$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa File: 7b26d410-17d7-4310-bb58-41c465f8eef2.roa (raw, json) Hash identifier: RsrgL5xltAMCcLRgxoKOpDHT/+q3NWNks8K62UOnLc8= Subject key identifier: B7:E9:C8:5A:2A:CC:65:0F:BF:F8:1C:68:AC:5A:1E:D2:B7:1D:AB:EF Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 49B0110945174D2AE0EA4C28B0C7DCF3374F7556 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa Signing time: Sat 29 Mar 2025 00:00:09 +0000 ROA not before: Sat 29 Mar 2025 00:00:09 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.148.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:b0:11:09:45:17:4d:2a:e0:ea:4c:28:b0:c7:dc:f3:37:4f:75:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001 Validity Not Before: Mar 29 00:00:09 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:89:12:ef:89:d6:70:c9:93:e7:42:6d:ef:ef: fe:aa:13:ef:34:57:24:67:32:71:73:08:20:18:17: 53:87:4d:8e:18:0b:78:2d:9f:01:cf:d7:6f:2a:e9: 8e:c9:8f:56:5e:c4:6a:2b:43:ec:32:fa:bb:9f:6f: 37:a7:af:cd:7e:01:11:fa:77:ff:bf:5d:16:ea:eb: b8:2c:e0:10:42:84:66:08:a3:0e:8d:16:46:35:e0: fa:b8:0a:3f:88:50:5a:5d:70:68:b0:0b:d3:a4:3e: 9e:38:40:bb:96:05:de:94:b4:b4:43:dc:cd:84:2c: 6a:67:1c:eb:5e:f1:a7:54:90:5c:ef:fa:c0:36:55: 7f:56:5b:77:45:51:74:c0:b7:24:b7:fd:84:bf:6f: d9:0c:dd:51:ff:20:20:30:e8:50:a0:7e:dd:ec:3f: 57:39:92:16:a5:c6:b8:43:d7:f5:5b:a4:c6:53:74: f0:72:91:35:f3:3c:b0:17:ed:26:d6:75:d3:4d:e8: cd:35:ea:db:0a:2c:45:46:e7:20:e6:21:35:e8:17: b8:60:9b:19:30:7b:19:c5:f0:2a:4c:df:2d:f6:33: 9f:5c:fd:96:c2:1a:1d:ae:ca:90:97:56:a1:5e:b7: 2c:be:c5:21:5d:ef:d9:e9:c1:78:23:94:b2:11:0d: 42:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:E9:C8:5A:2A:CC:65:0F:BF:F8:1C:68:AC:5A:1E:D2:B7:1D:AB:EF X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.148.0/23 Signature Algorithm: sha256WithRSAEncryption 67:36:3a:22:4a:f3:1f:f1:03:33:32:b0:81:73:48:a1:d7:f8: b2:f0:4f:89:d3:c9:ed:3c:fc:59:2b:41:8e:0a:43:92:1c:9e: 68:88:50:f6:09:a3:e6:75:be:a3:37:a9:a2:f4:fa:dd:3f:0e: f9:65:ae:5f:48:64:e8:04:f0:40:31:68:d6:2f:26:36:2b:55: 6d:42:47:83:c2:c2:74:4d:dc:e9:39:eb:8e:62:9d:32:f5:66: b5:14:75:3b:46:b2:aa:a0:b5:75:a6:82:2a:8d:a5:ee:df:f9: 89:58:f9:fc:33:ec:b4:9b:12:d9:df:1b:cc:67:6c:4e:d5:2c: be:da:b1:e1:b4:e4:00:82:81:40:5e:be:05:1f:c4:57:a3:82: ef:95:2c:49:42:37:40:45:1d:00:c1:a5:4f:3b:16:f2:60:6e: 6f:c0:a3:a3:03:d1:e0:d5:43:0b:ee:c2:e7:c3:cf:7c:7e:b6: 03:b7:9a:96:7c:b1:a3:bd:00:82:a8:cf:17:e0:af:ce:ad:59: 73:09:13:14:2f:c6:b5:80:40:b2:8b:04:fb:f2:91:1f:cb:1e: 63:3e:8d:15:88:84:91:76:4b:ca:74:49:4c:53:60:3f:7b:52: c7:33:71:58:d8:9b:0a:05:56:f9:5e:04:49:4b:08:f3:fd:bb: d9:39:f0:56 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSbARCUUXTSrg6kwosMfc8zdPdVYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyOTAwMDAwOVoX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAZDdmMjlkZGI5MzQ2NTc0N2I4OWE1 MDFlMmI2OWYyNDM4MGViMzU2YTViOTlkYTM3MjVhZTA2MjcxMzVlNWUxNTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4kS74nWcMmT50Jt7+/+qhPvNFck ZzJxcwggGBdTh02OGAt4LZ8Bz9dvKumOyY9WXsRqK0PsMvq7n283p6/NfgER+nf/ v10W6uu4LOAQQoRmCKMOjRZGNeD6uAo/iFBaXXBosAvTpD6eOEC7lgXelLS0Q9zN hCxqZxzrXvGnVJBc7/rANlV/Vlt3RVF0wLckt/2Ev2/ZDN1R/yAgMOhQoH7d7D9X OZIWpca4Q9f1W6TGU3TwcpE18zywF+0m1nXTTejNNerbCixFRucg5iE16Be4YJsZ MHsZxfAqTN8t9jOfXP2WwhodrsqQl1ahXrcsvsUhXe/Z6cF4I5SyEQ1CFQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLfpyFoqzGUPv/gcaKxaHtK3HavvMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzdiMjZkNDEwLTE3ZDctNDMxMC1iYjU4LTQxYzQ2NWY4ZWVmMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrymUMA0GCSqGSIb3DQEBCwUAA4IBAQBnNjoiSvMf8QMzMrCBc0ih 1/iy8E+J08ntPPxZK0GOCkOSHJ5oiFD2CaPmdb6jN6mi9PrdPw75Za5fSGToBPBA MWjWLyY2K1VtQkeDwsJ0TdzpOeuOYp0y9Wa1FHU7RrKqoLV1poIqjaXu3/mJWPn8 M+y0mxLZ3xvMZ2xO1Sy+2rHhtOQAgoFAXr4FH8RXo4LvlSxJQjdARR0AwaVPOxby YG5vwKOjA9Hg1UML7sLnw898frYDt5qWfLGjvQCCqM8X4K/OrVlzCRMUL8a1gECy iwT78pEfyx5jPo0ViISRdkvKdElMU2A/e1LHM3FY2JsKBVb5XgRJSwjz/bvZOfBW -----END CERTIFICATE-----Generated at Sat Apr 5 11:10:09 2025 by rpki-client