$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa File: 3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa (raw, json) Hash identifier: LToyeSdIDGg72v+2pvcJf6ilyhEn6uwC91SUsluxW9w= Subject key identifier: 51:DC:15:29:58:2C:42:04:07:3A:6B:A0:57:BD:B5:BC:16:E0:50:21 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 48A3433322F282D6003725C6A96C1D0C757680BD Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa Signing time: Mon 19 May 2025 15:00:10 +0000 ROA not before: Mon 19 May 2025 15:00:10 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.136.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:a3:43:33:22:f2:82:d6:00:37:25:c6:a9:6c:1d:0c:75:76:80:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:10 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=7ee8eb355c8dc6acdc4bcb7625e5442377ca3f27b6fe44c9d8be62fc2adc5881, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:03:ee:70:35:1f:7c:60:40:8f:a9:2a:4d:24: a9:34:65:fe:3e:78:fe:86:ea:87:49:49:8c:4d:b4: 63:f0:96:60:74:c5:c7:e6:cc:e0:36:a2:74:dc:91: e2:67:a1:19:38:3f:00:c2:cc:d9:7e:41:91:4b:3e: df:dd:48:d8:ba:b0:84:a6:0e:65:1d:8e:ce:d1:95: 37:81:9c:d9:9a:0f:56:4f:4b:9e:60:9d:da:98:0e: 90:43:13:36:f4:a0:24:6e:ac:ef:74:10:5a:bb:43: 54:ee:1d:5c:e2:43:e1:a8:3f:5a:4a:e0:54:c3:75: 56:d8:70:f9:c3:19:8c:65:d8:c4:06:d0:f5:95:d1: 80:fc:e8:46:90:1b:e4:a9:b9:73:c9:51:7b:e5:95: 80:31:23:b4:27:39:f4:13:c5:2e:96:74:fe:f6:65: a7:ea:70:24:62:88:f9:47:c3:32:f5:75:6d:e4:12: 77:af:7b:50:68:f7:a0:ab:e6:c0:46:22:32:ea:57: b9:5c:53:4d:9f:20:6d:ce:63:57:d8:ac:3a:e7:49: b9:7e:f5:df:fe:ac:63:43:d4:3e:6b:73:96:6b:08: 59:ee:3a:cf:53:cd:aa:69:d4:11:fd:d1:ee:b8:39: 69:48:b6:3e:00:6a:4f:7c:a2:63:4f:6f:7a:63:8c: 17:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:DC:15:29:58:2C:42:04:07:3A:6B:A0:57:BD:B5:BC:16:E0:50:21 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.136.0/21 Signature Algorithm: sha256WithRSAEncryption 49:b6:01:36:30:69:eb:f4:7b:c0:0d:2f:62:1d:0c:d0:32:7b: 09:db:a7:1f:93:55:cb:bf:2e:94:d8:e3:00:c1:ad:a5:b8:6f: 64:0a:fd:38:18:1f:bd:16:46:69:3b:3f:58:fb:07:93:c3:e8: da:ed:b6:ad:dd:a3:c7:05:ee:ad:20:31:0f:ca:72:58:aa:20: b6:9a:01:4d:f4:d1:50:3a:8c:8f:07:67:4a:89:55:b5:3a:68: 35:c7:60:e1:aa:ba:3f:b0:c5:cf:0d:2c:99:b9:89:58:d0:f8: 8f:41:05:33:75:eb:23:ae:d2:e6:f9:df:6b:eb:6c:94:42:64: 57:d3:5f:16:d4:d4:2c:71:b2:79:fe:1b:59:8b:ee:d4:5c:6b: 61:a7:2d:d5:d3:5b:5d:ab:46:ba:6b:fc:f5:af:52:3e:56:82: 6e:19:b7:3a:d0:99:69:e7:88:b7:b0:86:dc:84:98:e3:14:03: af:f2:e8:99:06:bc:d6:31:88:2f:29:57:41:a0:7e:80:6a:77: 4b:f5:e4:68:1a:0e:a2:bf:ef:fe:24:2f:06:f6:ed:12:56:b8: a6:00:1c:43:a5:7d:a8:ff:98:82:97:e4:45:eb:f3:45:ce:dc: b4:e0:2f:41:27:22:c8:f0:9a:f2:aa:14:66:db:3c:1e:57:9e: 19:54:87:e0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSKNDMyLygtYANyXGqWwdDHV2gL0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAxMFoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAN2VlOGViMzU1YzhkYzZhY2RjNGJj Yjc2MjVlNTQ0MjM3N2NhM2YyN2I2ZmU0NGM5ZDhiZTYyZmMyYWRjNTg4MTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAPucDUffGBAj6kqTSSpNGX+Pnj+ huqHSUmMTbRj8JZgdMXH5szgNqJ03JHiZ6EZOD8AwszZfkGRSz7f3UjYurCEpg5l HY7O0ZU3gZzZmg9WT0ueYJ3amA6QQxM29KAkbqzvdBBau0NU7h1c4kPhqD9aSuBU w3VW2HD5wxmMZdjEBtD1ldGA/OhGkBvkqblzyVF75ZWAMSO0Jzn0E8UulnT+9mWn 6nAkYoj5R8My9XVt5BJ3r3tQaPegq+bARiIy6le5XFNNnyBtzmNX2Kw650m5fvXf /qxjQ9Q+a3OWawhZ7jrPU82qadQR/dHuuDlpSLY+AGpPfKJjT296Y4wXpwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFHcFSlYLEIEBzproFe9tbwW4FAhMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzNiODU1N2MwLWQ1ZWUtNGY5ZC04MGFjLWU0MWEzN2ZmZmYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymIMA0GCSqGSIb3DQEBCwUAA4IBAQBJtgE2MGnr9HvADS9iHQzQ MnsJ26cfk1XLvy6U2OMAwa2luG9kCv04GB+9FkZpOz9Y+weTw+ja7bat3aPHBe6t IDEPynJYqiC2mgFN9NFQOoyPB2dKiVW1Omg1x2Dhqro/sMXPDSyZuYlY0PiPQQUz desjrtLm+d9r62yUQmRX018W1NQscbJ5/htZi+7UXGthpy3V01tdq0a6a/z1r1I+ VoJuGbc60Jlp54i3sIbchJjjFAOv8uiZBrzWMYgvKVdBoH6AandL9eRoGg6iv+/+ JC8G9u0SVrimABxDpX2o/5iCl+RF6/NFzty04C9BJyLI8JryqhRm2zweV54ZVIfg -----END CERTIFICATE-----Generated at Tue Jun 3 23:33:15 2025 by rpki-client