$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa File: adf75e2e-9d2c-4718-a49d-ad44079b266b.roa (raw, json) Hash identifier: /n6+p2KVQLPE2UZnUwu6aVmCXgcE2rj3BCfaFG1jfoo= Subject key identifier: 14:30:4D:31:CD:66:73:85:DC:9E:B6:5D:70:50:BB:7B:7D:1B:09:DB Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 34E996D0F0A1C7079D322FCFA8B1153CF922CD80 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa Signing time: Wed 23 Apr 2025 00:00:16 +0000 ROA not before: Wed 23 Apr 2025 00:00:16 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:e9:96:d0:f0:a1:c7:07:9d:32:2f:cf:a8:b1:15:3c:f9:22:cd:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 23 00:00:16 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=7ad5967895fa5be50b2c10c356185473a8eb6db9597d56563f76ef443cd77e99, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c0:99:25:41:c9:54:cc:12:09:75:4b:6f:cd: 69:49:44:ad:c4:ed:4d:68:63:68:c4:96:c9:d5:06: c6:5c:a2:32:2f:97:6a:fa:e3:6a:98:70:5b:5a:d3: b7:b2:26:af:93:99:0e:2a:45:f4:0a:e2:af:dc:93: 1a:5d:b3:35:2d:13:60:b2:cb:6d:8e:56:f7:e0:09: da:ca:d8:86:d5:2e:6d:9b:f8:45:24:57:0d:dc:aa: ef:19:98:72:c5:f2:04:53:5d:1c:c7:e9:65:d7:70: 82:a7:ef:af:46:fd:d3:7e:37:48:ae:00:68:17:b7: 04:73:3e:38:b1:a9:36:6b:bb:a6:12:aa:fa:4b:7d: de:db:ed:d4:cc:bd:2e:c2:ac:6a:e1:ff:d8:12:3e: ae:d6:c0:8e:82:cc:0e:b2:87:74:cd:24:19:a5:30: 21:95:2a:31:76:93:96:a7:6f:bd:14:56:b6:7c:85: 5b:dc:8d:67:b4:10:42:f8:f5:38:4a:0d:91:d0:87: 38:c4:31:fa:ac:3a:53:a5:66:1a:16:8e:a3:3c:2e: 46:fb:be:3a:1f:dc:01:01:a8:56:a0:61:65:84:8d: 66:cd:9b:28:ef:a9:40:6c:df:78:e6:1d:91:9b:47: 52:74:ea:05:e8:40:b9:a8:12:b0:af:1c:47:fb:75: b8:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:30:4D:31:CD:66:73:85:DC:9E:B6:5D:70:50:BB:7B:7D:1B:09:DB X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.152.0/21 Signature Algorithm: sha256WithRSAEncryption 23:ba:21:bd:6b:fa:b7:ba:24:66:d0:5b:b9:01:52:c1:9e:81: 1f:ff:77:0a:d0:f1:a0:4d:8a:26:91:88:37:7e:de:6b:73:aa: f4:dc:51:57:75:2c:a6:3e:e8:b2:46:6c:16:9b:ba:7a:b2:b4: 00:8d:d6:4c:bc:bf:41:0d:33:71:7b:f1:a4:c2:dc:3c:0f:23: c0:3a:0e:37:9b:95:b6:b3:2e:79:a5:ca:98:67:f1:03:68:29: 22:38:c7:26:b9:4c:dd:25:80:90:6e:c9:98:6b:bd:63:af:13: be:31:4f:d9:13:2b:74:00:93:c6:a4:6c:ab:11:52:10:5d:a2: 7f:94:44:91:20:49:4e:3a:12:5f:2c:b4:c4:44:94:38:39:75: 29:ef:a7:89:e6:68:84:de:02:25:b9:eb:dc:98:1c:38:a6:88: bc:a9:dc:85:1a:19:51:48:92:87:93:bc:57:26:e6:73:63:f0: 63:9f:50:d2:3d:f2:0c:9a:08:81:a6:76:b1:91:43:24:0b:0f: ea:36:12:76:a2:6a:bf:98:d3:6f:9e:11:c9:f9:ca:76:dc:42: c6:6d:53:28:fe:f0:1a:5c:e3:6f:80:14:cb:04:47:25:be:ac: 08:0a:39:4d:61:22:8b:ba:97:a8:ad:bf:4d:9a:e9:17:e6:e9: 5b:5d:cc:33 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUNOmW0PChxwedMi/PqLEVPPkizYAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyMzAwMDAxNloX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNAN2FkNTk2Nzg5NWZhNWJlNTBiMmMx MGMzNTYxODU0NzNhOGViNmRiOTU5N2Q1NjU2M2Y3NmVmNDQzY2Q3N2U5OTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8CZJUHJVMwSCXVLb81pSUStxO1N aGNoxJbJ1QbGXKIyL5dq+uNqmHBbWtO3siavk5kOKkX0CuKv3JMaXbM1LRNgsstt jlb34AnaytiG1S5tm/hFJFcN3KrvGZhyxfIEU10cx+ll13CCp++vRv3TfjdIrgBo F7cEcz44sak2a7umEqr6S33e2+3UzL0uwqxq4f/YEj6u1sCOgswOsod0zSQZpTAh lSoxdpOWp2+9FFa2fIVb3I1ntBBC+PU4Sg2R0Ic4xDH6rDpTpWYaFo6jPC5G+746 H9wBAahWoGFlhI1mzZso76lAbN945h2Rm0dSdOoF6EC5qBKwrxxH+3W4gwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBQwTTHNZnOF3J62XXBQu3t9GwnbMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2FkZjc1ZTJlLTlkMmMtNDcxOC1hNDlkLWFkNDQwNzliMjY2Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymYMA0GCSqGSIb3DQEBCwUAA4IBAQAjuiG9a/q3uiRm0Fu5AVLB noEf/3cK0PGgTYomkYg3ft5rc6r03FFXdSymPuiyRmwWm7p6srQAjdZMvL9BDTNx e/Gkwtw8DyPAOg43m5W2sy55pcqYZ/EDaCkiOMcmuUzdJYCQbsmYa71jrxO+MU/Z Eyt0AJPGpGyrEVIQXaJ/lESRIElOOhJfLLTERJQ4OXUp76eJ5miE3gIluevcmBw4 poi8qdyFGhlRSJKHk7xXJuZzY/Bjn1DSPfIMmgiBpnaxkUMkCw/qNhJ2omq/mNNv nhHJ+cp23ELGbVMo/vAaXONvgBTLBEclvqwICjlNYSKLupeorb9NmukX5ulbXcwz -----END CERTIFICATE-----Generated at Sat Apr 26 18:29:56 2025 by rpki-client