$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa File: 42932dd4-2720-47b3-a472-fc2c8a50a46c.roa (raw, json) Hash identifier: j+aAxYvuIfwH81+xuEpbfTF2AE2I+wz5ZYc2WaqYhG0= Subject key identifier: 79:EA:7F:DE:0C:4A:E7:32:DD:ED:5C:E4:CE:27:B0:24:D9:AD:22:2B Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 3E05EE890EB7050B3E53F8AF145035FC403E9E79 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa Signing time: Mon 19 May 2025 15:00:07 +0000 ROA not before: Mon 19 May 2025 15:00:07 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.130.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:05:ee:89:0e:b7:05:0b:3e:53:f8:af:14:50:35:fc:40:3e:9e:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:07 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=62221c558f15965d47d92ad1b3ca0745db0414dbaf367288ead73bf819279f90, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:21:53:90:43:70:5c:be:1f:94:08:ac:a5:6c: fe:4f:86:0d:f0:a7:c0:57:57:af:df:eb:63:8a:29: ed:d5:41:79:50:46:32:23:b4:bf:7d:0f:97:96:24: 32:19:a7:9f:e5:73:3c:7d:92:4d:92:60:f7:e7:31: 39:38:1b:40:e0:6e:67:42:a4:f4:04:eb:c5:8c:34: db:1c:de:d4:6b:f6:6f:b7:df:06:9b:3e:b3:8a:f6: 1a:24:6a:77:99:50:30:d9:2d:3e:d0:f3:ad:27:86: f2:4e:6f:68:fa:91:b9:e8:58:da:63:f7:ee:e2:b8: c6:2e:8d:6f:90:45:75:f5:06:23:85:1e:99:a4:84: 28:34:3e:dd:f0:57:c9:0f:21:0a:19:ff:de:e9:85: 46:a0:e2:19:60:8b:2d:cd:cd:28:58:a4:a1:20:54: c4:95:4f:2d:98:c3:7a:cb:7c:a1:79:9a:ad:a7:4c: 39:d9:c9:89:e7:76:98:7e:50:9e:b4:0b:d6:fc:c5: 06:d5:f4:49:43:09:16:a0:75:ba:56:2c:94:c8:3b: 5e:4a:70:01:75:8d:6b:6d:c3:b1:94:77:3c:01:7b: 5b:ac:ed:39:57:bb:6c:b0:e1:95:7a:92:fd:05:a5: ce:dc:5f:cc:03:5a:d3:67:91:93:05:87:b2:af:40: d0:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:EA:7F:DE:0C:4A:E7:32:DD:ED:5C:E4:CE:27:B0:24:D9:AD:22:2B X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.130.0/23 Signature Algorithm: sha256WithRSAEncryption 7d:9b:d6:90:b2:79:d0:be:47:43:59:f1:34:92:9d:21:2e:56: 67:d3:5d:d2:23:4d:c9:4d:1f:5d:f8:bb:46:c0:aa:a1:f7:ac: 04:9f:a5:90:ef:2b:39:40:f7:a7:b4:4b:5c:77:bc:02:cb:d7: f7:7f:1b:b5:26:83:53:fc:88:ea:51:a7:89:ac:5b:ad:49:f1: 53:c4:ee:54:e4:80:97:e7:e5:94:29:4a:62:66:56:38:e0:ce: 1a:f7:75:24:f2:c1:0f:c8:31:76:df:c0:70:3b:16:cc:57:49: bb:d8:e9:b0:93:7c:6e:db:5a:5f:ae:17:85:02:33:2d:4a:2f: 23:2e:15:1b:76:5d:de:fc:74:ae:4a:a8:cb:d4:b8:1f:c7:47: 26:d0:d6:eb:e7:06:24:f0:8a:44:dd:4b:31:69:5e:5d:30:70: 87:cb:67:6e:ad:b9:be:9c:c0:41:f5:09:67:c3:c5:8b:93:63: bc:01:0c:c9:bb:79:7c:13:2b:0f:ce:4f:c7:b8:4f:eb:1c:ae: 4a:a3:6c:61:b2:12:1b:e5:9c:6b:e0:6b:1c:d4:b2:6e:1f:e8: 26:ca:75:7d:bb:e0:48:3a:38:0a:25:a8:88:68:30:f4:ae:b2: a6:59:b2:01:58:c4:82:a9:46:b2:34:91:d0:61:7c:22:b6:18: 0b:76:a8:2a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUPgXuiQ63BQs+U/ivFFA1/EA+nnkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAwN1oX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNANjIyMjFjNTU4ZjE1OTY1ZDQ3ZDky YWQxYjNjYTA3NDVkYjA0MTRkYmFmMzY3Mjg4ZWFkNzNiZjgxOTI3OWY5MDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSFTkENwXL4flAispWz+T4YN8KfA V1ev3+tjiint1UF5UEYyI7S/fQ+XliQyGaef5XM8fZJNkmD35zE5OBtA4G5nQqT0 BOvFjDTbHN7Ua/Zvt98Gmz6zivYaJGp3mVAw2S0+0POtJ4byTm9o+pG56FjaY/fu 4rjGLo1vkEV19QYjhR6ZpIQoND7d8FfJDyEKGf/e6YVGoOIZYIstzc0oWKShIFTE lU8tmMN6y3yheZqtp0w52cmJ53aYflCetAvW/MUG1fRJQwkWoHW6ViyUyDteSnAB dY1rbcOxlHc8AXtbrO05V7tssOGVepL9BaXO3F/MA1rTZ5GTBYeyr0DQ4QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHnqf94MSucy3e1c5M4nsCTZrSIrMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQyOTMyZGQ0LTI3MjAtNDdiMy1hNDcyLWZjMmM4YTUwYTQ2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrymCMA0GCSqGSIb3DQEBCwUAA4IBAQB9m9aQsnnQvkdDWfE0kp0h LlZn013SI03JTR9d+LtGwKqh96wEn6WQ7ys5QPentEtcd7wCy9f3fxu1JoNT/Ijq UaeJrFutSfFTxO5U5ICX5+WUKUpiZlY44M4a93Uk8sEPyDF238BwOxbMV0m72Omw k3xu21pfrheFAjMtSi8jLhUbdl3e/HSuSqjL1Lgfx0cm0Nbr5wYk8IpE3UsxaV5d MHCHy2durbm+nMBB9Qlnw8WLk2O8AQzJu3l8EysPzk/HuE/rHK5Ko2xhshIb5Zxr 4Gsc1LJuH+gmynV9u+BIOjgKJaiIaDD0rrKmWbIBWMSCqUayNJHQYXwithgLdqgq -----END CERTIFICATE-----Generated at Tue Jun 3 23:38:37 2025 by rpki-client