$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa File: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (raw, json) Hash identifier: dpTwwGwUN8ci0QMRkJkmkDKvUoL+XoAG41b3JRF15x0= Subject key identifier: 68:3C:D7:F7:78:6A:97:91:71:61:CE:EB:72:25:D9:E9:91:4D:3C:E7 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 25CA43AF5E23822125ED5B905B75722510947783 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa Signing time: Sat 14 Jun 2025 00:00:02 +0000 ROA not before: Sat 14 Jun 2025 00:00:02 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:ca:43:af:5e:23:82:21:25:ed:5b:90:5b:75:72:25:10:94:77:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 14 00:00:02 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=0eb009944cd04a1947694d756d553e6a9a5bc1765eb75a2019e9ba2d4d1074c7, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:fa:6f:f9:b7:58:be:e9:d9:86:b2:bd:cb:16: bd:8a:79:4f:ff:df:5c:4b:ad:d3:c8:89:bd:1d:c6: 15:b8:42:62:46:c8:62:8a:63:44:6c:fc:ad:32:89: 60:18:63:35:0a:f7:a5:b7:a4:e4:de:b4:28:8c:79: dc:3f:a7:f5:fb:b4:ff:42:65:72:3c:8f:99:10:a3: b9:29:34:71:2d:7d:9b:6b:f8:d5:d8:b0:71:be:eb: cb:68:cd:0c:1a:dc:2c:21:49:9f:4c:6a:76:1e:22: 37:e8:9a:6e:1b:e8:d9:74:b1:58:63:c6:bf:30:8b: 2c:1a:c0:95:19:41:0d:a1:b5:02:70:35:8a:70:80: a2:24:fb:f6:9e:31:0e:62:6e:ae:b7:98:1d:3f:01: c1:b8:35:a5:9a:69:9b:76:b5:b1:71:09:79:25:48: ca:fe:e5:b2:28:86:c0:bd:5d:c2:c8:26:72:2e:74: c3:60:60:b2:92:2c:01:7c:66:7c:48:48:b5:32:7d: 09:4f:56:25:1f:80:80:b0:cc:20:fa:32:30:96:9c: 9d:01:74:66:f1:ec:a5:c4:13:30:6e:da:c7:96:ce: d2:bb:bb:6c:af:31:60:8c:62:33:80:11:59:51:d6: a5:db:1e:73:82:2b:76:a3:b0:86:fb:03:19:80:df: e0:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:3C:D7:F7:78:6A:97:91:71:61:CE:EB:72:25:D9:E9:91:4D:3C:E7 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/48 Signature Algorithm: sha256WithRSAEncryption 7e:62:1d:bc:cb:00:59:18:8d:93:a9:32:ad:05:e7:c8:80:aa: 8c:75:8f:d5:ef:23:8e:a5:c2:32:e7:5a:90:80:de:e3:de:20: ec:7e:c8:33:e6:a6:1f:e5:69:7c:36:36:dc:c1:61:8a:ec:4f: b7:8a:28:4b:65:f0:d4:1a:92:65:74:52:d9:74:30:c8:db:8c: b4:85:0f:db:6f:d3:80:67:b5:57:60:ba:85:64:9b:34:43:0b: 91:b1:6e:31:c4:a5:14:93:4e:32:27:f4:d6:9d:25:dc:e7:da: ce:2f:90:b9:2f:f7:c4:ac:9c:3d:70:fe:e0:17:52:e4:b1:a7: 51:59:af:bb:23:05:a0:7d:3c:09:23:6e:db:87:71:3a:df:94: 46:f9:a4:9c:50:1a:92:16:02:26:29:92:78:63:e9:91:d3:2b: d2:16:33:2c:05:bc:f2:fd:99:d9:81:be:76:2b:3b:34:3e:48: 28:af:ef:b3:51:a0:cc:dd:6b:b2:80:22:fe:95:cb:c4:5b:f4: 6a:34:13:1f:9a:a3:35:66:cf:e7:e2:9d:95:56:68:0b:46:f9: 66:bb:9a:e5:4f:14:0b:9a:9f:3e:db:ab:5a:01:24:32:5e:98: c3:25:b2:39:4c:d9:5a:ef:c9:02:f1:f7:14:43:f5:d0:d5:56: fb:33:ca:cd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJcpDr14jgiEl7VuQW3VyJRCUd4MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYxNDAwMDAwMloX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAMGViMDA5OTQ0Y2QwNGExOTQ3Njk0 ZDc1NmQ1NTNlNmE5YTViYzE3NjVlYjc1YTIwMTllOWJhMmQ0ZDEwNzRjNzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPpv+bdYvunZhrK9yxa9inlP/99c S63TyIm9HcYVuEJiRshiimNEbPytMolgGGM1Cvelt6Tk3rQojHncP6f1+7T/QmVy PI+ZEKO5KTRxLX2ba/jV2LBxvuvLaM0MGtwsIUmfTGp2HiI36JpuG+jZdLFYY8a/ MIssGsCVGUENobUCcDWKcICiJPv2njEOYm6ut5gdPwHBuDWlmmmbdrWxcQl5JUjK /uWyKIbAvV3CyCZyLnTDYGCykiwBfGZ8SEi1Mn0JT1YlH4CAsMwg+jIwlpydAXRm 8eylxBMwbtrHls7Su7tsrzFgjGIzgBFZUdal2x5zgit2o7CG+wMZgN/gDQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGg81/d4apeRcWHO63Il2emRTTznMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzM2ODRlNTBjLWM1MGYtNGViYi1iMzI3LWUwNzU5MjQxMTk3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQB+Yh28ywBZGI2TqTKt BefIgKqMdY/V7yOOpcIy51qQgN7j3iDsfsgz5qYf5Wl8NjbcwWGK7E+3iihLZfDU GpJldFLZdDDI24y0hQ/bb9OAZ7VXYLqFZJs0QwuRsW4xxKUUk04yJ/TWnSXc59rO L5C5L/fErJw9cP7gF1LksadRWa+7IwWgfTwJI27bh3E635RG+aScUBqSFgImKZJ4 Y+mR0yvSFjMsBbzy/ZnZgb52Kzs0Pkgor++zUaDM3WuygCL+lcvEW/RqNBMfmqM1 Zs/n4p2VVmgLRvlmu5rlTxQLmp8+26taASQyXpjDJbI5TNla78kC8fcUQ/XQ1Vb7 M8rN -----END CERTIFICATE-----Generated at Sat Jun 14 06:34:20 2025 by rpki-client