$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/6b15abb6-10b7-4ecd-9947-c96012f824c6.roa File: 6b15abb6-10b7-4ecd-9947-c96012f824c6.roa (raw, json) Hash identifier: 9QszaQHebmaR5DroVbqF/GjAbs8gUUgjBws1f1uzNJc= Subject key identifier: E3:8A:D2:BF:73:89:61:EB:16:32:8E:55:55:D0:F2:01:32:13:8E:F9 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 71F90FE902D5B7DB6F481D9568DE447D7F6ECD02 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/6b15abb6-10b7-4ecd-9947-c96012f824c6.roa Signing time: Mon 19 May 2025 15:00:09 +0000 ROA not before: Mon 19 May 2025 15:00:09 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.132.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:f9:0f:e9:02:d5:b7:db:6f:48:1d:95:68:de:44:7d:7f:6e:cd:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:09 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=b17cd0a7a9b9605b460d9eccff70853741c8ba342a79d696d1dece95edb5837e, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:97:8d:94:04:80:82:57:94:85:1a:f9:af:9b: 00:b7:72:6a:2b:93:47:32:60:16:e9:31:b0:21:f0: 7b:88:51:77:8f:36:21:a2:b7:88:4f:da:f6:b3:26: d0:c7:0f:39:04:7c:49:42:25:42:f3:06:21:28:eb: c4:95:9e:ce:c4:27:42:35:9d:d7:4b:f3:81:52:05: 90:0a:c8:4c:67:a5:0b:f0:4f:90:02:98:3c:e0:39: 38:42:46:34:7e:ce:80:f2:13:25:47:db:02:1a:26: 2a:5d:73:b1:f2:b1:3e:55:10:15:52:ed:82:bc:7f: 09:5d:ed:3f:00:74:5a:e5:b2:95:bc:89:b4:37:5a: 48:a4:c3:31:8c:46:d8:13:78:8f:9e:67:f8:80:55: 43:fb:d1:04:6e:f8:16:3e:f1:a8:dd:21:af:94:c0: 91:07:1a:35:66:12:e3:db:ce:cc:71:45:44:7a:b2: 19:17:98:87:76:18:f7:b5:f6:00:d2:a6:39:e2:2f: 0f:60:8b:e1:75:06:c7:55:bd:2a:03:69:d2:5e:e9: 7c:62:84:d6:b9:5c:ff:6e:66:fe:35:8f:ac:a6:38: 4b:0e:f5:12:4d:fe:d8:c5:bb:fb:35:d4:91:9b:fb: 6b:fe:9c:c6:dc:c9:65:8d:b0:f4:a2:2b:f7:51:70: 70:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:8A:D2:BF:73:89:61:EB:16:32:8E:55:55:D0:F2:01:32:13:8E:F9 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/6b15abb6-10b7-4ecd-9947-c96012f824c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.132.0/22 Signature Algorithm: sha256WithRSAEncryption fc:8f:cd:e8:0a:e1:11:5a:06:d8:d7:93:ca:50:e2:92:bc:cc: 3d:db:ab:20:61:d9:2e:07:6b:e7:d1:2c:b7:50:b6:eb:2a:06: 6c:b0:de:86:8c:ca:7f:ac:05:25:b7:ed:e9:ed:24:2c:3b:f4: 74:d1:d8:a8:48:88:6e:81:ca:90:5a:e7:18:34:0a:b7:19:89: 4a:22:66:63:97:28:84:2f:7d:ce:e0:2a:85:2f:1d:46:0d:be: 17:70:69:bf:29:36:60:59:5d:73:d1:04:88:9a:14:dc:21:99: 32:22:91:cb:63:4f:a7:2d:c4:10:f0:71:95:0a:00:21:01:8d: 6e:a9:cb:94:92:f3:49:eb:66:3b:5a:16:f3:f1:6c:64:87:35: 75:3d:f1:f5:ec:5a:c4:16:4a:e3:96:d7:92:11:40:9f:73:09: 30:4a:1f:52:b9:90:c1:20:39:19:08:75:3c:4c:0f:86:4e:9d: 25:c0:cf:00:ec:5a:f2:d0:cc:32:b3:e8:a6:5f:4a:80:e5:ca: ea:54:4a:ff:31:86:bf:91:88:17:e4:e2:f2:3b:53:c3:c5:4f: 41:38:12:88:f5:b8:71:54:a5:ed:93:a6:da:af:97:49:67:0e: e3:c0:2c:88:17:d0:7f:aa:03:16:f1:fa:8b:e1:c4:67:6d:81: 3c:52:d0:e5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcfkP6QLVt9tvSB2VaN5EfX9uzQIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAwOVoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAYjE3Y2QwYTdhOWI5NjA1YjQ2MGQ5 ZWNjZmY3MDg1Mzc0MWM4YmEzNDJhNzlkNjk2ZDFkZWNlOTVlZGI1ODM3ZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJeNlASAgleUhRr5r5sAt3JqK5NH MmAW6TGwIfB7iFF3jzYhoreIT9r2sybQxw85BHxJQiVC8wYhKOvElZ7OxCdCNZ3X S/OBUgWQCshMZ6UL8E+QApg84Dk4QkY0fs6A8hMlR9sCGiYqXXOx8rE+VRAVUu2C vH8JXe0/AHRa5bKVvIm0N1pIpMMxjEbYE3iPnmf4gFVD+9EEbvgWPvGo3SGvlMCR Bxo1ZhLj287McUVEerIZF5iHdhj3tfYA0qY54i8PYIvhdQbHVb0qA2nSXul8YoTW uVz/bmb+NY+spjhLDvUSTf7Yxbv7NdSRm/tr/pzG3MlljbD0oiv3UXBwkwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOOK0r9ziWHrFjKOVVXQ8gEyE475MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzZiMTVhYmI2LTEwYjctNGVjZC05OTQ3LWM5NjAxMmY4MjRjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrymEMA0GCSqGSIb3DQEBCwUAA4IBAQD8j83oCuERWgbY15PKUOKS vMw926sgYdkuB2vn0Sy3ULbrKgZssN6GjMp/rAUlt+3p7SQsO/R00dioSIhugcqQ WucYNAq3GYlKImZjlyiEL33O4CqFLx1GDb4XcGm/KTZgWV1z0QSImhTcIZkyIpHL Y0+nLcQQ8HGVCgAhAY1uqcuUkvNJ62Y7Whbz8WxkhzV1PfH17FrEFkrjlteSEUCf cwkwSh9SuZDBIDkZCHU8TA+GTp0lwM8A7Fry0Mwys+imX0qA5crqVEr/MYa/kYgX 5OLyO1PDxU9BOBKI9bhxVKXtk6bar5dJZw7jwCyIF9B/qgMW8fqL4cRnbYE8UtDl -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:37 2025 by rpki-client