$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json) Hash identifier: xe0eNcRZ9dqL+qhZe990RQBRarvC3xqAza4abYfGGKg= Subject key identifier: 9F:0A:49:8A:E9:81:83:22:B2:1D:B6:9F:15:BF:00:9B:57:EF:8F:FA Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 032E83A86B56030CA65071E46F0D409ED8327B7F Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa Signing time: Tue 20 May 2025 00:00:03 +0000 ROA not before: Tue 20 May 2025 00:00:03 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:2e:83:a8:6b:56:03:0c:a6:50:71:e4:6f:0d:40:9e:d8:32:7b:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 20 00:00:03 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=d006666c63902b87c4b7ac9649511f80e961572b1209b558d03e9e894a5e7fa0, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:eb:e0:f7:f1:e8:3c:cd:7b:f3:3b:bc:f2:a3: dd:3d:a3:80:49:d7:a3:00:89:ca:68:57:53:12:dd: a5:24:0f:d2:05:45:9a:23:ed:18:62:e2:d4:01:d6: cd:7f:d9:c6:a9:10:7e:64:74:cb:9e:f5:89:ba:05: 5f:6e:e3:69:80:f3:bf:78:ce:45:8d:65:50:1f:43: c5:00:e7:e8:a9:55:d6:e4:7d:dc:af:da:c8:6f:e1: 15:26:64:69:2f:39:b2:66:cc:a9:f2:0a:c1:4f:84: 42:79:4e:ec:7b:86:00:44:28:26:c8:08:81:89:3f: f4:73:08:3e:1d:cb:64:f1:dc:e5:53:bb:f5:78:f3: b2:8e:7a:2e:bb:90:8f:14:ec:ec:2f:8e:7d:43:17: dc:7f:e6:20:37:11:5d:44:54:2a:5f:92:36:89:23: 9b:35:79:7c:00:0b:fc:ec:e5:f1:3f:da:28:c1:2e: 79:88:3f:fb:53:f8:03:2a:d8:dd:8b:29:9b:eb:57: de:bf:15:a9:60:6a:03:38:8f:19:02:90:ff:b1:bf: ff:52:23:fc:d5:10:6f:b4:6c:3c:c1:a4:37:17:e7: 44:64:d1:1e:ca:d6:bf:b3:78:27:0a:eb:00:be:4a: b8:21:67:6e:04:15:10:cc:62:8a:5b:12:ff:65:93: 13:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:0A:49:8A:E9:81:83:22:B2:1D:B6:9F:15:BF:00:9B:57:EF:8F:FA X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:2000::/36 Signature Algorithm: sha256WithRSAEncryption f6:33:ff:e2:d4:7f:6c:b6:d7:99:66:70:e1:d4:77:24:45:a5: d2:9c:c1:18:ec:c8:47:34:53:a3:fe:40:e4:23:cf:af:f9:05: 1d:fc:3b:51:0f:3b:94:fc:f0:1b:8d:14:54:89:de:7f:26:e0: b9:5c:98:d0:e4:7c:b2:d2:2e:5f:7c:4f:ce:0f:ca:40:3b:27: fd:01:35:82:e8:72:93:89:c7:2c:53:21:b7:71:ee:30:96:c8: 0a:75:bd:8e:ff:f9:28:2a:6a:dd:45:c1:30:7b:5e:cb:71:99: 16:86:b2:00:e2:bb:17:f4:23:23:74:08:63:be:8b:94:52:96: 04:0c:b0:e7:75:f8:7a:bc:6b:60:72:ef:3e:2d:ba:a2:ab:6c: 78:85:e0:06:86:bc:39:e9:16:95:cb:b2:fa:61:02:a3:00:0c: 2b:f2:56:07:87:a9:be:ea:0c:9e:2c:43:09:e4:38:a2:88:51: d2:ed:7d:b4:36:8c:c7:d4:8b:9a:51:ba:14:0e:7a:5d:d1:b9: b2:2f:5a:b7:60:96:fd:a2:a2:b9:4d:16:79:97:bc:2d:6c:28: 38:f4:07:b6:b3:f5:bc:20:94:8c:3d:59:35:03:ca:3b:26:59: aa:08:e0:4d:47:bf:d6:a2:26:b3:f9:57:29:4f:64:16:db:11: 17:d4:b4:84 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAy6DqGtWAwymUHHkbw1Antgye38wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUyMDAwMDAwM1oX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAZDAwNjY2NmM2MzkwMmI4N2M0Yjdh Yzk2NDk1MTFmODBlOTYxNTcyYjEyMDliNTU4ZDAzZTllODk0YTVlN2ZhMDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuvg9/HoPM178zu88qPdPaOASdej AInKaFdTEt2lJA/SBUWaI+0YYuLUAdbNf9nGqRB+ZHTLnvWJugVfbuNpgPO/eM5F jWVQH0PFAOfoqVXW5H3cr9rIb+EVJmRpLzmyZsyp8grBT4RCeU7se4YARCgmyAiB iT/0cwg+Hctk8dzlU7v1ePOyjnouu5CPFOzsL459Qxfcf+YgNxFdRFQqX5I2iSOb NXl8AAv87OXxP9oowS55iD/7U/gDKtjdiymb61fevxWpYGoDOI8ZApD/sb//UiP8 1RBvtGw8waQ3F+dEZNEeyta/s3gnCusAvkq4IWduBBUQzGKKWxL/ZZMTkwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ8KSYrpgYMish22nxW/AJtX74/6MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBAPYz/+LUf2y215lmcOHU dyRFpdKcwRjsyEc0U6P+QOQjz6/5BR38O1EPO5T88BuNFFSJ3n8m4LlcmNDkfLLS Ll98T84PykA7J/0BNYLocpOJxyxTIbdx7jCWyAp1vY7/+Sgqat1FwTB7XstxmRaG sgDiuxf0IyN0CGO+i5RSlgQMsOd1+Hq8a2By7z4tuqKrbHiF4AaGvDnpFpXLsvph AqMADCvyVgeHqb7qDJ4sQwnkOKKIUdLtfbQ2jMfUi5pRuhQOel3RubIvWrdglv2i orlNFnmXvC1sKDj0B7az9bwglIw9WTUDyjsmWaoI4E1Hv9aiJrP5VylPZBbbERfU tIQ= -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:37 2025 by rpki-client