$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa File: 7b26d410-17d7-4310-bb58-41c465f8eef2.roa (raw, json) Hash identifier: qXuqHaKtRUUeFQc9s8xALzADcTg4Qo8MEd3gBv2XJyo= Subject key identifier: D8:D6:2A:90:72:FF:89:60:EE:6F:D6:2D:FA:7B:91:FD:D1:06:CB:A2 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 57E96348141780660BB3A8F972ACAC3C2FAACC0D Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa Signing time: Wed 23 Apr 2025 00:00:12 +0000 ROA not before: Wed 23 Apr 2025 00:00:12 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.148.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:e9:63:48:14:17:80:66:0b:b3:a8:f9:72:ac:ac:3c:2f:aa:cc:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 23 00:00:12 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=02fc92e10ffb6de916342585090fbd6442e3fb360c35f9d59bfbd5e0ea416c1e, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:36:16:7b:d0:7a:28:f6:b8:dc:fa:9d:c3:fd: 07:90:20:eb:ee:3c:05:db:b4:cd:29:17:09:62:8e: 7b:fa:bd:8d:17:69:91:08:e5:0b:5c:c6:32:93:d5: 17:8f:54:66:74:60:01:85:ba:73:0d:84:67:1c:44: 70:ec:59:9d:df:02:5d:b9:7d:47:c2:4e:94:d3:4a: 78:52:b4:6a:b3:26:fa:62:0e:6d:05:7a:04:1a:eb: db:59:1c:d6:98:aa:05:03:4f:cd:89:56:4d:81:07: 0c:99:21:39:7c:1a:74:a7:a5:46:08:11:f4:cd:df: 72:4e:2c:1f:79:c8:59:4f:b3:7b:21:69:e8:57:e8: 09:55:4e:e3:7c:e3:57:36:05:84:f0:11:8c:eb:aa: a1:59:bb:6b:a8:c7:ca:61:59:e9:28:3c:36:79:d6: 9f:97:c7:8b:74:c0:40:db:e4:59:b8:83:cd:27:d4: cd:e2:79:85:7d:16:b1:73:7a:c6:03:de:7c:be:7d: 6e:14:4a:f7:70:eb:90:f2:0f:94:d0:1f:99:01:b6: 50:ed:35:da:f1:7e:46:a9:75:4b:7f:79:3e:b1:5a: b8:05:30:08:96:ec:a2:81:17:c7:64:cb:2d:59:04: 8a:25:ad:ed:45:00:c0:6f:96:72:bd:01:70:f6:63: 24:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:D6:2A:90:72:FF:89:60:EE:6F:D6:2D:FA:7B:91:FD:D1:06:CB:A2 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.148.0/23 Signature Algorithm: sha256WithRSAEncryption 74:f1:36:f3:e7:14:9a:9d:18:22:fd:c5:e4:8f:63:b9:8b:a1: 8c:ef:fb:6a:9d:dd:59:b9:d6:65:dd:6f:f1:f4:ce:d6:a2:1f: 37:01:c0:35:65:5b:20:73:9a:0f:53:9b:38:22:bc:2a:01:e0: 55:71:77:f0:60:cd:6c:20:db:f4:04:47:2c:2c:ec:90:5d:51: a7:f8:10:8e:90:b8:2f:95:fa:82:88:5d:dd:38:37:a8:c9:f4: 62:5e:21:78:b7:2f:a3:ae:e7:c8:14:b2:e5:11:c8:2c:7c:4b: 2a:6f:41:f8:03:6c:c9:d0:85:3f:af:e4:34:7c:eb:e2:e2:62: b9:e2:bf:9d:a1:c3:1a:25:fd:de:1e:2e:36:21:6a:75:96:23: 14:2a:85:2c:63:66:08:dd:9b:ce:d2:b3:14:f3:a5:ff:32:2f: f8:1b:8a:86:5b:15:9a:c3:1e:39:85:ac:6d:3a:6b:50:52:63: 6b:ff:73:4c:1e:43:5c:75:f1:01:9c:ea:85:0d:2b:e3:f0:f5: 34:54:b9:f8:0d:4a:eb:cd:81:64:c9:07:c5:1a:f7:d0:4e:e8: 81:87:29:55:cd:1c:d4:8a:7e:66:a9:63:99:40:a3:06:59:47: 61:9a:a6:65:c8:e7:b9:57:02:14:ce:96:1c:11:83:b7:57:6c: e3:6b:ae:b9 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUV+ljSBQXgGYLs6j5cqysPC+qzA0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyMzAwMDAxMloX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNAMDJmYzkyZTEwZmZiNmRlOTE2MzQy NTg1MDkwZmJkNjQ0MmUzZmIzNjBjMzVmOWQ1OWJmYmQ1ZTBlYTQxNmMxZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTYWe9B6KPa43Pqdw/0HkCDr7jwF 27TNKRcJYo57+r2NF2mRCOULXMYyk9UXj1RmdGABhbpzDYRnHERw7Fmd3wJduX1H wk6U00p4UrRqsyb6Yg5tBXoEGuvbWRzWmKoFA0/NiVZNgQcMmSE5fBp0p6VGCBH0 zd9yTiwfechZT7N7IWnoV+gJVU7jfONXNgWE8BGM66qhWbtrqMfKYVnpKDw2edaf l8eLdMBA2+RZuIPNJ9TN4nmFfRaxc3rGA958vn1uFEr3cOuQ8g+U0B+ZAbZQ7TXa 8X5GqXVLf3k+sVq4BTAIluyigRfHZMstWQSKJa3tRQDAb5ZyvQFw9mMkvwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNjWKpBy/4lg7m/WLfp7kf3RBsuiMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzdiMjZkNDEwLTE3ZDctNDMxMC1iYjU4LTQxYzQ2NWY4ZWVmMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrymUMA0GCSqGSIb3DQEBCwUAA4IBAQB08Tbz5xSanRgi/cXkj2O5 i6GM7/tqnd1ZudZl3W/x9M7Woh83AcA1ZVsgc5oPU5s4IrwqAeBVcXfwYM1sINv0 BEcsLOyQXVGn+BCOkLgvlfqCiF3dODeoyfRiXiF4ty+jrufIFLLlEcgsfEsqb0H4 A2zJ0IU/r+Q0fOvi4mK54r+docMaJf3eHi42IWp1liMUKoUsY2YI3ZvO0rMU86X/ Mi/4G4qGWxWawx45haxtOmtQUmNr/3NMHkNcdfEBnOqFDSvj8PU0VLn4DUrrzYFk yQfFGvfQTuiBhylVzRzUin5mqWOZQKMGWUdhmqZlyOe5VwIUzpYcEYO3V2zja665 -----END CERTIFICATE-----Generated at Sat Apr 26 16:05:12 2025 by rpki-client