$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa File: 8c170584-7c9b-414b-8cba-a934a0a79bbe.roa (raw, json) Hash identifier: TM8EDr6RdiNMS9DhiJ0NaSr6wqW0tI1u61NIg14iRw8= Subject key identifier: 16:4F:34:F0:3D:9A:79:CF:CC:41:BC:90:CC:3E:56:5B:D5:66:3F:28 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 18CDD79577014F5B77CAF234E6097959CD60841E Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa Signing time: Mon 31 Mar 2025 15:00:06 +0000 ROA not before: Mon 31 Mar 2025 15:00:06 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:cd:d7:95:77:01:4f:5b:77:ca:f2:34:e6:09:79:59:cd:60:84:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001 Validity Not Before: Mar 31 15:00:06 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:dc:c6:71:5b:c9:fe:84:a1:a8:7b:26:4b:c4: 37:8a:39:ef:44:f7:0c:c8:c2:15:a5:c4:8c:78:63: 29:0c:e5:60:1a:f0:41:73:00:9c:18:a1:2e:19:b5: b3:15:1b:7e:63:5e:2a:8e:94:b7:89:bf:7d:63:19: bb:71:da:81:4c:47:9d:8c:ad:15:43:66:72:a0:02: 3d:27:0f:2b:20:14:e2:ad:cf:9a:1d:16:b6:21:b8: f6:5f:bc:a5:20:d8:7d:66:3b:06:6d:39:06:07:80: 5a:fe:62:5d:22:5a:1d:28:1f:e4:72:3c:b7:88:b5: e2:b9:05:09:76:73:04:24:c9:5b:29:29:08:5a:a9: 9b:47:2c:35:a2:20:3e:d0:c3:96:0a:14:6e:73:21: 21:e9:b5:1a:67:7a:ee:2d:83:6c:fc:ce:bf:cc:59: 8e:06:78:da:86:7b:0c:e3:4d:92:72:4f:3f:ce:9d: 96:2b:be:4b:b3:81:f8:50:00:5a:ca:74:7c:a6:76: 56:82:34:98:5f:73:12:ec:e3:c9:d5:cd:90:bd:69: 5a:2a:d5:02:2e:09:37:88:56:fc:ea:3c:43:3c:7d: e6:02:e8:42:e1:00:d6:de:10:7e:0b:05:e8:3c:f7: ee:a2:10:b8:6c:14:ae:29:75:51:cc:66:77:70:7b: 9e:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:4F:34:F0:3D:9A:79:CF:CC:41:BC:90:CC:3E:56:5B:D5:66:3F:28 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:4000::/48 Signature Algorithm: sha256WithRSAEncryption a2:a4:05:71:00:fb:93:23:61:1b:32:d6:f2:1a:89:50:93:83: a6:51:ab:f3:04:ec:73:03:73:eb:b3:67:93:15:f1:bb:16:c1: de:93:27:26:12:0c:aa:8b:c2:b4:db:ef:db:e2:98:f2:8d:42: a9:8d:f0:91:e9:e0:88:82:ec:c7:25:b6:4e:bb:62:34:dd:aa: f4:43:5c:c9:c5:ac:9e:bc:b9:91:2d:2f:b4:76:2f:ff:52:de: 25:aa:58:27:a0:86:e4:49:28:80:c8:0f:56:dd:92:8b:f5:6a: b0:68:fc:3f:c4:ec:9d:28:8b:a7:93:11:61:d5:b0:c2:0c:02: 79:df:f2:ab:46:12:fc:5b:2c:f3:70:1b:c1:78:c5:0d:6d:87: 52:64:81:02:03:ce:93:d4:dd:7b:5c:fd:d2:3b:bf:33:8c:fa: ea:3f:49:98:bb:f0:58:5c:1f:b3:7f:79:42:57:15:ca:c8:0c: 6a:d8:c0:3c:c5:3b:5f:d6:93:ab:6e:9d:4d:2f:57:ae:0f:16: 16:98:fb:50:05:fa:5c:91:91:0e:04:b1:34:e1:ee:9e:cb:50: e0:5c:f9:92:af:2b:c8:98:63:11:f9:55:65:bc:ff:89:05:47: e9:3a:c3:ed:b8:9a:fc:46:b5:3c:19:d1:70:19:0e:f8:1c:72: b6:de:f2:e7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGM3XlXcBT1t3yvI05gl5Wc1ghB4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMzMTE1MDAwNloX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNANzY1OGM0MzhjM2JiZTJkZjEzMmE2 MWM1MjVmYmE4NmZkYTUwMmY1YWY1NTY3NGM0OWI3NWM0NWRlZDBlNmQxMTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidzGcVvJ/oShqHsmS8Q3ijnvRPcM yMIVpcSMeGMpDOVgGvBBcwCcGKEuGbWzFRt+Y14qjpS3ib99Yxm7cdqBTEedjK0V Q2ZyoAI9Jw8rIBTirc+aHRa2Ibj2X7ylINh9ZjsGbTkGB4Ba/mJdIlodKB/kcjy3 iLXiuQUJdnMEJMlbKSkIWqmbRyw1oiA+0MOWChRucyEh6bUaZ3ruLYNs/M6/zFmO BnjahnsM402Sck8/zp2WK75Ls4H4UABaynR8pnZWgjSYX3MS7OPJ1c2QvWlaKtUC Lgk3iFb86jxDPH3mAuhC4QDW3hB+CwXoPPfuohC4bBSuKXVRzGZ3cHueRQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBZPNPA9mnnPzEG8kMw+VlvVZj8oMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzhjMTcwNTg0LTdjOWItNDE0Yi04Y2JhLWE5MzRhMGE3OWJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAEAAMA0GCSqGSIb3DQEBCwUAA4IBAQCipAVxAPuTI2EbMtby GolQk4OmUavzBOxzA3Prs2eTFfG7FsHekycmEgyqi8K02+/b4pjyjUKpjfCR6eCI guzHJbZOu2I03ar0Q1zJxayevLmRLS+0di//Ut4lqlgnoIbkSSiAyA9W3ZKL9Wqw aPw/xOydKIunkxFh1bDCDAJ53/KrRhL8WyzzcBvBeMUNbYdSZIECA86T1N17XP3S O78zjPrqP0mYu/BYXB+zf3lCVxXKyAxq2MA8xTtf1pOrbp1NL1euDxYWmPtQBfpc kZEOBLE04e6ey1DgXPmSryvImGMR+VVlvP+JBUfpOsPtuJr8RrU8GdFwGQ74HHK2 3vLn -----END CERTIFICATE-----Generated at Sat Apr 5 11:12:42 2025 by rpki-client