$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa File: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (raw, json) Hash identifier: f5PY2MrxTAvRi+a996gcb3GhB27Fv3w21olKXCI653c= Subject key identifier: 40:90:92:97:68:0E:0C:36:1C:16:5B:5E:EE:4F:CD:05:C5:A1:10:CD Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 017B033AD4E218D561EBAF0035CF73342AE4B773 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa Signing time: Mon 04 Aug 2025 15:00:57 +0000 ROA not before: Mon 04 Aug 2025 15:00:57 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 15:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:7b:03:3a:d4:e2:18:d5:61:eb:af:00:35:cf:73:34:2a:e4:b7:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 4 15:00:57 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=18287f84d9a1556e96e2dfd6495bcbe890108e3d0e5512df091b6ed5391ec19f, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:a4:7d:36:33:e7:dd:4d:30:76:d4:f2:c6:aa: cd:a5:ef:2b:ea:fa:a3:82:ac:27:1c:f8:4c:f3:6f: 8e:47:07:6b:1d:40:2f:98:10:4f:71:99:7a:23:9d: 37:38:80:58:b8:dd:92:e6:3f:5d:c4:cd:72:0d:f6: e8:a5:13:9c:d5:17:68:73:c4:65:67:34:80:5a:52: b4:7b:bf:3d:01:c2:e4:30:40:e2:5a:26:48:d2:09: ba:ed:34:c7:40:1e:ea:8e:f6:01:f8:1f:52:fd:c0: 47:10:94:95:39:3c:8b:88:20:e1:1f:10:50:61:1a: 5c:53:43:79:5f:6d:3d:63:68:44:e0:23:18:f6:83: 22:bc:e1:6d:6b:34:aa:e8:f9:e6:d0:c8:da:0e:01: 9c:59:d7:6d:7b:11:52:20:82:0e:b6:23:ec:0e:8e: 82:9b:e3:4c:a1:ef:72:2c:25:98:8c:f0:04:3f:97: 0f:c8:9c:f4:d0:ad:c9:6c:fb:f3:59:d0:5e:73:f4: 8d:98:2d:20:bf:08:c7:43:22:62:eb:57:89:e9:81: 21:26:6f:0e:c5:27:9b:cd:fe:98:1e:7b:f2:48:3c: 55:c8:a9:10:05:70:87:db:33:34:45:14:4b:ef:58: 68:34:25:26:9d:7c:a1:12:4e:d6:fa:52:31:d8:11: 0d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:90:92:97:68:0E:0C:36:1C:16:5B:5E:EE:4F:CD:05:C5:A1:10:CD X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/48 Signature Algorithm: sha256WithRSAEncryption a3:bc:56:1f:80:61:a2:df:06:55:17:8a:e9:fa:75:89:a6:9e: 45:5f:de:88:bc:aa:fb:1d:9c:35:c8:af:19:8f:b2:72:d8:60: a5:c9:8a:53:dc:db:4e:79:2a:ef:be:33:da:a1:c8:c3:99:91: 48:cf:43:70:b1:5f:dd:56:d1:a3:eb:98:85:50:67:c7:b5:6c: c5:e8:a3:b8:34:f7:b3:e4:c8:70:c1:9b:09:fe:1d:b9:c5:0e: fd:ee:31:ba:3f:2d:bb:24:d2:56:2b:c7:57:36:0d:6b:f5:eb: 39:06:c3:e0:4d:08:67:78:fb:0f:b5:13:99:52:c8:5f:17:8b: 97:77:d7:78:a3:a0:2f:be:05:bc:46:29:9d:9c:a0:70:8f:e1: 59:f3:2a:ee:ad:d3:05:ee:73:51:19:75:48:0b:54:1f:2f:0c: da:b9:f7:ac:0f:12:a3:1f:ba:9f:b9:7e:9d:c5:0d:b2:b8:a2: f7:b9:04:fe:79:b7:e0:55:26:03:ba:09:3a:83:a6:3e:66:c8: 28:fb:ef:77:25:4f:42:c4:69:64:81:53:33:70:40:dc:8f:1d: 89:96:ab:bf:52:3e:5a:19:a7:19:5d:2d:1a:a1:44:b5:2f:fb: 02:61:13:e5:27:7a:be:40:17:93:ab:02:bb:0f:00:6c:6c:27: 1d:4c:17:50 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAXsDOtTiGNVh668ANc9zNCrkt3MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwNDE1MDA1N1oX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAMTgyODdmODRkOWExNTU2ZTk2ZTJk ZmQ2NDk1YmNiZTg5MDEwOGUzZDBlNTUxMmRmMDkxYjZlZDUzOTFlYzE5ZjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaR9NjPn3U0wdtTyxqrNpe8r6vqj gqwnHPhM82+ORwdrHUAvmBBPcZl6I503OIBYuN2S5j9dxM1yDfbopROc1Rdoc8Rl ZzSAWlK0e789AcLkMEDiWiZI0gm67TTHQB7qjvYB+B9S/cBHEJSVOTyLiCDhHxBQ YRpcU0N5X209Y2hE4CMY9oMivOFtazSq6Pnm0MjaDgGcWddtexFSIIIOtiPsDo6C m+NMoe9yLCWYjPAEP5cPyJz00K3JbPvzWdBec/SNmC0gvwjHQyJi61eJ6YEhJm8O xSebzf6YHnvySDxVyKkQBXCH2zM0RRRL71hoNCUmnXyhEk7W+lIx2BEN6wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFECQkpdoDgw2HBZbXu5PzQXFoRDNMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzM2ODRlNTBjLWM1MGYtNGViYi1iMzI3LWUwNzU5MjQxMTk3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCjvFYfgGGi3wZVF4rp +nWJpp5FX96IvKr7HZw1yK8Zj7Jy2GClyYpT3NtOeSrvvjPaocjDmZFIz0NwsV/d VtGj65iFUGfHtWzF6KO4NPez5MhwwZsJ/h25xQ797jG6Py27JNJWK8dXNg1r9es5 BsPgTQhnePsPtROZUshfF4uXd9d4o6AvvgW8RimdnKBwj+FZ8yrurdMF7nNRGXVI C1QfLwzaufesDxKjH7qfuX6dxQ2yuKL3uQT+ebfgVSYDugk6g6Y+Zsgo++93JU9C xGlkgVMzcEDcjx2Jlqu/Uj5aGacZXS0aoUS1L/sCYRPlJ3q+QBeTqwK7DwBsbCcd TBdQ -----END CERTIFICATE-----Generated at Wed Aug 6 00:34:56 2025 by rpki-client