:2f:54:20:86:a8:7c:83:6a: 32:f3:8a:7d:fb:e8:77:da:60:6c:bd:e2:3b:c2:b0:17:c2:de: 35:c0:39:ea:b6:1e:05:25:be:8c:6f:a2:82:68:60:d3:74:58: 0a:1e:7e:50:67:6a:c3:32:5a:0e:87:71:e5:d2:1f:af:a2:d8: 23:9b:41:5e:6f:40:10:9b:e5:f6:33:c3:f2:79:26:5e:3f:1f: f1:59:fb:2e:da:9e:0a:c5:b9:ca:28:1a:b6:d9:ae:58:bf:79: 1b:3b:3f:34:46:2c:2a:7c:39:8f:60:0e:19:ad:08:ce:4a:98: a2:48:9b:cd:f7:21:ef:a6:e5:24:96:a3:5e:da:9a:0d:c4:80: a3:83:6f:81:41:19:e6:72:d8:0b:a6:89:cc:10:62:ca:a9:5c: d3:c4:eb:df:bd:24:55:0e:77:7f:16:f5:c8:0d:85:ae:13:0c: f9:14:26:39:a7:1d:40:8c:b4:42:6a:ff:f4:58:07:51:e3:68: ac:a6:d9:ec:d0:06:f7:07:f4:51:8a:98:17:bd:2c:e1:f9:0c: 2e:4c:78:be:65:9f:d0:12:cf:23:d1:46:f6:02:a4:3e:2b:88: de:8b:55:2c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUb7VsNzvtmX+ZSF2TVrzFC+EGEW4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDcxNTAwMDAwNVoX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAM2Y1ZWVlYjNkOTY0ZDJlOWI0OGM2 MmY2MTBlMjllMzI1MWY2YmY3MDk0Y2JjMDk3NDUyZmE4ZWY2YmM3YjJhOTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDqp7CsNpUs77Cxjs3XC/n85mb+u AxgXfyM/cPgXS3vW5+Egm1W/ZcitIlppPkgdaENEncpMb0ZnLhW8A7oMjoeI/6Em d95Tse7HGopt7p42bMjuofgxx1Mf9rr+kYloKbyOJhP+h9Y/okXGDyMK7LMz0dBW TmE73ZZ8yzVTAXALBORQTl53EO4igyjPdGTen4JzrInpl0/MGr0DPsth/98MdJuq TbEsVFp0EFnO17S4ofwjwwPi8qXTSXexc37N11wDEDyjEmQmTq9jmKmrb1DJFDen wEGJTYCmfbs86d9Q5dHhtWmAo/Rj03zlVExWxUgx+sy8lRNpjQNPcB+jbQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAkqfhpdKNJ7kMVIEFO+pz8ZzidqMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAwEl3aoh1uO93gme00 5pBf7pe4CpcZDTntTSSKL1Qghqh8g2oy84p9++h32mBsveI7wrAXwt41wDnqth4F Jb6Mb6KCaGDTdFgKHn5QZ2rDMloOh3Hl0h+votgjm0Feb0AQm+X2M8PyeSZePx/x Wfsu2p4KxbnKKBq22a5Yv3kbOz80RiwqfDmPYA4ZrQjOSpiiSJvN9yHvpuUklqNe 2poNxICjg2+BQRnmctgLponMEGLKqVzTxOvfvSRVDnd/FvXIDYWuEwz5FCY5px1A jLRCav/0WAdR42isptns0Ab3B/RRipgXvSzh+QwuTHi+ZZ/QEs8j0Ub2AqQ+K4je i1Us -----END CERTIFICATE-----Generated at Mon Aug 4 16:12:39 2025 by rpki-client