$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: 4cv3WxV7KgA0orOqwK35cRknLcmTA9ThJV8+7BxLlbg= Subject key identifier: D7:F6:C8:B3:7F:F6:1D:FE:B6:0E:36:24:2A:6B:2D:05:58:95:D5:80 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 0DD21BC64E52EA08884AE6EAE99DC607BB96FEB6 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Tue 15 Jul 2025 00:00:25 +0000 ROA not before: Tue 15 Jul 2025 00:00:25 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:d2:1b:c6:4e:52:ea:08:88:4a:e6:ea:e9:9d:c6:07:bb:96:fe:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 15 00:00:25 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=050651b758f32aa110543aaa846b1e4eab4f2e8af05f3e56e62369edd1be1199, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:0d:02:d3:8e:33:7a:79:63:1d:0d:4f:48:51: be:2b:a6:24:30:eb:d2:f8:69:85:ce:7b:f6:e4:33: 01:a9:36:5d:b3:93:e6:16:de:18:6a:7d:e1:f1:a1: 0c:1f:7b:71:49:a5:b2:f2:8b:b6:1e:3c:b3:91:32: e8:e2:88:04:ce:0f:f4:b5:c3:33:66:2b:7a:2d:09: 94:25:61:7f:86:5b:53:da:64:83:73:61:ce:60:9c: c2:5c:77:b0:7f:59:5f:3f:9d:7a:aa:b0:55:ea:29: 00:b4:c8:87:d8:9a:b1:35:4d:4e:76:4d:16:db:48: 83:69:f9:07:80:72:f1:e3:3b:64:2c:ff:3e:61:f2: e6:58:8b:6b:ea:10:aa:55:31:22:d2:d5:d3:ac:41: c3:81:35:d1:25:a2:ef:d2:81:22:bc:70:be:33:71: 0e:9f:d1:7a:2e:70:6a:87:5d:35:16:a8:3c:29:37: 7f:20:86:3c:a1:70:1f:74:11:b4:ad:ec:03:4c:dc: 66:10:98:a0:d3:86:47:14:d7:79:a1:4a:e6:bc:02: 37:ab:08:94:a0:bc:54:1d:b3:70:9e:1e:74:0a:ae: 06:16:65:37:2f:78:fb:40:16:aa:9e:f4:cf:f2:1a: 81:dc:e6:76:95:d5:8e:3f:13:f9:3a:15:78:c5:00: 8d:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:F6:C8:B3:7F:F6:1D:FE:B6:0E:36:24:2A:6B:2D:05:58:95:D5:80 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 9a:53:af:be:30:51:ab:1c:34:84:e6:86:06:d7:22:5e:fe:03: 01:02:4b:1b:dc:01:97:50:fa:4d:5f:2b:1d:bc:bd:f9:63:56: 93:59:67:40:2c:c7:6b:dc:a8:1a:a8:d8:c1:dd:55:b0:4f:c1: 75:55:5c:5a:f9:42:9e:74:41:a1:22:bf:d2:e3:c1:6f:75:fa: cc:08:0a:2e:d5:9b:aa:15:0e:b9:05:ac:63:94:96:2f:32:3b: aa:bb:ce:ce:df:e0:c1:f5:ce:97:d9:31:85:eb:10:2e:44:12: 6d:93:4f:7e:f9:62:fa:f4:df:f0:96:74:a1:2a:05:46:95:70: 5b:28:d2:1d:40:f6:57:af:ac:98:80:1b:0d:51:da:a2:21:79: 38:17:77:c9:40:c8:ea:b5:7b:21:f1:f1:86:4f:80:ab:16:f7: b3:bc:17:68:de:d5:cb:d7:48:e3:1b:55:67:2e:6d:fb:4c:21: e9:af:ee:5d:6b:29:c3:59:ee:27:37:82:9d:4b:af:1a:1a:a4: 58:ba:d2:dd:d6:97:5f:d9:a9:ab:d3:64:2f:4d:95:47:aa:d4: ea:ce:b0:49:a3:98:30:cd:b7:d7:71:a6:c0:13:75:7d:fd:08: 84:75:58:6f:46:f3:c3:eb:05:58:7e:dd:6f:fa:b0:af:f2:c5: 48:68:f6:17 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDdIbxk5S6giISubq6Z3GB7uW/rYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcxNTAwMDAyNVoX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAMDUwNjUxYjc1OGYzMmFhMTEwNTQz YWFhODQ2YjFlNGVhYjRmMmU4YWYwNWYzZTU2ZTYyMzY5ZWRkMWJlMTE5OTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA0C044zenljHQ1PSFG+K6YkMOvS +GmFznv25DMBqTZds5PmFt4Yan3h8aEMH3txSaWy8ou2HjyzkTLo4ogEzg/0tcMz Zit6LQmUJWF/hltT2mSDc2HOYJzCXHewf1lfP516qrBV6ikAtMiH2JqxNU1Odk0W 20iDafkHgHLx4ztkLP8+YfLmWItr6hCqVTEi0tXTrEHDgTXRJaLv0oEivHC+M3EO n9F6LnBqh101Fqg8KTd/IIY8oXAfdBG0rewDTNxmEJig04ZHFNd5oUrmvAI3qwiU oLxUHbNwnh50Cq4GFmU3L3j7QBaqnvTP8hqB3OZ2ldWOPxP5OhV4xQCNsQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNf2yLN/9h3+tg42JCprLQVYldWAMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCaU6++MFGrHDSE5oYG 1yJe/gMBAksb3AGXUPpNXysdvL35Y1aTWWdALMdr3KgaqNjB3VWwT8F1VVxa+UKe dEGhIr/S48FvdfrMCAou1ZuqFQ65BaxjlJYvMjuqu87O3+DB9c6X2TGF6xAuRBJt k09++WL69N/wlnShKgVGlXBbKNIdQPZXr6yYgBsNUdqiIXk4F3fJQMjqtXsh8fGG T4CrFvezvBdo3tXL10jjG1VnLm37TCHpr+5daynDWe4nN4KdS68aGqRYutLd1pdf 2amr02QvTZVHqtTqzrBJo5gwzbfXcabAE3V9/QiEdVhvRvPD6wVYft1v+rCv8sVI aPYX -----END CERTIFICATE-----Generated at Mon Aug 4 22:28:17 2025 by rpki-client