$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa File: 8c170584-7c9b-414b-8cba-a934a0a79bbe.roa (raw, json) Hash identifier: 1kONtxBy5girOhavV4gakrbIjHuf3KFfnX3F+CE0fzc= Subject key identifier: 03:0B:9E:B9:8B:8E:74:6A:41:4E:63:83:76:E4:3D:45:64:88:60:53 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 1A996F0BE69C4360DFF8BFE99CF10B54E696D781 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa Signing time: Tue 20 May 2025 00:00:02 +0000 ROA not before: Tue 20 May 2025 00:00:02 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:99:6f:0b:e6:9c:43:60:df:f8:bf:e9:9c:f1:0b:54:e6:96:d7:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 20 00:00:02 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=9975555c21bfe978a2ab7057bd73d2b89773068cabd48ed944851e64c52eb7dc, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:a5:32:ff:5e:bd:23:a9:fe:61:5d:10:46:49: bf:61:69:14:2f:81:db:fb:67:aa:a1:d8:63:06:34: 06:86:50:c0:b0:5f:1e:24:dc:05:ee:0e:4f:64:6c: a1:72:cc:1f:8d:86:95:d7:42:54:1b:7b:d8:0d:c3: e9:f2:1f:ec:9c:bc:55:01:5d:f0:73:7b:74:2c:c6: 72:c7:58:ee:8e:77:34:0e:05:79:e6:cf:24:73:79: 70:29:bf:82:cd:5c:29:b6:3b:dd:da:4b:9f:25:79: c1:22:dd:c6:4b:dd:a7:a3:81:51:53:8a:bc:1f:fb: 53:1b:36:10:a7:5f:52:fe:6c:83:8e:e6:38:11:3e: c1:d2:b9:3d:ec:5d:85:38:bb:ea:dc:e1:eb:93:e7: 96:a2:fd:c5:67:fc:49:ee:93:c1:1e:70:d0:55:79: fe:33:e4:ec:b5:a4:23:6b:1f:ca:10:1a:1b:07:97: 8f:e0:c5:c1:97:8a:f0:4a:ec:63:7b:7d:91:b6:58: d4:54:b4:c0:21:f9:24:c5:c6:b9:0a:3b:05:b1:b8: 55:86:6b:c9:0a:d5:ee:bb:b5:ff:ad:55:2e:9b:0c: 3d:45:78:02:bb:81:30:7a:69:e5:2b:b6:a6:d4:87: a0:75:cf:88:fc:73:16:bc:5e:37:08:cd:c3:82:bd: 30:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:0B:9E:B9:8B:8E:74:6A:41:4E:63:83:76:E4:3D:45:64:88:60:53 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:4000::/48 Signature Algorithm: sha256WithRSAEncryption 5e:52:07:b6:cf:97:6d:66:1e:7d:03:62:73:da:93:ac:2e:dd: dc:94:ac:b8:bf:48:d3:5f:ee:41:59:0e:23:19:84:a2:d4:dc: 8d:68:89:3d:c0:89:9e:dd:80:71:08:20:6b:7b:42:a1:74:10: 95:dd:b3:ab:dc:3c:4b:3b:87:bd:45:57:58:c9:dc:f6:08:bf: 25:cc:34:c3:61:33:5f:1a:aa:41:21:64:13:26:aa:c1:16:b5: 5e:d0:6f:32:54:59:1c:78:fa:66:6f:fc:b9:47:da:bb:1c:99: 5b:bb:83:f3:48:32:ff:04:c3:9f:16:64:a8:97:4c:1d:49:0a: 8c:2a:09:4d:b2:8c:50:37:46:6a:e6:27:ec:41:85:b4:3a:00: 1f:2e:67:9c:63:28:49:84:38:ea:38:7e:c3:95:6e:4a:b3:80: c5:28:30:91:d6:e0:92:47:f1:0b:9b:fe:dc:b8:96:4d:49:1c: 13:b9:b7:81:24:1d:f1:bd:2b:e5:01:3c:44:8e:e0:e6:36:35: b1:d9:4c:81:88:9a:d3:c4:57:f8:5e:b3:0c:b8:9c:a0:20:22: bc:ee:4e:9d:01:56:ca:6a:01:c2:ef:08:e6:e1:8e:81:3d:bc: f4:7b:fe:1e:f9:71:ca:bf:b1:36:c9:99:fe:66:b8:0d:70:1d: b9:a9:c3:fd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGplvC+acQ2Df+L/pnPELVOaW14EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUyMDAwMDAwMloX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAOTk3NTU1NWMyMWJmZTk3OGEyYWI3 MDU3YmQ3M2QyYjg5NzczMDY4Y2FiZDQ4ZWQ5NDQ4NTFlNjRjNTJlYjdkYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qUy/169I6n+YV0QRkm/YWkUL4Hb +2eqodhjBjQGhlDAsF8eJNwF7g5PZGyhcswfjYaV10JUG3vYDcPp8h/snLxVAV3w c3t0LMZyx1jujnc0DgV55s8kc3lwKb+CzVwptjvd2kufJXnBIt3GS92no4FRU4q8 H/tTGzYQp19S/myDjuY4ET7B0rk97F2FOLvq3OHrk+eWov3FZ/xJ7pPBHnDQVXn+ M+TstaQjax/KEBobB5eP4MXBl4rwSuxje32RtljUVLTAIfkkxca5CjsFsbhVhmvJ CtXuu7X/rVUumww9RXgCu4EwemnlK7am1Iegdc+I/HMWvF43CM3Dgr0weQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAMLnrmLjnRqQU5jg3bkPUVkiGBTMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzhjMTcwNTg0LTdjOWItNDE0Yi04Y2JhLWE5MzRhMGE3OWJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAEAAMA0GCSqGSIb3DQEBCwUAA4IBAQBeUge2z5dtZh59A2Jz 2pOsLt3clKy4v0jTX+5BWQ4jGYSi1NyNaIk9wIme3YBxCCBre0KhdBCV3bOr3DxL O4e9RVdYydz2CL8lzDTDYTNfGqpBIWQTJqrBFrVe0G8yVFkcePpmb/y5R9q7HJlb u4PzSDL/BMOfFmSol0wdSQqMKglNsoxQN0Zq5ifsQYW0OgAfLmecYyhJhDjqOH7D lW5Ks4DFKDCR1uCSR/ELm/7cuJZNSRwTubeBJB3xvSvlATxEjuDmNjWx2UyBiJrT xFf4XrMMuJygICK87k6dAVbKagHC7wjm4Y6BPbz0e/4e+XHKv7E2yZn+ZrgNcB25 qcP9 -----END CERTIFICATE-----Generated at Tue Jun 3 23:37:44 2025 by rpki-client