$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa File: fcd6adab-06f0-4676-9568-6d4d48f7658c.roa (raw, json) Hash identifier: xekL1NV9PKrzb5fwnIGL/JmsNISyk45D4P8uGpfbc0c= Subject key identifier: 20:24:CB:EF:62:29:A5:01:61:AD:50:5C:66:E5:C4:31:4A:23:3A:EE Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4915085D1DFE4D91555D7A94999C856243F1C0C5 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa Signing time: Tue 11 Mar 2025 00:00:03 +0000 ROA not before: Tue 11 Mar 2025 00:00:03 +0000 ROA not after: Tue 15 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 17 Mar 2025 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:15:08:5d:1d:fe:4d:91:55:5d:7a:94:99:9c:85:62:43:f1:c0:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001 Validity Not Before: Mar 11 00:00:03 2025 GMT Not After : Apr 15 23:59:59 2025 GMT Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:3c:65:c6:ea:11:91:15:7a:c1:e7:32:d7:b9: 0d:a7:f2:d9:fd:63:70:53:e5:ee:b8:a4:48:ed:0d: 68:23:11:31:37:eb:2f:95:ac:8a:49:e9:bb:df:dd: c7:78:28:2a:ee:76:b0:95:2f:26:74:0d:98:d9:41: 23:44:6f:b3:0c:84:9f:70:40:01:a8:e2:e3:57:77: fd:72:7a:8c:6d:6f:30:c6:0c:7d:51:de:3b:b7:78: e7:c4:f5:6c:0d:04:4b:e2:78:a3:60:7e:50:36:18: d6:52:2a:a4:9a:18:89:65:d1:8c:89:14:19:74:8f: af:41:dc:64:00:00:f6:4e:0a:50:b1:3b:85:58:8d: 5d:b8:82:3d:fc:3f:45:12:1e:0b:a3:f5:40:3a:09: 51:83:01:13:6b:5b:c2:0f:41:7c:6c:2b:d0:29:ac: 93:8b:9f:96:b0:53:ea:15:5d:b3:da:86:5e:22:9c: 4a:91:71:c9:a1:81:42:ed:7e:5b:ac:6e:e8:8d:f5: 39:51:9e:69:f7:03:7f:b3:39:0c:85:0f:a8:60:84: 80:15:c3:25:9d:a9:53:0b:98:cc:6f:2b:79:d9:b5: ce:84:52:8b:40:a3:d5:d4:6f:c5:52:86:11:f4:45: c3:ae:24:1e:a8:be:86:b2:2a:af:0a:27:c3:c6:b3: 15:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:24:CB:EF:62:29:A5:01:61:AD:50:5C:66:E5:C4:31:4A:23:3A:EE X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/fcd6adab-06f0-4676-9568-6d4d48f7658c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 52:4b:6c:be:10:0f:1e:ab:b4:2e:b5:79:e0:64:ed:f0:f3:83: 10:a3:14:f9:38:6e:ed:5f:5e:7a:46:25:8f:bc:ef:62:4c:37: e3:eb:ce:1f:a6:b8:05:78:06:8a:c2:b2:f6:cb:68:0e:a5:f8: 20:0c:dc:27:1f:28:e2:d0:9c:0e:4c:07:ac:23:be:63:4c:48: 5c:54:4f:e1:53:24:5e:b8:44:65:8d:03:39:c7:3d:dc:80:c7: 49:f2:6b:ed:2c:85:b2:60:1a:75:06:e3:5e:ad:07:2e:96:c9: fd:58:c0:4d:a1:a0:06:33:f0:e1:f0:02:ae:22:34:37:07:db: 63:54:97:4d:e5:e5:57:f3:10:c0:42:24:0e:ca:e6:7f:ab:92: 38:3e:10:a0:ff:1a:ec:22:36:3b:ef:fb:7c:2b:43:ee:cd:45: 30:89:8f:2e:20:9c:f4:13:df:e6:0a:92:94:56:a4:6a:5e:de: 9d:d0:4c:b1:f4:41:ae:5f:2f:bb:69:f0:79:96:05:70:0b:39: 6c:30:df:b2:fa:2b:8a:b0:1b:36:38:45:c4:24:db:7e:7a:73: 15:27:50:61:85:88:cb:d3:54:1f:9c:64:22:d7:92:60:74:1a: ec:d1:36:b4:89:6f:ac:1d:49:b7:1d:bc:50:ec:c5:40:7a:d9: 95:8b:92:9b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSRUIXR3+TZFVXXqUmZyFYkPxwMUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMxMTAwMDAwM1oX DTI1MDQxNTIzNTk1OVowejFJMEcGA1UEBRNAZGU5NDU1NDY0YTc3ZjM3YWE2NDhj OWNlYjAzNmI4MTc5NzE0N2Q5ZmYzZGVhZGNiN2MwMTQ5NGI3OWJmYTI2NDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9DxlxuoRkRV6wecy17kNp/LZ/WNw U+XuuKRI7Q1oIxExN+svlayKSem7393HeCgq7nawlS8mdA2Y2UEjRG+zDISfcEAB qOLjV3f9cnqMbW8wxgx9Ud47t3jnxPVsDQRL4nijYH5QNhjWUiqkmhiJZdGMiRQZ dI+vQdxkAAD2TgpQsTuFWI1duII9/D9FEh4Lo/VAOglRgwETa1vCD0F8bCvQKayT i5+WsFPqFV2z2oZeIpxKkXHJoYFC7X5brG7ojfU5UZ5p9wN/szkMhQ+oYISAFcMl nalTC5jMbyt52bXOhFKLQKPV1G/FUoYR9EXDriQeqL6GsiqvCifDxrMVFwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCAky+9iKaUBYa1QXGblxDFKIzruMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2ZjZDZhZGFiLTA2ZjAtNDY3Ni05NTY4LTZkNGQ0OGY3NjU4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQBSS2y+EA8eq7QutXng ZO3w84MQoxT5OG7tX156RiWPvO9iTDfj684fprgFeAaKwrL2y2gOpfggDNwnHyji 0JwOTAesI75jTEhcVE/hUyReuERljQM5xz3cgMdJ8mvtLIWyYBp1BuNerQculsn9 WMBNoaAGM/Dh8AKuIjQ3B9tjVJdN5eVX8xDAQiQOyuZ/q5I4PhCg/xrsIjY77/t8 K0PuzUUwiY8uIJz0E9/mCpKUVqRqXt6d0Eyx9EGuXy+7afB5lgVwCzlsMN+y+iuK sBs2OEXEJNt+enMVJ1BhhYjL01QfnGQi15JgdBrs0Ta0iW+sHUm3HbxQ7MVAetmV i5Kb -----END CERTIFICATE-----Generated at Thu Mar 13 23:25:36 2025 by rpki-client