$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json) Hash identifier: HJIWOyYe38lELu3rJl66xPnUxv4UykP49+nbKbbeZnk= Subject key identifier: C4:A0:BF:13:63:43:80:FE:AB:90:D2:19:8F:E7:15:51:C7:20:26:3E Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4E4966A2206E3F8526C22E62DE422AE8DE30D564 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa Signing time: Wed 09 Jul 2025 00:00:07 +0000 ROA not before: Wed 09 Jul 2025 00:00:07 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:49:66:a2:20:6e:3f:85:26:c2:2e:62:de:42:2a:e8:de:30:d5:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jul 9 00:00:07 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=be63096f28300412b83b85681f9e6851c0746d0997222946496dc60216e014ba, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:47:1c:02:2d:94:e6:42:18:fc:84:52:f8:47: 73:50:fa:27:66:53:d2:3e:52:ca:ca:81:ef:1f:2c: 60:b9:df:b0:b3:9b:62:d5:ec:a3:f3:8f:65:c7:2d: 89:73:21:3d:95:fc:0b:52:5e:d2:9c:f3:5a:a7:dc: a3:e9:83:2e:30:fb:fa:b9:c9:69:57:7c:95:7e:9d: 47:07:20:5a:17:c7:3b:74:96:f1:57:2f:30:bf:74: ba:57:e1:42:a4:77:8f:7d:d5:50:16:6c:79:00:d1: 28:d0:16:f3:95:c9:ba:58:db:13:31:84:a0:d1:0f: 2a:1b:0f:0c:3d:9d:04:2b:e0:af:e8:78:c8:52:82: 81:7c:b4:5e:d1:44:d2:51:e1:79:c0:81:57:88:b4: 93:56:4a:04:86:de:8e:59:4d:9a:20:8a:bd:bd:00: d3:7c:16:06:ca:03:bb:a2:50:62:65:18:6c:9d:08: c0:30:d0:b8:0b:6e:f0:d1:35:d8:4c:ef:b5:56:3c: 7d:19:d9:26:3a:5c:08:6f:ad:cb:4c:f1:97:99:1b: 89:89:3d:21:6e:ae:6d:0d:4c:b1:aa:de:cd:2c:10: c6:2d:74:f3:81:15:7b:8f:99:8d:e6:cd:e4:16:dd: c6:be:75:89:9f:59:89:be:65:06:d0:e8:18:09:ab: 76:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:A0:BF:13:63:43:80:FE:AB:90:D2:19:8F:E7:15:51:C7:20:26:3E X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:2000::/36 Signature Algorithm: sha256WithRSAEncryption ab:86:a3:8a:31:2c:11:fb:8c:40:d5:42:4f:31:de:a2:53:cf: 40:92:0d:da:02:3e:4e:8d:61:51:97:2c:8d:80:3d:26:f0:ad: da:af:ca:9c:db:26:e1:a0:74:09:b5:8f:03:27:0f:8b:38:22: 88:88:ae:eb:62:68:9e:52:2f:bc:0b:17:5b:83:83:d0:6f:83: 2c:35:be:d5:61:27:0c:1d:79:8a:00:e0:88:3c:9d:f5:ae:78: c7:8a:87:db:1b:14:24:2d:dc:7c:65:02:34:9a:57:59:4c:9b: f3:21:e2:7f:01:e6:ad:12:6f:c1:7a:22:1c:c3:3b:db:4e:5d: 4b:6f:a7:e9:fe:e9:c3:02:83:9c:fc:60:66:8e:8d:b6:95:6a: 9a:d1:f9:02:6d:80:25:ae:ef:17:73:68:1b:a7:fd:4d:6d:50: 27:9b:36:a1:e1:8d:b8:c3:2c:28:ec:94:36:ca:58:c0:bb:d0: 34:64:b1:a2:91:83:65:99:01:ff:8d:b8:cd:d8:ea:62:3e:14: 84:0d:7c:a5:db:c8:d8:31:71:36:05:b9:51:05:38:b0:34:bf: d2:bf:18:69:15:c0:e1:3b:fb:5f:f1:cf:79:93:2e:18:00:14: 04:a9:68:33:9d:43:6e:9d:4c:36:8a:33:20:99:f3:bc:a6:62: 13:fe:cc:38 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTklmoiBuP4Umwi5i3kIq6N4w1WQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDcwOTAwMDAwN1oX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAYmU2MzA5NmYyODMwMDQxMmI4M2I4 NTY4MWY5ZTY4NTFjMDc0NmQwOTk3MjIyOTQ2NDk2ZGM2MDIxNmUwMTRiYTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0ccAi2U5kIY/IRS+EdzUPonZlPS PlLKyoHvHyxgud+ws5ti1eyj849lxy2JcyE9lfwLUl7SnPNap9yj6YMuMPv6uclp V3yVfp1HByBaF8c7dJbxVy8wv3S6V+FCpHePfdVQFmx5ANEo0Bbzlcm6WNsTMYSg 0Q8qGw8MPZ0EK+Cv6HjIUoKBfLRe0UTSUeF5wIFXiLSTVkoEht6OWU2aIIq9vQDT fBYGygO7olBiZRhsnQjAMNC4C27w0TXYTO+1Vjx9GdkmOlwIb63LTPGXmRuJiT0h bq5tDUyxqt7NLBDGLXTzgRV7j5mN5s3kFt3GvnWJn1mJvmUG0OgYCat2iwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMSgvxNjQ4D+q5DSGY/nFVHHICY+MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBAKuGo4oxLBH7jEDVQk8x 3qJTz0CSDdoCPk6NYVGXLI2APSbwrdqvypzbJuGgdAm1jwMnD4s4IoiIrutiaJ5S L7wLF1uDg9Bvgyw1vtVhJwwdeYoA4Ig8nfWueMeKh9sbFCQt3HxlAjSaV1lMm/Mh 4n8B5q0Sb8F6IhzDO9tOXUtvp+n+6cMCg5z8YGaOjbaVaprR+QJtgCWu7xdzaBun /U1tUCebNqHhjbjDLCjslDbKWMC70DRksaKRg2WZAf+NuM3Y6mI+FIQNfKXbyNgx cTYFuVEFOLA0v9K/GGkVwOE7+1/xz3mTLhgAFASpaDOdQ26dTDaKMyCZ87ymYhP+ zDg= -----END CERTIFICATE-----Generated at Mon Aug 4 15:26:50 2025 by rpki-client