$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa File: b3ba338e-4843-454b-abe5-65f09756225a.roa (raw, json) Hash identifier: 5+kWv1hgs9HIdHO4S88MYMRpQXhk0/VPd9Pv0w8buIo= Subject key identifier: 91:74:19:02:2D:51:3D:79:B1:26:5E:D8:16:FB:14:48:65:77:0E:B7 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 1918CAE20F95B19B17C1352A30B61C532DE3E5E2 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa Signing time: Mon 19 May 2025 15:00:03 +0000 ROA not before: Mon 19 May 2025 15:00:03 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:18:ca:e2:0f:95:b1:9b:17:c1:35:2a:30:b6:1c:53:2d:e3:e5:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 19 15:00:03 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=ee39a77461ad1cc3930c1f2c49ae8193454d6f13ba5bf7edc34de56785e618bf, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:3e:fa:86:58:4c:40:b7:de:3a:80:ff:fc:2f: 1e:53:81:65:4e:db:76:2c:11:6c:2c:99:e3:3f:40: c7:71:22:b3:1b:c7:1c:2a:a8:a6:d0:9d:13:21:37: 67:4f:b5:9d:01:8a:68:c5:e8:96:5f:68:36:be:29: f7:f3:37:60:35:ee:bc:a6:56:56:88:5a:5a:8d:f9: 67:97:ac:b2:49:ed:cc:96:db:df:5c:7a:fc:cf:dc: df:16:80:72:37:c6:d7:88:42:92:47:f3:e6:5e:4c: 87:9c:fc:b2:4e:d6:57:0b:be:8a:04:c8:41:49:2a: 61:81:37:27:f5:22:0f:38:96:f1:09:98:7d:e9:11: 2a:34:7b:ac:23:7f:ec:cd:da:2b:c4:9c:30:4d:85: 60:2b:3b:cd:2d:0d:dc:5b:16:aa:97:a1:cd:00:f3: 4b:f0:4e:f4:d0:bc:75:c6:ba:18:7a:49:3b:4b:cf: 99:c0:2d:16:57:5e:a4:43:55:00:0d:a0:6b:4e:67: e3:f6:a0:39:43:64:97:c6:ff:af:65:29:2a:74:72: 3c:48:72:77:70:d0:f1:67:53:2f:1d:1f:3d:da:51: ee:15:8b:20:9b:7f:e2:f7:30:aa:01:a4:ad:5f:7c: 29:45:70:c0:b3:9a:da:79:2f:3d:fd:bc:16:33:06: db:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:74:19:02:2D:51:3D:79:B1:26:5E:D8:16:FB:14:48:65:77:0E:B7 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.192.0/24 Signature Algorithm: sha256WithRSAEncryption 71:e4:8a:eb:bd:80:64:22:a3:ff:34:49:96:fa:99:71:ea:d1: 38:cd:55:0e:aa:aa:18:48:27:6f:4f:3b:e9:38:67:53:9b:0f: 2d:0c:0c:cf:e6:9d:02:78:17:52:d5:f5:62:01:cb:af:d8:ce: 12:58:48:ee:37:18:39:ef:a3:ea:82:a7:7c:21:1e:85:cc:7b: 83:d6:c9:6c:a7:ff:29:ee:e4:bd:d6:e0:c0:e8:16:aa:63:22: a6:8a:76:f1:c5:37:d5:ba:f1:40:6f:41:27:4b:3c:53:6a:ab: c6:43:3e:9b:aa:47:3d:0b:6a:e6:4f:04:ba:ac:c6:20:23:a2: e5:ac:0b:f2:c7:20:89:35:f0:3e:47:f3:15:1e:37:e4:9c:a4: cc:5f:23:dc:08:7f:a2:ed:4d:34:54:74:24:d3:37:d4:85:9d: 7f:41:b5:14:0e:12:97:56:f0:d1:32:fe:c1:5f:18:f0:c9:8a: fe:da:80:75:87:1e:02:e6:a3:55:f3:e1:c5:06:fa:37:b2:5a: e2:f3:eb:b7:a3:e7:13:62:6b:0a:0b:4c:24:8f:8d:38:06:75: 0a:eb:6d:a8:f6:f4:09:d0:25:6b:45:90:5c:df:4b:dd:e7:e5: 2f:3b:0c:3b:12:38:27:ab:50:d2:d0:a2:16:46:ae:55:8a:8f: 99:16:f9:b2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGRjK4g+VsZsXwTUqMLYcUy3j5eIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUxOTE1MDAwM1oX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAZWUzOWE3NzQ2MWFkMWNjMzkzMGMx ZjJjNDlhZTgxOTM0NTRkNmYxM2JhNWJmN2VkYzM0ZGU1Njc4NWU2MThiZjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT76hlhMQLfeOoD//C8eU4FlTtt2 LBFsLJnjP0DHcSKzG8ccKqim0J0TITdnT7WdAYpoxeiWX2g2vin38zdgNe68plZW iFpajflnl6yySe3MltvfXHr8z9zfFoByN8bXiEKSR/PmXkyHnPyyTtZXC76KBMhB SSphgTcn9SIPOJbxCZh96REqNHusI3/szdorxJwwTYVgKzvNLQ3cWxaql6HNAPNL 8E700Lx1xroYekk7S8+ZwC0WV16kQ1UADaBrTmfj9qA5Q2SXxv+vZSkqdHI8SHJ3 cNDxZ1MvHR892lHuFYsgm3/i9zCqAaStX3wpRXDAs5raeS89/bwWMwbbNwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJF0GQItUT15sSZe2Bb7FEhldw63MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2IzYmEzMzhlLTQ4NDMtNDU0Yi1hYmU1LTY1ZjA5NzU2MjI1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynAMA0GCSqGSIb3DQEBCwUAA4IBAQBx5IrrvYBkIqP/NEmW+plx 6tE4zVUOqqoYSCdvTzvpOGdTmw8tDAzP5p0CeBdS1fViAcuv2M4SWEjuNxg576Pq gqd8IR6FzHuD1slsp/8p7uS91uDA6BaqYyKminbxxTfVuvFAb0EnSzxTaqvGQz6b qkc9C2rmTwS6rMYgI6LlrAvyxyCJNfA+R/MVHjfknKTMXyPcCH+i7U00VHQk0zfU hZ1/QbUUDhKXVvDRMv7BXxjwyYr+2oB1hx4C5qNV8+HFBvo3slri8+u3o+cTYmsK C0wkj404BnUK622o9vQJ0CVrRZBc30vd5+UvOww7Ejgnq1DS0KIWRq5Vio+ZFvmy -----END CERTIFICATE-----Generated at Mon Jun 2 04:48:59 2025 by rpki-client