$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa File: 197500e2-3802-44b2-a561-ca3dad01e209.roa (raw, json) Hash identifier: chdRHn97efV3DC5ggIuPKwBwB2WT2uD99KPt99WB9Mo= Subject key identifier: AB:E1:B8:D1:4B:6E:C9:C9:16:92:5A:CD:77:07:A6:B5:75:B3:63:D0 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 5B5AB182C5D11A194D13189F454A2747305DF084 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa Signing time: Mon 19 May 2025 15:00:06 +0000 ROA not before: Mon 19 May 2025 15:00:06 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:5a:b1:82:c5:d1:1a:19:4d:13:18:9f:45:4a:27:47:30:5d:f0:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:06 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=ffadcfb8b6ca00d9c6c0cc7cff58bc1442a094ac8b801cea8a78f0706eec393d, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:72:2e:df:a9:37:19:8c:38:a1:ff:6b:76:a9: c3:f9:07:1b:e7:27:f3:4f:65:f3:e6:65:f8:03:16: 3e:09:65:6f:61:85:1a:1c:53:8b:e1:f2:ab:5f:41: e9:42:6e:02:00:e9:4e:94:4c:59:92:6d:a5:f3:58: d0:61:c6:4d:5b:11:ce:47:aa:b2:f2:12:ad:e9:58: 2b:0a:de:0e:b5:f0:1a:80:bb:3a:c1:07:0e:0b:d8: c8:6d:ac:eb:77:b2:0c:ef:32:3d:eb:a3:e2:04:47: b4:79:07:ff:0e:92:85:46:5a:93:47:39:c3:aa:06: f0:02:65:94:14:44:db:68:e1:d5:40:97:24:c2:c9: 35:87:f0:62:ee:1e:75:f0:c8:18:f1:78:d5:0e:a0: 8d:f1:7c:c1:0d:c4:5c:20:d0:7b:91:53:a0:93:5a: ec:68:cd:54:2c:84:c9:6e:71:7a:9c:2a:cd:78:69: 36:39:4b:02:2f:d5:46:0a:c4:f5:1b:ef:62:9b:b9: eb:a7:b2:19:6d:3d:46:e8:49:02:8e:99:b7:5b:ff: aa:24:55:c3:3e:8c:21:62:0b:0b:33:52:94:55:5c: 55:7d:61:52:cb:04:0b:19:98:e7:12:1e:db:a7:e8: 8e:60:6f:c0:43:66:10:16:9f:3e:63:a6:15:a1:5e: 88:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:E1:B8:D1:4B:6E:C9:C9:16:92:5A:CD:77:07:A6:B5:75:B3:63:D0 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.128.0/24 Signature Algorithm: sha256WithRSAEncryption b2:e5:4d:5b:bf:be:e4:ac:2e:0e:76:60:f9:c4:04:d0:41:d8: 38:e6:59:48:36:21:99:35:b7:a6:b4:70:19:fa:32:fa:15:a3: 6f:ca:1e:92:ec:b9:52:30:19:ca:07:df:e2:05:40:a2:a4:a5: 9d:45:20:4b:4c:8d:aa:58:36:7c:04:67:c7:a6:7b:f8:9d:6b: 90:7b:55:e9:08:fb:70:d2:28:e5:9d:85:71:5a:aa:97:37:f7: fe:95:af:96:77:2e:18:9a:03:72:71:e3:c6:4f:01:f4:a0:00: a1:f7:dd:39:04:3b:db:c7:e2:bf:8b:c7:a4:80:02:18:a2:30: 9a:f5:6e:bf:6a:ec:5a:f7:a5:dd:07:c4:d8:36:35:f1:5e:a9: 8a:79:e6:2b:72:f9:9e:b7:64:df:26:38:84:d6:15:25:70:e7: 7f:9c:d1:39:f4:80:6c:4d:20:62:71:93:6b:66:d2:3e:29:97: 5a:37:b5:8d:f0:cd:1a:11:cb:9e:aa:c3:a8:81:68:8f:f0:a2: 5b:41:b6:ff:b1:0b:1d:61:e0:72:51:7e:87:f2:86:48:cd:37: eb:a7:06:ed:38:c4:57:db:53:37:49:ce:d9:2d:2d:dd:90:8c: 6e:53:a7:6e:85:35:8b:1d:74:eb:c2:a3:db:4b:2e:fa:c9:36: 6f:0d:f1:1a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUW1qxgsXRGhlNExifRUonRzBd8IQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAwNloX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAZmZhZGNmYjhiNmNhMDBkOWM2YzBj YzdjZmY1OGJjMTQ0MmEwOTRhYzhiODAxY2VhOGE3OGYwNzA2ZWVjMzkzZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3Iu36k3GYw4of9rdqnD+Qcb5yfz T2Xz5mX4AxY+CWVvYYUaHFOL4fKrX0HpQm4CAOlOlExZkm2l81jQYcZNWxHOR6qy 8hKt6VgrCt4OtfAagLs6wQcOC9jIbazrd7IM7zI966PiBEe0eQf/DpKFRlqTRznD qgbwAmWUFETbaOHVQJckwsk1h/Bi7h518MgY8XjVDqCN8XzBDcRcINB7kVOgk1rs aM1ULITJbnF6nCrNeGk2OUsCL9VGCsT1G+9im7nrp7IZbT1G6EkCjpm3W/+qJFXD PowhYgsLM1KUVVxVfWFSywQLGZjnEh7bp+iOYG/AQ2YQFp8+Y6YVoV6I8wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKvhuNFLbsnJFpJazXcHprV1s2PQMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzE5NzUwMGUyLTM4MDItNDRiMi1hNTYxLWNhM2RhZDAxZTIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArymAMA0GCSqGSIb3DQEBCwUAA4IBAQCy5U1bv77krC4OdmD5xATQ Qdg45llINiGZNbemtHAZ+jL6FaNvyh6S7LlSMBnKB9/iBUCipKWdRSBLTI2qWDZ8 BGfHpnv4nWuQe1XpCPtw0ijlnYVxWqqXN/f+la+Wdy4YmgNycePGTwH0oACh9905 BDvbx+K/i8ekgAIYojCa9W6/auxa96XdB8TYNjXxXqmKeeYrcvmet2TfJjiE1hUl cOd/nNE59IBsTSBicZNrZtI+KZdaN7WN8M0aEcueqsOogWiP8KJbQbb/sQsdYeBy UX6H8oZIzTfrpwbtOMRX21M3Sc7ZLS3dkIxuU6duhTWLHXTrwqPbSy76yTZvDfEa -----END CERTIFICATE-----Generated at Mon Jun 2 06:36:16 2025 by rpki-client