$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa File: 8c170584-7c9b-414b-8cba-a934a0a79bbe.roa (raw, json) Hash identifier: Jv5vlS1sStoe3nVb0ysi7t6dwAvnoWywgzpQm48Ba4g= Subject key identifier: AA:CC:65:97:D3:50:98:30:34:E8:F2:84:9B:AE:BA:88:91:F5:5A:16 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 453457429120E52AA0962E021F586EE8F5E6CDCE Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa Signing time: Fri 25 Apr 2025 00:00:08 +0000 ROA not before: Fri 25 Apr 2025 00:00:08 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:34:57:42:91:20:e5:2a:a0:96:2e:02:1f:58:6e:e8:f5:e6:cd:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 25 00:00:08 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=810e27c7401a208138cb44139c41ec57a9427011b2306790847e611c09b83aa1, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:20:dc:a4:a3:48:73:d4:4b:47:2c:15:a6:04: 6f:13:2c:7e:de:1b:45:b2:64:0c:68:ea:54:99:7a: 35:28:a3:f6:91:c9:f5:fe:67:77:8d:d3:ff:ee:79: 60:38:05:22:6a:32:ec:52:f0:bd:bd:ce:fc:2f:8a: 62:4d:e0:a0:45:c8:75:f1:4b:a7:76:b9:6d:26:bf: f1:13:df:62:7b:15:29:87:a0:28:33:c3:98:15:58: 11:8a:49:87:83:e6:65:2d:ca:38:7e:39:77:56:be: 63:84:c6:48:fe:78:31:83:7f:38:29:b2:88:d2:9f: 11:f6:70:75:9c:d7:da:2e:96:f4:96:02:48:42:d6: 8b:b3:c0:ba:92:a4:f8:be:c8:0e:46:f0:df:72:94: e4:37:4b:b2:30:95:0c:8f:b2:97:b4:d3:bc:0f:86: 7b:8e:a4:e5:52:0a:a2:6c:2c:94:02:c4:2f:c6:cf: e1:09:7f:fd:f6:37:43:9d:fb:ef:6c:c0:24:fc:90: ba:de:e0:3e:51:b0:e1:97:62:58:bc:47:35:09:4b: ed:98:24:32:be:6b:2c:9e:0d:bd:1a:cd:77:42:5e: b7:2b:ad:9f:70:60:1d:69:5b:47:50:78:03:a5:0b: fc:01:04:dd:ce:ae:11:19:fc:33:42:44:88:f4:b1: cd:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:CC:65:97:D3:50:98:30:34:E8:F2:84:9B:AE:BA:88:91:F5:5A:16 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:4000::/48 Signature Algorithm: sha256WithRSAEncryption 31:2d:79:a3:89:a5:a6:e2:31:aa:b3:2c:ee:d6:7b:b7:1f:6a: 87:c7:dc:29:ce:e3:22:58:22:4e:08:9e:64:2e:ee:f0:89:c1: 07:86:85:86:e3:2b:3a:f9:f0:7a:4b:1e:8a:76:d1:1b:be:a1: 90:3a:e9:11:5c:06:a3:90:c0:4a:ab:66:a8:5b:07:36:35:97: 1a:5e:f1:09:91:82:1f:2b:4d:07:c4:72:2e:31:8e:6f:ef:0b: b1:a7:d4:57:b3:56:9d:ef:aa:9f:c9:ac:56:16:5a:e0:f7:af: e3:38:29:d7:02:12:e1:c2:72:ce:a5:04:70:7f:23:69:54:23: 1e:d2:28:c4:b6:b7:09:b3:57:29:9e:06:f2:c5:28:df:6f:87: 92:09:c1:29:9a:4f:45:da:74:8e:ba:26:7c:ca:cc:58:99:fc: a3:df:b2:87:23:0d:fd:1e:2e:33:8f:de:e7:a6:1c:ce:33:85: 13:3c:6f:0c:15:9e:8b:4b:46:81:fe:8c:70:87:aa:58:f1:33: 47:15:47:8e:05:c0:ba:5b:77:18:e3:69:57:10:2c:d1:29:56: 1e:8c:ef:ba:a9:27:74:e5:5e:f1:9f:ca:67:a4:35:6f:79:25: 51:17:b0:29:f2:de:d7:0d:4f:3e:38:a8:7c:67:16:6c:e8:f8: 99:47:4d:00 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURTRXQpEg5Sqgli4CH1hu6PXmzc4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyNTAwMDAwOFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAODEwZTI3Yzc0MDFhMjA4MTM4Y2I0 NDEzOWM0MWVjNTdhOTQyNzAxMWIyMzA2NzkwODQ3ZTYxMWMwOWI4M2FhMTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCDcpKNIc9RLRywVpgRvEyx+3htF smQMaOpUmXo1KKP2kcn1/md3jdP/7nlgOAUiajLsUvC9vc78L4piTeCgRch18Uun drltJr/xE99iexUph6AoM8OYFVgRikmHg+ZlLco4fjl3Vr5jhMZI/ngxg384KbKI 0p8R9nB1nNfaLpb0lgJIQtaLs8C6kqT4vsgORvDfcpTkN0uyMJUMj7KXtNO8D4Z7 jqTlUgqibCyUAsQvxs/hCX/99jdDnfvvbMAk/JC63uA+UbDhl2JYvEc1CUvtmCQy vmssng29Gs13Ql63K62fcGAdaVtHUHgDpQv8AQTdzq4RGfwzQkSI9LHNJwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKrMZZfTUJgwNOjyhJuuuoiR9VoWMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzhjMTcwNTg0LTdjOWItNDE0Yi04Y2JhLWE5MzRhMGE3OWJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAEAAMA0GCSqGSIb3DQEBCwUAA4IBAQAxLXmjiaWm4jGqsyzu 1nu3H2qHx9wpzuMiWCJOCJ5kLu7wicEHhoWG4ys6+fB6Sx6KdtEbvqGQOukRXAaj kMBKq2aoWwc2NZcaXvEJkYIfK00HxHIuMY5v7wuxp9RXs1ad76qfyaxWFlrg96/j OCnXAhLhwnLOpQRwfyNpVCMe0ijEtrcJs1cpngbyxSjfb4eSCcEpmk9F2nSOuiZ8 ysxYmfyj37KHIw39Hi4zj97nphzOM4UTPG8MFZ6LS0aB/oxwh6pY8TNHFUeOBcC6 W3cY42lXECzRKVYejO+6qSd05V7xn8pnpDVveSVRF7Ap8t7XDU8+OKh8ZxZs6PiZ R00A -----END CERTIFICATE-----Generated at Sat Apr 26 16:10:54 2025 by rpki-client