$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: BfhQ5TfBlWMRzxrXseNxhYgROPwC4eDy5cgt1Lgc9to= Subject key identifier: D5:58:F6:10:C3:3A:ED:C9:6F:2D:A7:06:CB:CD:87:A0:DF:05:42:41 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 72E21BD3435F0095CF28DE1483F160AB35B5E66F Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Tue 15 Jul 2025 00:00:05 +0000 ROA not before: Tue 15 Jul 2025 00:00:05 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:e2:1b:d3:43:5f:00:95:cf:28:de:14:83:f1:60:ab:35:b5:e6:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jul 15 00:00:05 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=2d76364402c6be6be166172daa3c86632963d2ae41ed0dfcd4b496fbe308205c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ef:ee:3e:49:5e:d4:fb:28:7e:50:aa:ec:b7: 03:75:ef:72:fe:a8:04:19:90:f7:b2:4a:75:47:c6: 8e:87:ef:62:2f:a6:9c:34:11:6c:b6:4c:02:f6:8a: 09:74:67:95:ab:b4:7c:cc:60:27:00:ff:1f:61:52: 4e:6a:e3:88:03:1b:8f:7c:4e:3b:22:ad:93:c3:9b: d5:44:48:32:29:e8:c5:7b:e8:f0:84:60:14:32:f0: c4:c7:2b:cc:af:9c:d1:e9:19:87:ec:62:6a:53:0a: e6:e1:bd:f9:f1:da:7d:a1:b3:b3:26:25:60:68:56: 5d:26:9b:5f:44:8a:01:0c:dd:d8:1a:9c:1d:a3:8a: 67:60:8b:e9:fb:7b:96:b5:e8:15:ed:5d:55:5a:1e: 24:15:12:c7:c5:22:7d:67:c3:fe:ba:5b:b8:5d:48: ad:86:a6:64:33:ee:c5:cb:0e:03:5e:aa:29:81:f8: 3e:9d:06:4b:94:7e:66:84:0e:e9:ae:54:d0:5e:0c: 85:cf:4b:ee:4f:68:ec:dc:72:8a:77:37:d7:10:9a: b9:69:60:56:b7:a9:2f:0b:71:65:5e:29:60:e4:d2: 5d:88:6f:66:c4:cb:16:e3:fa:d0:e6:f4:fe:ab:b5: 59:86:0a:13:4e:a6:fa:2f:1f:d8:a8:39:e4:a8:3f: 53:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:58:F6:10:C3:3A:ED:C9:6F:2D:A7:06:CB:CD:87:A0:DF:05:42:41 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption d4:e5:6a:e3:6b:de:25:d4:1d:6b:85:5a:f0:a9:1f:86:ae:c3: 6d:73:76:59:81:0e:f4:d4:f5:7b:54:70:92:26:fa:35:af:23: 73:1c:26:84:c9:4e:f2:3a:fe:a6:43:ad:91:e6:f3:31:88:06: 42:53:d2:ea:36:1a:43:80:dc:32:af:6e:ef:ef:3d:a3:2b:3f: c3:36:5b:7f:49:de:c1:78:48:92:c8:76:1c:2b:47:cd:ac:2f: eb:52:73:64:bd:77:f1:c9:6e:af:b0:d4:c4:be:5e:f2:99:2d: c2:bc:cc:16:ee:58:96:df:66:cc:7c:3e:d1:fb:76:49:77:6c: fb:ea:1e:57:0f:4d:71:6a:56:dc:12:a4:04:9c:e2:68:50:93: 13:d3:36:d2:6c:2e:f9:ef:ec:a6:b0:72:cd:e0:23:d8:63:48: 50:d2:5e:64:b5:7c:99:dc:3b:c2:d5:38:b1:c5:25:d5:e4:76: a2:54:27:2e:17:b2:7a:36:2a:fc:70:17:98:c9:b3:bf:b4:b8: c7:b6:85:8d:e3:d1:98:7e:0e:fb:c2:df:c9:4b:51:05:9e:86: ea:bb:72:58:b5:09:a0:8d:c0:7e:c0:6a:a8:48:c2:b3:42:fc: d3:0e:a7:5e:ce:98:28:42:5b:d2:d2:a1:b9:4e:ac:6a:b2:a8: 34:54:f8:0f -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUcuIb00NfAJXPKN4Ug/FgqzW15m8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDcxNTAwMDAwNVoX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAMmQ3NjM2NDQwMmM2YmU2YmUxNjYx NzJkYWEzYzg2NjMyOTYzZDJhZTQxZWQwZGZjZDRiNDk2ZmJlMzA4MjA1YzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxO/uPkle1PsoflCq7LcDde9y/qgE GZD3skp1R8aOh+9iL6acNBFstkwC9ooJdGeVq7R8zGAnAP8fYVJOauOIAxuPfE47 Iq2Tw5vVREgyKejFe+jwhGAUMvDExyvMr5zR6RmH7GJqUwrm4b358dp9obOzJiVg aFZdJptfRIoBDN3YGpwdo4pnYIvp+3uWtegV7V1VWh4kFRLHxSJ9Z8P+ulu4XUit hqZkM+7Fyw4DXqopgfg+nQZLlH5mhA7prlTQXgyFz0vuT2js3HKKdzfXEJq5aWBW t6kvC3FlXilg5NJdiG9mxMsW4/rQ5vT+q7VZhgoTTqb6Lx/YqDnkqD9ToQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNVY9hDDOu3Jby2nBsvNh6DfBUJBMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEA1OVq42veJdQda4Va8Kkf hq7DbXN2WYEO9NT1e1Rwkib6Na8jcxwmhMlO8jr+pkOtkebzMYgGQlPS6jYaQ4Dc Mq9u7+89oys/wzZbf0newXhIksh2HCtHzawv61JzZL138clur7DUxL5e8pktwrzM Fu5Ylt9mzHw+0ft2SXds++oeVw9NcWpW3BKkBJziaFCTE9M20mwu+e/sprByzeAj 2GNIUNJeZLV8mdw7wtU4scUl1eR2olQnLheyejYq/HAXmMmzv7S4x7aFjePRmH4O +8LfyUtRBZ6G6rtyWLUJoI3AfsBqqEjCs0L80w6nXs6YKEJb0tKhuU6sarKoNFT4 Dw== -----END CERTIFICATE-----Generated at Mon Aug 4 14:54:30 2025 by rpki-client