$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa File: adf75e2e-9d2c-4718-a49d-ad44079b266b.roa (raw, json) Hash identifier: 4Qth2GEFSmt3/eaXSBE1/YTPUZ9y+Zos5inARlqK83U= Subject key identifier: 24:96:1A:56:FF:F7:25:D6:13:11:B2:F4:03:9D:81:77:BB:10:00:42 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 0141EB31415F3BA26E7E1CD28859474A8B1727CD Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa Signing time: Mon 19 May 2025 15:00:11 +0000 ROA not before: Mon 19 May 2025 15:00:11 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:41:eb:31:41:5f:3b:a2:6e:7e:1c:d2:88:59:47:4a:8b:17:27:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:11 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=23d4d5d9f93ff0d75b5d8eb2a2040204859b9e98f00a821adcb589bd5f27f441, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:1b:fc:b2:9e:a2:df:ec:1d:62:72:fc:09:ea: 20:aa:4d:f1:96:0f:37:44:f5:24:b4:5e:be:f5:7e: 5e:94:bd:13:5e:d3:29:e1:01:52:c5:8a:29:42:21: 41:e9:7e:8a:33:68:cf:6d:84:5b:6e:82:99:37:19: 8e:5c:70:a2:21:4f:f1:cc:6c:a4:96:5b:29:b4:20: d7:52:a0:e9:4c:01:f4:76:99:c0:06:fb:72:0c:bf: 5e:6d:6e:65:8f:07:b9:a7:24:0b:77:d1:a5:bf:7d: 7e:06:19:21:d7:df:85:c9:a2:f5:49:57:e5:ce:d1: 3b:3c:3f:0c:df:39:59:89:7c:ee:10:8e:7d:bb:83: 47:19:07:a1:5e:4a:64:ea:fb:23:d4:e5:95:2c:c0: b8:c1:04:e0:f1:c7:0d:a2:07:ab:03:0e:37:47:88: a6:79:4e:81:d0:fd:5c:cd:ba:9b:35:a7:db:b3:e1: 66:c1:20:13:cb:9d:72:99:37:fa:be:2e:d1:a7:24: 5a:ad:b4:ef:a8:1e:41:ab:72:9d:3e:c8:3f:d3:a1: 06:d3:c7:cd:c9:40:50:09:1d:e3:a5:2f:38:d4:ef: 3a:4f:92:e5:72:e0:37:7f:8a:eb:08:6e:29:43:69: bc:87:fe:ab:0b:03:43:5a:ee:24:71:7c:d4:1c:64: e0:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:96:1A:56:FF:F7:25:D6:13:11:B2:F4:03:9D:81:77:BB:10:00:42 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.152.0/21 Signature Algorithm: sha256WithRSAEncryption 24:b7:b2:2f:d4:b7:e0:fb:67:d1:9e:f2:51:ab:8d:b6:d1:5e: 19:dc:00:69:92:8c:68:f5:86:b3:47:12:76:b1:42:7f:87:79: e9:f7:d4:74:71:66:b6:d4:cc:75:e2:78:d5:7e:af:66:a1:d6: 27:c1:23:0f:61:39:a7:81:1b:7d:16:92:8c:f9:1f:a5:c0:65: f3:c2:7f:ce:f3:24:8b:9f:9e:cd:b8:27:7c:b8:a7:3f:a0:3a: 91:41:62:e0:aa:0c:db:09:b8:e2:8e:64:74:25:4b:a1:df:22: 44:d6:87:b1:6a:84:88:29:09:c7:75:46:d8:34:55:18:38:f5: 2b:45:16:09:bc:85:2e:b4:66:21:2a:6f:e1:0e:a9:fa:18:b2: 9d:12:87:7e:d5:fb:3a:be:67:ff:4f:0d:fd:42:7e:92:b1:72: 06:53:f8:dd:41:37:00:60:f8:cd:6d:ed:fb:49:f9:b0:16:19: f7:bf:db:15:34:3e:c0:81:eb:ab:c4:13:a8:3f:5d:14:12:04: 63:83:6d:98:f4:58:ba:7a:65:1c:fd:da:b7:49:50:57:4c:9e: f3:77:b3:a3:2d:03:27:58:1e:42:38:b4:da:0e:ee:b4:ec:50: d1:5b:69:d7:51:fd:30:37:ae:f7:4f:fe:ed:82:41:ea:87:d1: a6:92:84:c3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAUHrMUFfO6JufhzSiFlHSosXJ80wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAxMVoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAMjNkNGQ1ZDlmOTNmZjBkNzViNWQ4 ZWIyYTIwNDAyMDQ4NTliOWU5OGYwMGE4MjFhZGNiNTg5YmQ1ZjI3ZjQ0MTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hv8sp6i3+wdYnL8Ceogqk3xlg83 RPUktF6+9X5elL0TXtMp4QFSxYopQiFB6X6KM2jPbYRbboKZNxmOXHCiIU/xzGyk llsptCDXUqDpTAH0dpnABvtyDL9ebW5ljwe5pyQLd9Glv31+Bhkh19+FyaL1SVfl ztE7PD8M3zlZiXzuEI59u4NHGQehXkpk6vsj1OWVLMC4wQTg8ccNogerAw43R4im eU6B0P1czbqbNafbs+FmwSATy51ymTf6vi7RpyRarbTvqB5Bq3KdPsg/06EG08fN yUBQCR3jpS841O86T5LlcuA3f4rrCG4pQ2m8h/6rCwNDWu4kcXzUHGTglwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCSWGlb/9yXWExGy9AOdgXe7EABCMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2FkZjc1ZTJlLTlkMmMtNDcxOC1hNDlkLWFkNDQwNzliMjY2Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymYMA0GCSqGSIb3DQEBCwUAA4IBAQAkt7Iv1Lfg+2fRnvJRq422 0V4Z3ABpkoxo9YazRxJ2sUJ/h3np99R0cWa21Mx14njVfq9modYnwSMPYTmngRt9 FpKM+R+lwGXzwn/O8ySLn57NuCd8uKc/oDqRQWLgqgzbCbjijmR0JUuh3yJE1oex aoSIKQnHdUbYNFUYOPUrRRYJvIUutGYhKm/hDqn6GLKdEod+1fs6vmf/Tw39Qn6S sXIGU/jdQTcAYPjNbe37SfmwFhn3v9sVND7AgeurxBOoP10UEgRjg22Y9Fi6emUc /dq3SVBXTJ7zd7OjLQMnWB5COLTaDu607FDRW2nXUf0wN673T/7tgkHqh9GmkoTD -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:18 2025 by rpki-client