$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa File: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (raw, json) Hash identifier: n0gXUHFYahh4J/4jaIwQo/bWuJQvw4D2fZ7i5R4pyUw= Subject key identifier: 2B:C2:0D:8E:96:51:DE:C1:E9:14:85:E5:44:C8:58:12:F9:07:68:FB Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2B08EDAE81D3CB6DDE316F60386923C15EF5DAD9 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa Signing time: Tue 20 May 2025 00:00:00 +0000 ROA not before: Tue 20 May 2025 00:00:00 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:08:ed:ae:81:d3:cb:6d:de:31:6f:60:38:69:23:c1:5e:f5:da:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 20 00:00:00 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=f23186ee52232c1993fe86f97e006654040a2fc1d328c9330969e8211b57f26e, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:16:ae:f8:49:cd:10:49:c5:55:95:28:ab:da: 70:9c:85:3d:b4:4f:e9:27:8a:c1:97:bf:0f:bd:48: 64:14:69:28:7b:f5:f0:ac:6c:1f:ec:65:b4:7e:ad: e6:b2:ca:ac:0e:cd:fb:54:9e:94:b8:7b:f1:e3:86: d5:95:a2:45:5d:b2:62:4c:ba:44:d7:d7:a9:8d:fa: a5:32:75:5b:b0:77:c2:b9:4c:af:ea:0a:2d:86:f4: a1:ff:ae:2d:2c:67:54:d1:02:b4:76:b2:4f:7d:ab: ec:bb:cc:19:27:b2:f5:c4:b3:fa:a4:b3:a5:35:21: f2:0b:29:6a:f1:be:2a:43:c8:fd:18:11:1f:3b:fd: 7f:c5:dc:fb:07:f5:93:40:91:e2:6c:45:20:64:dc: a3:10:54:55:62:14:17:cf:52:af:9e:88:ed:d5:3b: 13:70:fd:43:ae:f5:76:08:4b:e2:e7:c3:d4:2b:85: 80:48:2c:e0:23:fd:eb:63:d7:98:25:60:c5:58:94: 4d:13:d8:48:3a:f4:ba:8f:56:28:f2:03:82:9c:3a: 41:b7:62:ec:17:df:29:46:7b:c8:7a:76:bb:ec:5b: 7e:12:3f:aa:14:42:89:0b:a1:56:4e:b2:50:b3:40: 96:a5:47:dd:4c:ea:5f:42:ba:90:ec:65:c9:78:20: c3:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:C2:0D:8E:96:51:DE:C1:E9:14:85:E5:44:C8:58:12:F9:07:68:FB X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/48 Signature Algorithm: sha256WithRSAEncryption e4:f7:a0:a0:04:12:10:43:2a:23:72:83:57:b4:26:94:c3:5e: 98:33:e2:ee:dc:b5:82:93:3d:48:86:e0:8d:b5:ff:53:7c:c1: bc:16:f2:da:e8:54:6f:d2:b8:73:11:00:51:6a:50:11:06:64: b6:08:01:24:43:3b:e2:6e:8a:d2:e6:fa:7a:f9:51:95:f6:32: 90:3e:a9:92:f7:e4:29:82:6a:7f:c9:24:12:d8:ea:1a:a5:6a: 1f:f9:85:08:0f:eb:38:93:fd:fe:3f:d9:1a:d2:f4:90:e3:a6: e6:9c:45:f0:c9:bb:3b:ee:73:ed:b3:34:16:8a:23:85:ca:a2: 6a:a8:00:e8:06:99:65:8c:57:3a:f7:dc:e4:82:a6:1c:27:e2: ee:c6:50:3c:f5:fb:88:ee:84:5e:13:0e:6f:86:68:ce:37:f0: 7a:65:4c:e8:cb:16:d9:7b:73:05:e4:ce:46:16:c9:c0:e8:56: 35:a1:49:43:1d:8d:d8:a0:37:d0:db:6c:42:2e:0a:9b:f7:30: 76:15:69:b6:47:3b:8f:48:f8:6d:4f:d9:72:f5:37:43:85:c4: 31:34:cf:d7:ee:fd:32:6e:c4:8e:9b:1f:1b:6a:3c:fd:c3:22: a8:e0:37:2d:0e:5f:14:19:4b:44:54:2a:9c:77:ee:48:29:ce: 71:64:77:e7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKwjtroHTy23eMW9gOGkjwV712tkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUyMDAwMDAwMFoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAZjIzMTg2ZWU1MjIzMmMxOTkzZmU4 NmY5N2UwMDY2NTQwNDBhMmZjMWQzMjhjOTMzMDk2OWU4MjExYjU3ZjI2ZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxau+EnNEEnFVZUoq9pwnIU9tE/p J4rBl78PvUhkFGkoe/XwrGwf7GW0fq3mssqsDs37VJ6UuHvx44bVlaJFXbJiTLpE 19epjfqlMnVbsHfCuUyv6gothvSh/64tLGdU0QK0drJPfavsu8wZJ7L1xLP6pLOl NSHyCylq8b4qQ8j9GBEfO/1/xdz7B/WTQJHibEUgZNyjEFRVYhQXz1Kvnojt1TsT cP1DrvV2CEvi58PUK4WASCzgI/3rY9eYJWDFWJRNE9hIOvS6j1Yo8gOCnDpBt2Ls F98pRnvIena77Ft+Ej+qFEKJC6FWTrJQs0CWpUfdTOpfQrqQ7GXJeCDDlQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCvCDY6WUd7B6RSF5UTIWBL5B2j7MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzM2ODRlNTBjLWM1MGYtNGViYi1iMzI3LWUwNzU5MjQxMTk3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQDk96CgBBIQQyojcoNX tCaUw16YM+Lu3LWCkz1IhuCNtf9TfMG8FvLa6FRv0rhzEQBRalARBmS2CAEkQzvi borS5vp6+VGV9jKQPqmS9+Qpgmp/ySQS2OoapWof+YUID+s4k/3+P9ka0vSQ46bm nEXwybs77nPtszQWiiOFyqJqqADoBplljFc699zkgqYcJ+LuxlA89fuI7oReEw5v hmjON/B6ZUzoyxbZe3MF5M5GFsnA6FY1oUlDHY3YoDfQ22xCLgqb9zB2FWm2RzuP SPhtT9ly9TdDhcQxNM/X7v0ybsSOmx8bajz9wyKo4DctDl8UGUtEVCqcd+5IKc5x ZHfn -----END CERTIFICATE-----Generated at Tue Jun 3 23:36:30 2025 by rpki-client