$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa File: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (raw, json) Hash identifier: lt421rqinW4t2tzNSI/diNg120uGP5DeTElYLmy4iaM= Subject key identifier: B1:89:EF:C1:87:DA:5E:13:09:D1:F6:42:52:69:32:BB:E6:68:C5:E6 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4506BFBC0FA2AC66E26A365343186BDD1DA71EEA Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa Signing time: Tue 15 Jul 2025 00:00:04 +0000 ROA not before: Tue 15 Jul 2025 00:00:04 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 15:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:06:bf:bc:0f:a2:ac:66:e2:6a:36:53:43:18:6b:dd:1d:a7:1e:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jul 15 00:00:04 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=4e90c54dafe150e46d983907afa31eca73f687e59d336b069ab0f7de850f3a9e, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:21:4e:98:9f:b2:f7:01:66:69:f9:ef:be:b7: 91:b7:74:12:cd:7d:5f:91:f5:33:d2:96:59:4d:ed: 58:13:1e:03:de:2c:e5:5e:17:33:ec:ec:6c:de:c7: 7b:23:59:29:db:29:39:ba:46:51:c4:18:c4:1f:48: 0c:34:fb:19:45:5f:9f:fb:46:12:14:ca:1f:b1:b5: 61:54:6f:55:7f:7e:39:df:ed:4b:f3:3e:c5:26:61: 4b:a5:33:7e:83:f4:23:c3:ce:14:55:5c:7b:38:79: a9:50:e8:7e:3a:a3:ba:af:2e:7e:69:d3:78:4e:65: 3b:27:fc:58:11:5a:62:3e:89:7b:c5:ae:53:6e:ec: 65:a3:9c:cc:31:1e:56:8a:9c:18:8b:2a:fc:63:11: 9e:c9:4f:91:5d:ce:19:fa:18:d0:be:5d:22:fd:2d: a5:35:26:ac:0e:b4:4c:6f:a7:60:b4:54:41:1e:c5: 0f:d3:b9:48:2c:99:36:23:4d:17:6b:e2:e3:12:23: c2:aa:69:bd:28:47:61:49:65:28:c5:12:05:2d:b6: 90:6c:cf:e1:67:ff:56:34:84:5c:cf:66:07:2f:5c: 8a:fb:5c:78:f0:eb:34:c4:a8:d0:b0:0a:37:e7:91: b2:fd:16:80:d6:92:49:a9:01:6f:0a:77:33:77:8c: 27:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:89:EF:C1:87:DA:5E:13:09:D1:F6:42:52:69:32:BB:E6:68:C5:E6 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:ff00::/48 Signature Algorithm: sha256WithRSAEncryption f9:f9:d2:ed:68:5e:75:98:c0:d8:88:47:f6:c6:9f:c3:d6:cf: 00:03:60:15:c6:24:74:6b:ca:28:fe:09:e8:5b:5c:e7:ef:ef: db:92:c9:a9:7b:19:fa:be:d9:9c:9a:1e:2c:e2:0d:aa:d6:11: 3e:67:07:ea:36:29:fa:87:1c:fb:de:29:ff:9f:8f:b8:b9:13: 89:29:e5:67:83:78:52:fd:ba:3a:89:b5:cb:94:b9:63:85:c8: 4f:21:74:b3:5d:6e:0b:11:0f:6e:d5:99:b2:35:84:4c:83:ab: 46:3d:3c:76:fd:f9:22:b4:fb:23:ce:eb:4a:3b:80:1f:3b:04: 68:78:cc:87:a1:59:1d:88:7c:5a:45:66:7a:c3:db:0c:75:c8: f7:5a:a5:04:50:95:fc:6c:a9:be:ba:18:15:5b:de:fb:69:b4: c2:7a:3b:f0:38:df:99:49:4c:27:30:7f:39:8f:8c:d0:9e:6a: 9c:c0:c7:92:f1:6a:ec:06:1f:7b:62:47:c0:02:31:d5:04:00: 03:0b:09:8b:68:eb:bb:a4:a3:11:0e:bf:ef:2a:84:7a:8a:79: 7f:dc:10:da:e2:49:ae:39:47:b3:c5:02:67:fd:71:8e:72:c0: 69:84:4c:3a:b9:c3:8b:9d:f9:1b:5e:99:44:41:b6:ef:62:db: dd:36:72:ca -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURQa/vA+irGbiajZTQxhr3R2nHuowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDcxNTAwMDAwNFoX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNANGU5MGM1NGRhZmUxNTBlNDZkOTgz OTA3YWZhMzFlY2E3M2Y2ODdlNTlkMzM2YjA2OWFiMGY3ZGU4NTBmM2E5ZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iFOmJ+y9wFmafnvvreRt3QSzX1f kfUz0pZZTe1YEx4D3izlXhcz7Oxs3sd7I1kp2yk5ukZRxBjEH0gMNPsZRV+f+0YS FMofsbVhVG9Vf3453+1L8z7FJmFLpTN+g/Qjw84UVVx7OHmpUOh+OqO6ry5+adN4 TmU7J/xYEVpiPol7xa5Tbuxlo5zMMR5WipwYiyr8YxGeyU+RXc4Z+hjQvl0i/S2l NSasDrRMb6dgtFRBHsUP07lILJk2I00Xa+LjEiPCqmm9KEdhSWUoxRIFLbaQbM/h Z/9WNIRcz2YHL1yK+1x48Os0xKjQsAo355Gy/RaA1pJJqQFvCnczd4wn0wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLGJ78GH2l4TCdH2QlJpMrvmaMXmMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2ZjZDZhZGFiLTA2ZjAtNDY3Ni05NTY4LTZkNGQ0OGY3NjU4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQD5+dLtaF51mMDYiEf2 xp/D1s8AA2AVxiR0a8oo/gnoW1zn7+/bksmpexn6vtmcmh4s4g2q1hE+ZwfqNin6 hxz73in/n4+4uROJKeVng3hS/bo6ibXLlLljhchPIXSzXW4LEQ9u1ZmyNYRMg6tG PTx2/fkitPsjzutKO4AfOwRoeMyHoVkdiHxaRWZ6w9sMdcj3WqUEUJX8bKm+uhgV W977abTCejvwON+ZSUwnMH85j4zQnmqcwMeS8WrsBh97YkfAAjHVBAADCwmLaOu7 pKMRDr/vKoR6inl/3BDa4kmuOUezxQJn/XGOcsBphEw6ucOLnfkbXplEQbbvYtvd NnLK -----END CERTIFICATE-----Generated at Wed Aug 6 04:09:04 2025 by rpki-client