$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa File: 8c170584-7c9b-414b-8cba-a934a0a79bbe.roa (raw, json) Hash identifier: MpHMr+yOCUzQRFUKkTgd81TD/8QRLDFKm2v/LK5PTCg= Subject key identifier: B3:B2:17:38:2B:45:63:2B:4B:65:85:89:7F:8C:AE:19:8D:0E:E1:12 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 23C66C0F2DB3A4FAFB133A7D639C4BC5C85CF036 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa Signing time: Wed 09 Jul 2025 00:00:06 +0000 ROA not before: Wed 09 Jul 2025 00:00:06 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:c6:6c:0f:2d:b3:a4:fa:fb:13:3a:7d:63:9c:4b:c5:c8:5c:f0:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jul 9 00:00:06 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=63b7d35e1f35e245dbe22bd88783d142ad7f48e662828282a45a5d56120d40ba, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:a3:7f:bc:e7:e8:91:88:da:b2:1b:60:79:e8: 0b:49:0a:e7:c3:8f:da:d1:75:5e:8a:7f:29:f0:5d: dd:c5:91:8b:16:b2:f2:85:3a:48:98:e0:f7:ce:db: e1:5b:b0:8b:74:1d:b5:91:fa:4a:84:c3:14:54:6a: 89:9d:51:e3:d4:76:0c:94:ce:1a:89:31:87:9a:67: 6a:4a:bd:79:0a:11:48:83:bb:0b:67:13:66:63:20: 64:e2:6b:4e:b3:5e:d6:9e:4e:12:48:74:04:28:9d: 2c:34:d6:d4:be:bf:e4:30:4d:7c:c8:02:d7:77:42: 9a:27:51:ed:51:ee:54:39:1e:de:bd:a0:52:80:55: 00:ef:c8:90:ff:80:ff:bd:64:f0:18:b8:e8:7b:9f: 1a:3f:cb:43:59:40:a9:b8:c7:4f:db:d3:8e:91:90: 91:52:31:db:37:04:61:ee:8d:ef:d2:31:e0:a5:99: e5:0f:c1:2b:1c:17:11:ba:05:75:05:3f:93:12:b6: 1b:00:8a:70:f0:bb:5b:0f:0c:d3:7e:f9:e1:c0:9f: cf:ee:c0:a6:38:0b:a7:0a:1b:08:6b:2b:0a:8e:bd: 49:ef:f7:a8:74:85:f9:c7:73:a1:99:e7:ee:59:2c: 91:01:0d:c9:67:8f:cc:b8:11:34:91:f0:1b:34:19: 89:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:B2:17:38:2B:45:63:2B:4B:65:85:89:7F:8C:AE:19:8D:0E:E1:12 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:4000::/48 Signature Algorithm: sha256WithRSAEncryption 37:7a:8a:e6:04:4d:ea:af:4e:f9:6d:0c:76:6b:b2:86:6b:b1: 75:ba:ab:85:50:5d:a5:05:c0:de:39:77:cf:14:f1:ae:6f:9a: 2c:6b:3b:ae:30:14:2a:6e:ca:ee:84:a7:e8:72:55:e1:b0:50: 34:9d:ba:33:2e:00:fa:19:6f:3f:1e:78:65:9a:f9:d3:56:14: 1b:32:ed:44:5a:bc:82:e2:fc:b8:1a:63:38:d8:aa:cb:13:19: a4:4c:5e:53:5f:53:80:6c:a2:e3:e1:b7:67:d7:7c:71:7a:86: 01:8e:a2:9a:e7:69:45:97:27:d7:10:72:51:20:a7:bf:e9:0d: 63:fd:e0:e6:50:25:20:2a:b5:69:48:95:15:47:14:07:6c:8f: 41:87:db:3e:cd:68:97:78:cc:0f:9d:58:7a:fb:de:01:46:e2: 13:88:ff:02:a1:91:77:bd:01:4d:0e:32:51:7f:7f:cf:56:70: e1:34:ac:ce:6a:0e:c4:96:28:77:37:3f:0d:19:3d:5c:d2:d1: 36:17:53:f0:16:cf:2f:0a:0c:b9:c8:b6:7d:63:02:d2:77:2a: af:6f:63:8d:64:36:df:32:83:bd:3b:47:fe:57:5c:92:15:b1: 0d:e5:64:b1:7f:d8:dd:7e:83:75:72:a8:ad:de:b4:9c:6c:d1: fc:96:28:4c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUI8ZsDy2zpPr7Ezp9Y5xLxchc8DYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDcwOTAwMDAwNloX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANjNiN2QzNWUxZjM1ZTI0NWRiZTIy YmQ4ODc4M2QxNDJhZDdmNDhlNjYyODI4MjgyYTQ1YTVkNTYxMjBkNDBiYTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKN/vOfokYjashtgeegLSQrnw4/a 0XVein8p8F3dxZGLFrLyhTpImOD3ztvhW7CLdB21kfpKhMMUVGqJnVHj1HYMlM4a iTGHmmdqSr15ChFIg7sLZxNmYyBk4mtOs17Wnk4SSHQEKJ0sNNbUvr/kME18yALX d0KaJ1HtUe5UOR7evaBSgFUA78iQ/4D/vWTwGLjoe58aP8tDWUCpuMdP29OOkZCR UjHbNwRh7o3v0jHgpZnlD8ErHBcRugV1BT+TErYbAIpw8LtbDwzTfvnhwJ/P7sCm OAunChsIaysKjr1J7/eodIX5x3OhmefuWSyRAQ3JZ4/MuBE0kfAbNBmJ+QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLOyFzgrRWMrS2WFiX+MrhmNDuESMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzhjMTcwNTg0LTdjOWItNDE0Yi04Y2JhLWE5MzRhMGE3OWJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAEAAMA0GCSqGSIb3DQEBCwUAA4IBAQA3eormBE3qr075bQx2 a7KGa7F1uquFUF2lBcDeOXfPFPGub5osazuuMBQqbsruhKfoclXhsFA0nbozLgD6 GW8/HnhlmvnTVhQbMu1EWryC4vy4GmM42KrLExmkTF5TX1OAbKLj4bdn13xxeoYB jqKa52lFlyfXEHJRIKe/6Q1j/eDmUCUgKrVpSJUVRxQHbI9Bh9s+zWiXeMwPnVh6 +94BRuITiP8CoZF3vQFNDjJRf3/PVnDhNKzOag7Elih3Nz8NGT1c0tE2F1PwFs8v Cgy5yLZ9YwLSdyqvb2ONZDbfMoO9O0f+V1ySFbEN5WSxf9jdfoN1cqit3rScbNH8 lihM -----END CERTIFICATE-----Generated at Mon Aug 4 16:08:08 2025 by rpki-client