$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: XW0n/9hdTpV9dtB3dSFmu4bIm+JKOmsz0wDKh5lCYPw= Subject key identifier: DB:74:3A:62:D9:0B:14:8D:75:6D:CB:CF:C2:BA:13:14:B7:21:58:4F Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 3CCBC9CFA040188EC976492B868EF013991D8A31 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Mon 26 May 2025 15:00:25 +0000 ROA not before: Mon 26 May 2025 15:00:25 +0000 ROA not after: Mon 30 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:cb:c9:cf:a0:40:18:8e:c9:76:49:2b:86:8e:f0:13:99:1d:8a:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 26 15:00:25 2025 GMT Not After : Jun 30 23:59:59 2025 GMT Subject: serialNumber=185b8fe9189b03a43e1a24af20090940e2b1984848a464243fa4badc101fd1b0, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:8f:76:84:e4:01:be:64:87:f1:4d:15:61:bd: d8:3f:cb:29:73:e8:a0:e2:6b:45:57:9b:9a:7b:2b: 0e:17:1d:77:3a:1e:77:a2:10:46:1a:80:ae:e7:b6: f5:6b:45:40:91:d2:9b:09:13:71:89:4e:55:8d:3f: d0:64:3c:12:b0:80:25:09:30:6d:3d:1e:9c:62:9a: 8d:5c:db:4a:40:4c:c0:2b:23:a3:f6:f8:a1:44:0a: 8a:c7:3c:f9:9d:ae:40:00:56:a8:94:11:0a:a5:7c: b4:ba:7e:45:8b:27:a8:3d:67:58:b9:b1:57:de:38: d5:25:ef:39:6d:7f:06:c8:73:a9:dc:56:f4:84:34: 85:b7:c1:46:e5:6f:f2:dd:82:9d:42:7f:af:62:40: d3:fb:5a:d4:87:c7:2a:e6:b6:66:a7:b7:08:0a:00: 1f:1c:04:45:8f:e8:13:f3:43:4f:ed:14:7e:bb:92: d2:fb:53:65:dc:fb:a6:67:cb:5c:cf:97:5f:0d:e7: 4c:91:62:13:b9:4a:87:f5:d4:03:2d:3c:0d:89:41: 8b:b2:96:8f:95:e4:54:5b:f8:62:dd:21:3c:8a:4c: 74:02:80:c2:b8:fa:07:b1:14:51:db:5c:73:a4:9f: 30:41:c5:f4:52:2c:44:7c:cd:19:58:69:94:10:4e: 89:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:74:3A:62:D9:0B:14:8D:75:6D:CB:CF:C2:BA:13:14:B7:21:58:4F X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 8b:01:6c:c4:c8:94:26:3e:9d:97:99:a8:6c:29:8e:c4:98:89: 46:14:81:be:e2:f8:b1:21:c5:c0:d2:cf:54:fb:ba:1d:70:f7: 19:44:6b:7e:91:d1:b4:d1:4e:f8:05:6f:98:33:05:15:55:bc: db:39:ac:02:4d:db:7b:17:bb:6f:b6:e4:c9:0a:f8:a4:e5:6b: bb:5b:d7:98:3a:40:25:7f:19:fc:d6:5e:ce:06:b3:dc:b3:1a: 38:b3:ea:0f:c6:d6:b8:a4:ba:2f:da:10:90:5a:ec:2f:bb:0f: e6:d8:5d:fa:bf:16:96:48:4a:20:6b:fe:40:db:50:e1:2b:fe: 6a:3a:85:88:9f:b6:b0:05:31:3f:27:86:23:06:d1:3c:c8:fe: c3:45:7d:70:f8:5c:af:5e:01:6c:e2:7f:0e:36:f0:35:82:bc: c4:63:75:9c:a5:43:75:bf:c2:9e:84:72:9b:e5:39:e6:55:72: d4:3e:9c:8c:a7:69:40:c8:72:ff:db:78:0b:82:83:db:dd:bb: 8f:6f:60:17:e7:0e:66:39:6c:9f:36:b3:6f:6c:3d:e9:6e:03: 68:20:df:38:c6:0b:cd:cd:1a:8e:41:80:50:3d:60:d5:a5:22: 88:0a:b3:74:31:ff:8c:97:1b:f0:5f:fc:9d:6e:c5:1a:d6:02: 1c:4d:cd:7e -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUPMvJz6BAGI7Jdkkrho7wE5kdijEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUyNjE1MDAyNVoX DTI1MDYzMDIzNTk1OVowejFJMEcGA1UEBRNAMTg1YjhmZTkxODliMDNhNDNlMWEy NGFmMjAwOTA5NDBlMmIxOTg0ODQ4YTQ2NDI0M2ZhNGJhZGMxMDFmZDFiMDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Y92hOQBvmSH8U0VYb3YP8spc+ig 4mtFV5uaeysOFx13Oh53ohBGGoCu57b1a0VAkdKbCRNxiU5VjT/QZDwSsIAlCTBt PR6cYpqNXNtKQEzAKyOj9vihRAqKxzz5na5AAFaolBEKpXy0un5FiyeoPWdYubFX 3jjVJe85bX8GyHOp3Fb0hDSFt8FG5W/y3YKdQn+vYkDT+1rUh8cq5rZmp7cICgAf HARFj+gT80NP7RR+u5LS+1Nl3PumZ8tcz5dfDedMkWITuUqH9dQDLTwNiUGLspaP leRUW/hi3SE8ikx0AoDCuPoHsRRR21xzpJ8wQcX0UixEfM0ZWGmUEE6JOQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNt0OmLZCxSNdW3Lz8K6ExS3IVhPMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAiwFsxMiUJj6dl5mobCmO xJiJRhSBvuL4sSHFwNLPVPu6HXD3GURrfpHRtNFO+AVvmDMFFVW82zmsAk3bexe7 b7bkyQr4pOVru1vXmDpAJX8Z/NZezgaz3LMaOLPqD8bWuKS6L9oQkFrsL7sP5thd +r8WlkhKIGv+QNtQ4Sv+ajqFiJ+2sAUxPyeGIwbRPMj+w0V9cPhcr14BbOJ/Djbw NYK8xGN1nKVDdb/CnoRym+U55lVy1D6cjKdpQMhy/9t4C4KD2927j29gF+cOZjls nzazb2w96W4DaCDfOMYLzc0ajkGAUD1g1aUiiAqzdDH/jJcb8F/8nW7FGtYCHE3N fg== -----END CERTIFICATE-----Generated at Tue Jun 3 23:18:07 2025 by rpki-client