$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa File: 1dffeac8-b779-49ef-ba27-58bc19891e60.roa (raw, json) Hash identifier: iFsyUhpP8t7wFlv1htJ0JKdCza+DGC7PtpBbu1EBYLE= Subject key identifier: F8:83:8D:EC:03:FF:24:FE:0B:21:E8:3A:21:35:06:51:94:41:92:A6 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 3A8A8756B4D99C757FECCBED7A473DB6BC007070 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa Signing time: Mon 19 May 2025 15:00:10 +0000 ROA not before: Mon 19 May 2025 15:00:10 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.144.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:8a:87:56:b4:d9:9c:75:7f:ec:cb:ed:7a:47:3d:b6:bc:00:70:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:10 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=f7aeb047e92a8e1bcf8395c05b7a3ac0f6bb289ecc1ec99e8af45aa2a0907759, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:b4:fa:c8:24:53:6e:5e:e1:53:72:0f:41:7a: c4:a5:d3:c4:45:3d:ee:98:bb:66:cf:42:83:b0:ae: 51:46:bc:2a:c5:7f:a0:bc:84:a0:0a:2f:2b:80:3a: e9:8d:da:8a:a1:88:f6:24:22:25:4c:0a:a7:61:74: 51:5d:e7:a6:e8:b4:00:a7:59:76:59:71:61:27:7f: eb:d8:b7:a0:f0:61:2a:7b:89:6f:2d:06:28:e7:66: 25:d3:41:47:fb:80:18:40:0c:56:1e:56:49:a6:2b: f7:c8:a6:19:b8:c0:c1:05:7f:2f:2b:8c:0a:a8:1f: 91:3c:2a:33:6b:0c:f0:96:bd:80:1e:bc:83:61:13: b4:00:6a:43:ce:05:83:59:15:82:05:13:a7:44:9c: 03:35:cd:1b:5d:97:ab:5d:0c:23:de:31:38:e9:d6: c9:25:fc:f3:4f:a0:da:a1:11:02:58:7f:6a:8c:4f: 02:b1:58:de:a0:31:88:cd:65:6d:12:1e:33:2f:80: ec:80:5f:36:99:1e:c2:84:43:31:95:2d:be:cc:39: cc:ce:c9:15:ad:8c:bb:39:90:3e:08:5a:1e:bf:0d: 36:6e:2d:59:4b:54:21:b9:10:7e:bc:fa:78:e6:e9: 79:f8:8b:f8:b5:7d:fa:a5:8f:20:08:e0:88:89:07: dc:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:83:8D:EC:03:FF:24:FE:0B:21:E8:3A:21:35:06:51:94:41:92:A6 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.144.0/22 Signature Algorithm: sha256WithRSAEncryption af:58:37:c9:71:21:74:8f:0c:5a:a1:44:35:51:64:84:22:62: f5:f6:b9:e0:f6:24:a2:b9:8f:d5:d5:be:2a:c2:85:81:43:a8: 4c:0c:90:20:0b:4e:72:a8:67:65:87:b0:76:d6:7f:d4:9e:f3: 30:02:e3:f7:dc:37:91:e9:01:6d:43:24:31:01:c8:2a:2d:76: b7:89:6f:2a:48:26:f4:94:29:1a:d1:e1:e8:72:2b:62:b7:86: 7b:96:55:cd:48:3c:58:99:bc:db:73:08:91:2c:12:01:db:b0: 65:03:b3:a8:48:46:a1:a0:54:87:a4:9f:76:e4:f4:37:19:77: 9f:04:55:5a:a9:26:60:b9:d2:a3:b1:69:b9:ab:24:58:18:a5: 20:d4:45:d7:06:b1:e6:2d:ec:43:da:06:d6:9b:6a:52:0d:54: d2:8f:8a:dd:3a:56:98:e0:21:ad:8a:87:be:b6:a6:f7:cd:5b: 97:60:c1:66:69:bc:0c:6d:44:b3:3c:e9:68:4f:3e:17:10:88: 6d:3f:02:18:3f:ca:a6:90:eb:b0:59:aa:40:66:5c:5c:5b:5c: 08:6c:f2:30:9a:cf:ed:6e:3a:a6:51:68:da:59:68:ee:54:df: 80:8f:d7:d4:27:89:1a:7f:a0:94:bc:31:e8:e6:48:a2:7d:92: fa:fb:6f:91 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOoqHVrTZnHV/7Mvtekc9trwAcHAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAxMFoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAZjdhZWIwNDdlOTJhOGUxYmNmODM5 NWMwNWI3YTNhYzBmNmJiMjg5ZWNjMWVjOTllOGFmNDVhYTJhMDkwNzc1OTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbT6yCRTbl7hU3IPQXrEpdPERT3u mLtmz0KDsK5RRrwqxX+gvISgCi8rgDrpjdqKoYj2JCIlTAqnYXRRXeem6LQAp1l2 WXFhJ3/r2Leg8GEqe4lvLQYo52Yl00FH+4AYQAxWHlZJpiv3yKYZuMDBBX8vK4wK qB+RPCozawzwlr2AHryDYRO0AGpDzgWDWRWCBROnRJwDNc0bXZerXQwj3jE46dbJ JfzzT6DaoRECWH9qjE8CsVjeoDGIzWVtEh4zL4DsgF82mR7ChEMxlS2+zDnMzskV rYy7OZA+CFoevw02bi1ZS1QhuRB+vPp45ul5+Iv4tX36pY8gCOCIiQfcEQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPiDjewD/yT+CyHoOiE1BlGUQZKmMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzFkZmZlYWM4LWI3NzktNDllZi1iYTI3LTU4YmMxOTg5MWU2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrymQMA0GCSqGSIb3DQEBCwUAA4IBAQCvWDfJcSF0jwxaoUQ1UWSE ImL19rng9iSiuY/V1b4qwoWBQ6hMDJAgC05yqGdlh7B21n/UnvMwAuP33DeR6QFt QyQxAcgqLXa3iW8qSCb0lCka0eHocitit4Z7llXNSDxYmbzbcwiRLBIB27BlA7Oo SEahoFSHpJ925PQ3GXefBFVaqSZgudKjsWm5qyRYGKUg1EXXBrHmLexD2gbWm2pS DVTSj4rdOlaY4CGtioe+tqb3zVuXYMFmabwMbUSzPOloTz4XEIhtPwIYP8qmkOuw WapAZlxcW1wIbPIwms/tbjqmUWjaWWjuVN+Aj9fUJ4kaf6CUvDHo5kiifZL6+2+R -----END CERTIFICATE-----Generated at Mon Jun 2 06:29:54 2025 by rpki-client