$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: Tu9EKCCvsSxodY6qi0HqOnrYwwpneGnOpWx8+fwDRTM= Subject key identifier: 82:B1:6A:92:85:92:1B:A6:DD:A9:7B:29:96:75:C4:99:77:B0:38:00 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 1767289FAA071F05160C999463E82744BB43140B Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Sat 05 Apr 2025 00:00:02 +0000 ROA not before: Sat 05 Apr 2025 00:00:02 +0000 ROA not after: Sat 10 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:67:28:9f:aa:07:1f:05:16:0c:99:94:63:e8:27:44:bb:43:14:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001 Validity Not Before: Apr 5 00:00:02 2025 GMT Not After : May 10 23:59:59 2025 GMT Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:8d:64:1f:53:8d:25:76:00:c4:4f:58:f2:c6: 0b:e8:bd:28:12:98:6f:28:6a:cd:f6:85:60:d8:c0: bd:8d:63:c5:d9:13:4a:8e:99:66:0f:fa:c5:02:81: 7d:e8:c0:b9:f3:ac:b5:eb:36:ba:ac:11:b9:df:c2: 2e:84:79:d5:26:5b:0b:c6:42:dd:17:bd:06:db:84: 1a:f5:93:73:f9:73:a8:bd:5e:f5:32:bf:ff:20:92: 7d:89:e6:51:7e:2f:50:8c:5d:27:a1:ff:b0:56:b5: 8f:7b:3f:2a:d4:e4:35:b0:37:e4:e5:af:67:42:71: 3f:d4:ce:84:ea:1c:7e:c2:08:58:5c:6b:10:8c:36: fc:24:4f:ce:72:88:e1:65:cf:7c:b6:b1:cf:ee:39: 93:bd:6b:4b:b7:ac:90:e5:a8:0b:e8:d2:73:c7:16: a3:b4:86:9a:08:87:d3:c5:70:bf:74:c6:84:20:fa: c9:f5:75:9f:64:f9:39:d0:ac:ae:8e:c8:b0:4d:98: 84:73:dd:58:88:bb:42:4b:bf:0f:b9:94:61:80:d3: 6e:04:8b:0a:c1:d1:c8:70:05:9f:82:4a:2f:b0:dd: b4:80:cf:6d:ba:92:c8:86:d1:d9:ca:33:a6:e4:5d: b3:3f:8e:08:ed:7b:b5:9f:10:32:5a:16:48:11:d4: 09:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:B1:6A:92:85:92:1B:A6:DD:A9:7B:29:96:75:C4:99:77:B0:38:00 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 2e:6a:b6:f0:fe:a0:45:2f:a5:22:27:93:fc:42:88:dd:e5:cb: bd:42:87:87:0b:88:76:c0:24:01:41:c5:3f:71:54:8b:04:6b: 2a:a8:d0:8d:72:3d:a9:7b:0d:57:5b:5d:cc:ca:c4:0d:02:e5: d0:53:68:4b:fa:2a:d7:b7:fd:16:f0:9d:a8:18:81:d1:39:a8: a1:6a:2e:19:13:61:43:6e:10:91:e0:3c:60:8c:9a:c6:65:99: da:86:54:84:f4:c8:bc:34:91:fa:fa:33:6d:ff:b1:2a:94:64: 56:39:39:bc:2c:dd:c8:2c:61:04:72:7b:82:fd:b8:47:c9:23: fe:1a:28:c2:82:be:89:c6:ab:d1:51:5e:db:ae:be:8d:19:bb: 15:44:b7:05:71:65:5e:fb:b1:9f:30:17:0c:c1:4e:3d:c4:84: 8f:50:55:36:8d:da:ec:d5:ae:97:91:43:42:16:41:6a:31:19: 83:f3:2a:29:f0:f0:f0:19:78:4f:aa:50:d0:f4:fb:e6:24:f2: 94:11:71:1d:89:32:7b:7d:cc:e6:35:4b:13:3a:63:22:d4:09: 14:e2:06:dd:f6:de:2a:7b:5d:ca:0e:4e:cb:ad:b2:0a:f7:07: e8:c4:6e:9e:e4:91:55:11:48:63:3d:9a:00:47:72:91:68:4e: 88:0b:2c:58 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUF2con6oHHwUWDJmUY+gnRLtDFAswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQwNTAwMDAwMloX DTI1MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAZmEyNzkwYmY2MjgxOGYzOTQ1NGU3 NTFhYmU5ZGU4YzZjMDg0YTUwNzNiYmRkZWQxY2QyNjg4ZmNhMzY1N2JjMTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI1kH1ONJXYAxE9Y8sYL6L0oEphv KGrN9oVg2MC9jWPF2RNKjplmD/rFAoF96MC586y16za6rBG538IuhHnVJlsLxkLd F70G24Qa9ZNz+XOovV71Mr//IJJ9ieZRfi9QjF0nof+wVrWPez8q1OQ1sDfk5a9n QnE/1M6E6hx+wghYXGsQjDb8JE/OcojhZc98trHP7jmTvWtLt6yQ5agL6NJzxxaj tIaaCIfTxXC/dMaEIPrJ9XWfZPk50KyujsiwTZiEc91YiLtCS78PuZRhgNNuBIsK wdHIcAWfgkovsN20gM9tupLIhtHZyjOm5F2zP44I7Xu1nxAyWhZIEdQJ7wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFIKxapKFkhum3al7KZZ1xJl3sDgAMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEALmq28P6gRS+lIieT/EKI 3eXLvUKHhwuIdsAkAUHFP3FUiwRrKqjQjXI9qXsNV1tdzMrEDQLl0FNoS/oq17f9 FvCdqBiB0TmooWouGRNhQ24QkeA8YIyaxmWZ2oZUhPTIvDSR+vozbf+xKpRkVjk5 vCzdyCxhBHJ7gv24R8kj/hoowoK+icar0VFe266+jRm7FUS3BXFlXvuxnzAXDMFO PcSEj1BVNo3a7NWul5FDQhZBajEZg/MqKfDw8Bl4T6pQ0PT75iTylBFxHYkye33M 5jVLEzpjItQJFOIG3fbeKntdyg5Oy62yCvcH6MRunuSRVRFIYz2aAEdykWhOiAss WA== -----END CERTIFICATE-----Generated at Sat Apr 5 11:00:30 2025 by rpki-client