$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json) Hash identifier: OsFdhR8ozEDg92BcCmN0sUHbhykDCRXRo+cAtTa1EkM= Subject key identifier: AB:A1:3B:30:89:87:23:05:EF:25:90:EA:80:85:62:39:C0:B3:DA:7D Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 3383BEBA332FECE4ACC4730963A3CB02A8AD2436 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa Signing time: Fri 25 Apr 2025 00:00:09 +0000 ROA not before: Fri 25 Apr 2025 00:00:09 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:83:be:ba:33:2f:ec:e4:ac:c4:73:09:63:a3:cb:02:a8:ad:24:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 25 00:00:09 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=31a22f93946fcd14439d3c46d64b215015a7dab92731a91e481ebb132746539e, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:34:24:0d:e3:9b:08:6d:a4:27:17:a1:c8:1d: f6:2f:d9:2c:4e:07:11:9a:b4:4a:de:c2:d9:32:ab: af:ec:fd:ac:72:f6:5c:51:79:bd:47:87:91:08:07: 2f:f4:b1:03:ff:28:25:01:5d:09:87:53:3e:5b:fb: 36:1e:2c:2a:85:02:c2:04:40:1c:9a:e6:71:a8:5f: 2d:8c:ee:c0:a8:02:a8:16:c7:02:34:b5:7d:cd:49: a6:be:91:47:02:21:ce:a3:57:70:b8:b0:23:c8:0a: ad:24:2d:51:99:6e:dd:67:f9:11:af:33:dc:99:dc: 6e:d5:5f:57:51:ea:8e:ac:9a:b2:56:cd:1c:06:79: f4:0d:28:f4:e7:6c:c0:2f:2a:57:79:e0:a8:2f:cd: 30:1a:ba:61:a5:29:3d:c1:30:93:71:ca:dc:cf:49: 08:3d:36:58:4f:b1:b2:3c:4d:d0:0b:29:39:84:9d: f9:c8:68:26:6b:60:bb:1b:0c:cf:4b:64:c7:b7:51: 9e:e4:07:7c:35:a5:24:15:79:02:ee:bb:44:d7:1a: 9e:0e:e7:35:61:45:3e:af:f2:93:3c:95:6b:9c:57: 12:78:88:36:ca:1d:82:e8:2f:d2:5a:68:a0:66:5b: d6:1f:6f:32:5a:b3:c6:cc:a1:3f:b1:1a:c6:f2:7b: c0:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:A1:3B:30:89:87:23:05:EF:25:90:EA:80:85:62:39:C0:B3:DA:7D X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:2000::/36 Signature Algorithm: sha256WithRSAEncryption d9:4c:cf:e3:f0:f3:43:58:b3:00:5d:42:f7:74:c5:b6:44:47: ec:6e:92:98:d3:f8:af:da:65:06:96:a5:71:82:80:8c:02:6d: 3a:fe:79:d0:4b:95:10:1f:dc:ee:c8:4b:7c:1d:ae:8e:c9:34: 44:ce:ac:2b:36:2f:94:27:56:93:de:a8:0b:1d:fa:f2:8b:5d: f1:05:87:06:5a:6c:04:42:65:b4:ea:e6:e0:50:05:3c:b2:30: ce:10:7b:e6:6c:97:11:9c:db:28:b6:7c:45:c0:4f:96:2f:2a: 90:f2:cc:cf:de:35:af:5b:a2:d3:9c:fe:14:eb:b6:92:21:44: 8c:f7:4c:48:c0:89:25:42:d7:7d:4f:90:0e:fd:88:ee:d6:b8: 15:2a:49:03:cd:72:10:d5:00:27:80:f5:c3:c8:19:8d:d6:39: c9:c1:17:4d:4c:e0:e6:64:4e:23:88:8d:29:fb:00:e2:c4:52: f9:9b:03:9c:31:25:fd:4c:b3:36:c2:55:e8:a9:ca:68:01:04: fb:e8:df:f3:60:f0:25:34:6a:a4:c4:c9:32:63:0a:b9:5e:39: 15:8f:e8:8a:52:a8:f0:8f:c6:1d:5b:ab:bf:d9:24:c1:2c:65: 4f:70:7b:f4:c1:4a:1d:5b:47:b0:63:45:cd:7f:37:0a:a7:f1: 26:0b:67:07 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM4O+ujMv7OSsxHMJY6PLAqitJDYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyNTAwMDAwOVoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMzFhMjJmOTM5NDZmY2QxNDQzOWQz YzQ2ZDY0YjIxNTAxNWE3ZGFiOTI3MzFhOTFlNDgxZWJiMTMyNzQ2NTM5ZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszQkDeObCG2kJxehyB32L9ksTgcR mrRK3sLZMquv7P2scvZcUXm9R4eRCAcv9LED/yglAV0Jh1M+W/s2HiwqhQLCBEAc muZxqF8tjO7AqAKoFscCNLV9zUmmvpFHAiHOo1dwuLAjyAqtJC1RmW7dZ/kRrzPc mdxu1V9XUeqOrJqyVs0cBnn0DSj052zALypXeeCoL80wGrphpSk9wTCTccrcz0kI PTZYT7GyPE3QCyk5hJ35yGgma2C7GwzPS2THt1Ge5Ad8NaUkFXkC7rtE1xqeDuc1 YUU+r/KTPJVrnFcSeIg2yh2C6C/SWmigZlvWH28yWrPGzKE/sRrG8nvAHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKuhOzCJhyMF7yWQ6oCFYjnAs9p9MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBANlMz+Pw80NYswBdQvd0 xbZER+xukpjT+K/aZQaWpXGCgIwCbTr+edBLlRAf3O7IS3wdro7JNETOrCs2L5Qn VpPeqAsd+vKLXfEFhwZabARCZbTq5uBQBTyyMM4Qe+ZslxGc2yi2fEXAT5YvKpDy zM/eNa9botOc/hTrtpIhRIz3TEjAiSVC131PkA79iO7WuBUqSQPNchDVACeA9cPI GY3WOcnBF01M4OZkTiOIjSn7AOLEUvmbA5wxJf1MszbCVeipymgBBPvo3/Ng8CU0 aqTEyTJjCrleORWP6IpSqPCPxh1bq7/ZJMEsZU9we/TBSh1bR7BjRc1/Nwqn8SYL Zwc= -----END CERTIFICATE-----Generated at Sat Apr 26 17:44:20 2025 by rpki-client