$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa File: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (raw, json) Hash identifier: yjfecjTMOvWeK4VS4FSgCe8wrraaf1T4Q5Xuf33QGlA= Subject key identifier: 13:6A:39:29:18:1E:83:EA:C8:C8:6C:74:81:48:F3:AD:C5:4B:C6:14 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 671F2FCBD33D8FADAA325C0BF3C277BDAA359DF9 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa Signing time: Fri 25 Apr 2025 00:00:06 +0000 ROA not before: Fri 25 Apr 2025 00:00:06 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:1f:2f:cb:d3:3d:8f:ad:aa:32:5c:0b:f3:c2:77:bd:aa:35:9d:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 25 00:00:06 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=9f2fac40e8dc5df788a89f4bc843c1f0c2b8e71a6cf38ea1cb27375d29bb2438, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4b:c4:3a:38:b3:45:f2:81:e5:9a:13:c1:fd: 9d:0a:6a:8a:d3:b1:58:85:eb:cb:b9:38:ee:0d:6a: 26:2e:f6:d7:29:6e:2a:1f:ea:43:9b:01:64:5f:c3: d6:be:4a:46:97:c0:e3:7a:20:5f:3d:f0:0f:b2:5b: 04:a0:55:c8:a3:ce:c6:04:c4:af:52:32:81:e7:bc: 4c:34:9a:4d:d7:d8:66:da:1f:7c:4a:8a:27:32:4f: 13:c6:97:44:8f:10:ed:0a:8c:9b:b5:7a:de:2a:d7: 29:02:4b:8c:13:c9:ae:94:f9:5d:f7:75:aa:8f:eb: 72:31:2e:5c:09:3c:8d:46:15:10:11:b2:09:ba:e7: b3:3b:b0:23:92:d5:e5:a5:51:d6:b9:37:09:ea:14: 26:ca:73:73:5c:29:e8:35:e2:f3:cd:3e:45:91:88: af:83:2b:2d:bb:6f:8d:85:b9:70:84:da:ca:db:d6: 4d:5f:a8:30:86:82:94:74:f9:02:dd:1f:23:fb:cf: 1a:63:6c:99:14:27:7f:92:c2:b1:f1:9b:0a:3e:3d: 27:a4:c9:96:c3:b6:17:af:2c:da:85:7b:d9:08:33: 7f:d4:51:10:a3:68:60:09:42:1c:7c:75:40:63:65: 3e:1f:4c:67:06:6d:38:73:cf:4d:ac:7a:cc:b6:b6: 80:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:6A:39:29:18:1E:83:EA:C8:C8:6C:74:81:48:F3:AD:C5:4B:C6:14 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/48 Signature Algorithm: sha256WithRSAEncryption 3f:36:73:f4:1d:2d:83:9b:ef:ec:f5:c9:a5:17:34:3e:38:83: a3:20:d3:c6:23:7b:6a:4c:5e:3e:2b:5f:95:9a:ae:92:43:2e: 0a:3d:54:b9:fd:15:07:d6:1a:db:c8:ce:2c:c4:a3:95:a1:b3: ff:5d:49:eb:b7:b7:0e:ab:8d:0f:e6:6d:5c:de:3d:54:5b:99: d1:70:50:13:fe:34:48:92:ea:39:ce:39:f3:5a:68:4b:02:18: d3:e1:f3:73:4d:8a:68:76:de:e5:3b:14:a8:82:05:eb:3f:77: 4a:2c:1c:4d:9d:d8:b9:3f:dd:c4:79:43:db:b7:a8:e4:18:4d: 55:d0:a9:90:51:b4:7e:b1:7a:90:5a:a3:aa:4a:14:8f:2d:ec: 55:87:81:0c:5d:e8:ba:11:36:cc:aa:30:53:e7:a4:0d:2b:ae: c7:67:18:be:80:32:21:f5:59:a9:8c:56:9c:36:fd:0d:a0:a4: b2:15:b3:7f:e9:da:70:b5:03:f2:06:f1:8d:f5:c7:38:86:f0: 4b:6c:01:88:75:7d:e3:95:4e:02:2a:6d:5a:6a:77:2e:ac:ec: 1f:89:08:5d:64:68:d8:1c:e5:ab:af:82:f6:5f:f6:8d:bc:c1: 1e:2a:8e:9d:43:12:21:66:d7:7f:46:81:95:48:bf:02:7e:85: 75:45:be:2a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZx8vy9M9j62qMlwL88J3vao1nfkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyNTAwMDAwNloX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAOWYyZmFjNDBlOGRjNWRmNzg4YTg5 ZjRiYzg0M2MxZjBjMmI4ZTcxYTZjZjM4ZWExY2IyNzM3NWQyOWJiMjQzODEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykvEOjizRfKB5ZoTwf2dCmqK07FY hevLuTjuDWomLvbXKW4qH+pDmwFkX8PWvkpGl8DjeiBfPfAPslsEoFXIo87GBMSv UjKB57xMNJpN19hm2h98SoonMk8TxpdEjxDtCoybtXreKtcpAkuME8mulPld93Wq j+tyMS5cCTyNRhUQEbIJuuezO7AjktXlpVHWuTcJ6hQmynNzXCnoNeLzzT5FkYiv gystu2+NhblwhNrK29ZNX6gwhoKUdPkC3R8j+88aY2yZFCd/ksKx8ZsKPj0npMmW w7YXryzahXvZCDN/1FEQo2hgCUIcfHVAY2U+H0xnBm04c89NrHrMtraApwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBNqOSkYHoPqyMhsdIFI863FS8YUMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzM2ODRlNTBjLWM1MGYtNGViYi1iMzI3LWUwNzU5MjQxMTk3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA/NnP0HS2Dm+/s9cml FzQ+OIOjINPGI3tqTF4+K1+Vmq6SQy4KPVS5/RUH1hrbyM4sxKOVobP/XUnrt7cO q40P5m1c3j1UW5nRcFAT/jRIkuo5zjnzWmhLAhjT4fNzTYpodt7lOxSoggXrP3dK LBxNndi5P93EeUPbt6jkGE1V0KmQUbR+sXqQWqOqShSPLexVh4EMXei6ETbMqjBT 56QNK67HZxi+gDIh9VmpjFacNv0NoKSyFbN/6dpwtQPyBvGN9cc4hvBLbAGIdX3j lU4CKm1aancurOwfiQhdZGjYHOWrr4L2X/aNvMEeKo6dQxIhZtd/RoGVSL8CfoV1 Rb4q -----END CERTIFICATE-----Generated at Sat Apr 26 18:03:57 2025 by rpki-client