$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa File: 9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa (raw, json) Hash identifier: jorKmjQGTLFrfGMvCHL7dpTuFYSLQ2ju9VOJeWwEeJU= Subject key identifier: 4D:8F:60:AB:57:FE:87:97:4C:97:72:E0:3F:A5:96:23:F3:79:A6:3A Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 761040271C46BC8127FE315BEDA99FE67EF44340 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa Signing time: Fri 13 Jun 2025 00:00:08 +0000 ROA not before: Fri 13 Jun 2025 00:00:08 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.128.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:10:40:27:1c:46:bc:81:27:fe:31:5b:ed:a9:9f:e6:7e:f4:43:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 13 00:00:08 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=60109e7f3a060cf53a17fde1262457127c97033ea84b85dce37309bf6678bb90, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:e6:00:28:60:33:04:19:f9:0e:90:9f:f5:30: 77:b0:fe:dc:ad:17:08:58:4e:d2:17:a1:5c:dc:b4: 0b:a2:c8:f0:71:06:f7:78:b9:46:60:a7:07:6a:03: ac:d9:a7:6b:0a:ee:cd:20:83:e7:a3:10:9a:b1:13: 64:ea:0f:1c:98:06:a9:2e:32:55:60:fc:d6:70:11: fa:72:14:b7:f7:a8:51:61:ce:83:28:3d:7e:d8:2d: a1:eb:a6:ee:a8:66:69:a1:3b:c5:51:1b:39:95:f5: 38:c1:0a:26:a3:e9:74:32:0c:90:bd:09:c1:fd:6b: e2:92:43:c8:5b:24:52:e7:e0:13:23:77:37:a5:4b: bf:b9:12:bb:1e:28:6d:24:1c:21:91:7f:b9:cc:23: 38:5c:c8:43:d2:2a:6b:7a:f3:fc:54:33:c4:d3:1e: 7c:78:ed:2d:e6:52:15:07:d4:7f:ed:bd:43:26:55: 7c:8a:63:fb:d2:f4:31:79:83:42:b8:a1:44:2f:95: 1d:d8:03:af:88:b1:b5:3a:1a:28:70:25:d9:98:6e: ce:84:db:68:a7:cb:51:cb:ee:79:8f:88:eb:8b:ea: f4:39:32:45:4c:7d:a3:84:31:2f:a1:8f:2d:07:2e: 78:c4:0f:aa:92:6b:c7:85:0e:59:4e:5d:16:f8:db: 5f:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:8F:60:AB:57:FE:87:97:4C:97:72:E0:3F:A5:96:23:F3:79:A6:3A X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.128.0/18 Signature Algorithm: sha256WithRSAEncryption c5:f3:d1:21:e3:3e:c1:0b:57:8b:59:f5:63:99:42:77:ad:4b: 61:92:20:43:3a:bc:da:82:73:f3:18:53:a3:1a:dd:bd:3c:36: 25:d0:f8:d9:7e:06:18:69:c5:1f:0e:44:84:d7:9a:0e:c7:d9: fb:7f:3c:5b:bc:21:03:cb:44:37:e7:07:f2:99:d1:3c:33:93: 50:0e:51:fd:8b:b6:98:b1:79:8b:bb:48:1b:29:18:4c:dc:79: a8:f2:09:b8:90:c6:ed:62:d0:08:54:c7:b5:5f:56:c1:c7:72: cf:b3:41:d9:89:95:3f:61:70:2f:63:20:b6:e8:4a:a6:34:75: 1f:ac:75:ff:60:20:f3:db:b4:a3:ec:e0:51:db:fb:87:77:85: e8:28:2b:44:9f:0c:74:6d:69:fb:3f:c8:71:b1:5e:76:27:e9: ba:d8:ee:97:9e:11:3b:ff:1f:68:a0:82:8a:7a:07:6b:30:64: 0f:b1:41:1b:6e:90:ff:70:df:27:9e:66:9a:ab:a0:97:a8:61: ef:21:d7:db:33:85:2a:21:7e:ff:cd:9a:23:a7:36:2f:2e:f2: 93:01:5a:30:1d:cd:dd:c5:46:85:2b:d6:26:dc:9f:be:a3:cd: 38:1a:f8:39:0c:54:b9:81:83:c0:ae:45:21:91:8c:2f:96:48: 93:39:56:7e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUdhBAJxxGvIEn/jFb7amf5n70Q0AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYxMzAwMDAwOFoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNANjAxMDllN2YzYTA2MGNmNTNhMTdm ZGUxMjYyNDU3MTI3Yzk3MDMzZWE4NGI4NWRjZTM3MzA5YmY2Njc4YmI5MDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+YAKGAzBBn5DpCf9TB3sP7crRcI WE7SF6Fc3LQLosjwcQb3eLlGYKcHagOs2adrCu7NIIPnoxCasRNk6g8cmAapLjJV YPzWcBH6chS396hRYc6DKD1+2C2h66buqGZpoTvFURs5lfU4wQomo+l0MgyQvQnB /WvikkPIWyRS5+ATI3c3pUu/uRK7HihtJBwhkX+5zCM4XMhD0iprevP8VDPE0x58 eO0t5lIVB9R/7b1DJlV8imP70vQxeYNCuKFEL5Ud2AOviLG1OhoocCXZmG7OhNto p8tRy+55j4jri+r0OTJFTH2jhDEvoY8tBy54xA+qkmvHhQ5ZTl0W+NtfiwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFE2PYKtX/oeXTJdy4D+lliPzeaY6MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzllMzdmODU1LTQ4YmYtNDIwYS1hODZjLTVlZWI0ZmMxZjc5MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGrymAMA0GCSqGSIb3DQEBCwUAA4IBAQDF89Eh4z7BC1eLWfVjmUJ3 rUthkiBDOrzagnPzGFOjGt29PDYl0PjZfgYYacUfDkSE15oOx9n7fzxbvCEDy0Q3 5wfymdE8M5NQDlH9i7aYsXmLu0gbKRhM3Hmo8gm4kMbtYtAIVMe1X1bBx3LPs0HZ iZU/YXAvYyC26EqmNHUfrHX/YCDz27Sj7OBR2/uHd4XoKCtEnwx0bWn7P8hxsV52 J+m62O6XnhE7/x9ooIKKegdrMGQPsUEbbpD/cN8nnmaaq6CXqGHvIdfbM4UqIX7/ zZojpzYvLvKTAVowHc3dxUaFK9Ym3J++o804Gvg5DFS5gYPArkUhkYwvlkiTOVZ+ -----END CERTIFICATE-----Generated at Sat Jun 14 06:12:59 2025 by rpki-client