$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa File: 197500e2-3802-44b2-a561-ca3dad01e209.roa (raw, json) Hash identifier: Y8oQnOQ1I43jo4Kk9/RYVXtO3Kh6LYfq8C/szkyd+Hc= Subject key identifier: 39:8E:C4:DA:EB:61:48:17:73:C6:1B:88:85:97:8F:8C:A9:34:B6:7A Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 059CB61D973068B22D2DB0FFF53A906FC0A186AF Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa Signing time: Sat 29 Mar 2025 00:00:07 +0000 ROA not before: Sat 29 Mar 2025 00:00:07 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:9c:b6:1d:97:30:68:b2:2d:2d:b0:ff:f5:3a:90:6f:c0:a1:86:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001 Validity Not Before: Mar 29 00:00:07 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e9:11:a3:a6:45:47:69:11:3f:b0:46:c5:e5: 24:e4:56:9b:12:70:b0:91:64:3b:da:22:e7:b2:2c: a4:e4:6a:28:e3:f2:cb:a7:26:0c:c8:cb:5e:ce:da: 30:6b:13:ce:c2:81:85:31:ba:16:e2:a7:2e:bd:28: b0:17:c9:b6:9a:37:54:7d:3b:1f:94:8e:09:cc:6a: 8e:e8:ce:70:5b:b2:7c:b3:6a:b9:fd:b6:20:7a:51: 17:4c:3a:24:9d:35:ed:27:a6:3d:46:ff:8b:d6:71: c3:a0:a2:13:b1:60:30:52:a4:fa:3a:dc:5e:d9:59: e8:5f:45:44:b9:9b:22:7d:1e:05:fa:cf:bc:27:c9: 44:fb:4a:80:fd:27:66:35:84:d1:f1:d7:bd:1a:1b: 66:e1:1d:56:94:8b:bd:db:f5:33:e5:dd:41:4b:67: 7d:02:6a:dd:32:d4:ab:eb:b7:50:eb:9b:f5:29:52: ee:72:1f:00:40:d5:5b:de:d7:5d:35:21:f0:43:fd: f6:44:a4:ac:dd:6e:88:27:d2:c7:77:f8:0d:ec:94: 62:80:3c:a4:fe:09:37:c8:42:8e:a5:92:f7:50:23: 93:d8:67:17:8c:6c:75:4a:9d:e6:68:96:1c:0a:38: d4:e1:6b:ee:de:24:f7:1b:33:3b:f7:cb:56:80:68: 67:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:8E:C4:DA:EB:61:48:17:73:C6:1B:88:85:97:8F:8C:A9:34:B6:7A X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.128.0/24 Signature Algorithm: sha256WithRSAEncryption ea:22:77:64:c0:01:73:2d:16:45:f2:ba:fc:8a:57:e4:3e:01: 83:95:42:a5:90:3c:8b:91:b3:26:67:5d:69:b8:2e:78:57:3b: 97:2c:a7:67:49:8a:b0:e8:82:b9:86:81:b3:88:9c:f5:ac:06: 4f:d6:f3:b7:32:9c:cd:5c:d0:96:63:72:f5:44:fd:fa:18:a4: e5:c4:b9:af:ae:2d:70:9f:12:51:ea:f8:3d:3f:69:57:31:7a: be:fe:9e:46:64:fe:4b:4e:1c:b0:c6:22:c5:0c:14:b1:b3:bc: 1c:78:84:92:96:c6:ca:51:ad:ab:9b:b6:3a:11:70:54:92:9d: 6e:65:17:12:8d:e3:67:dd:4b:38:e2:bd:ad:27:0c:9e:98:79: a8:80:fe:f1:38:3a:86:3e:65:82:ee:4e:a8:e0:14:09:3a:5d: 14:87:08:9e:5c:62:5e:19:2a:9b:71:a9:0e:28:c6:a4:9c:4f: a9:be:db:7c:07:db:11:a5:63:4d:e8:ed:82:be:1d:72:ce:71: f5:54:35:a0:51:94:3a:19:8e:ee:8c:00:e3:29:58:7e:5b:1f: fe:ff:54:1e:08:c6:73:08:9d:e8:d8:8a:cd:b9:14:1c:a1:49: 07:23:d6:8a:49:67:4d:6d:7c:34:25:71:96:cc:f3:e1:95:2d: db:51:38:a5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBZy2HZcwaLItLbD/9TqQb8Chhq8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyOTAwMDAwN1oX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAM2Q4NjRlNmQyZTEwMmE5YzI5NjNj YzdhYzE1ODJjZmVlMzQyMGIxOWUwZmEwYzAwMDliMWI5NjlkMmRmYWViNjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOkRo6ZFR2kRP7BGxeUk5FabEnCw kWQ72iLnsiyk5Goo4/LLpyYMyMteztowaxPOwoGFMboW4qcuvSiwF8m2mjdUfTsf lI4JzGqO6M5wW7J8s2q5/bYgelEXTDoknTXtJ6Y9Rv+L1nHDoKITsWAwUqT6Otxe 2VnoX0VEuZsifR4F+s+8J8lE+0qA/SdmNYTR8de9Ghtm4R1WlIu92/Uz5d1BS2d9 AmrdMtSr67dQ65v1KVLuch8AQNVb3tddNSHwQ/32RKSs3W6IJ9LHd/gN7JRigDyk /gk3yEKOpZL3UCOT2GcXjGx1Sp3maJYcCjjU4Wvu3iT3GzM798tWgGhnUwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDmOxNrrYUgXc8YbiIWXj4ypNLZ6MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzE5NzUwMGUyLTM4MDItNDRiMi1hNTYxLWNhM2RhZDAxZTIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArymAMA0GCSqGSIb3DQEBCwUAA4IBAQDqIndkwAFzLRZF8rr8ilfk PgGDlUKlkDyLkbMmZ11puC54VzuXLKdnSYqw6IK5hoGziJz1rAZP1vO3MpzNXNCW Y3L1RP36GKTlxLmvri1wnxJR6vg9P2lXMXq+/p5GZP5LThywxiLFDBSxs7wceISS lsbKUa2rm7Y6EXBUkp1uZRcSjeNn3Us44r2tJwyemHmogP7xODqGPmWC7k6o4BQJ Ol0UhwieXGJeGSqbcakOKMaknE+pvtt8B9sRpWNN6O2Cvh1yznH1VDWgUZQ6GY7u jADjKVh+Wx/+/1QeCMZzCJ3o2IrNuRQcoUkHI9aKSWdNbXw0JXGWzPPhlS3bUTil -----END CERTIFICATE-----Generated at Sat Apr 5 11:20:26 2025 by rpki-client