$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: Y3sZBlba7ZfdkYEtPZB029MWcLualK+7nmiFldcTk3s= Subject key identifier: 9F:B4:44:08:57:D0:0A:B1:01:32:D5:43:50:17:59:05:D0:4A:97:35 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 7501B516962193455BBF77701CEE5345FA3E8C1C Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Sat 14 Jun 2025 00:00:03 +0000 ROA not before: Sat 14 Jun 2025 00:00:03 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:01:b5:16:96:21:93:45:5b:bf:77:70:1c:ee:53:45:fa:3e:8c:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 14 00:00:03 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=549bd92c05d27ef5fc8835400fdde26e452f1c1997639b162219e20179caecfe, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:46:fa:e6:c5:a7:e8:91:12:7b:3c:81:f4:54: bc:82:c5:e8:b1:29:52:80:6a:7f:b0:81:f3:2b:11: e2:58:1a:a6:60:aa:32:da:5a:8c:80:c2:b2:de:70: 4d:8a:42:e4:65:87:b7:6d:04:80:06:50:fd:e3:12: 75:b7:80:93:d8:c8:1d:de:c1:26:a6:69:98:dc:a7: 4f:1f:7b:bf:a3:ea:5a:3b:18:28:46:c2:24:55:10: 0d:07:d6:dc:a3:b6:8e:f9:83:ef:d7:d3:79:d5:7a: fd:1e:72:e7:23:e4:9c:b0:52:eb:ff:af:50:73:77: 4f:61:de:0f:55:59:d0:ad:9e:b3:80:22:18:8c:28: 9e:45:57:0c:22:a3:ce:b0:63:d3:17:67:1c:bf:d2: 6a:ee:10:a2:9b:c1:3b:76:17:a8:3e:f7:dc:df:de: 49:e3:8f:73:18:b2:86:24:f5:1d:a2:ab:c7:f6:13: ab:ab:fa:ab:cd:46:ff:50:6b:32:29:e5:67:64:15: 67:2c:1e:a4:e1:7b:23:db:9c:63:7f:15:d4:b5:64: ba:d9:ad:ca:78:2f:3e:38:de:9d:2f:39:22:7d:3f: 5c:2a:17:08:1b:ec:96:cb:51:e9:6b:a9:dd:ab:a7: 54:d6:76:cf:7d:b8:5e:78:71:e3:7b:3c:2e:0b:50: 2c:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:B4:44:08:57:D0:0A:B1:01:32:D5:43:50:17:59:05:D0:4A:97:35 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption ad:f5:81:7e:bb:e4:83:4a:32:70:06:d9:65:4e:d4:73:ff:a3: 22:1d:c4:46:c8:43:1a:cf:3b:94:e0:57:9c:b8:c7:82:a0:a9: 96:60:3f:f8:4b:68:13:95:a3:c7:04:87:e6:8f:9d:6e:85:3c: 41:58:e0:61:a4:8e:3e:60:56:1e:6a:c1:5b:0c:ea:9b:be:80: 98:0f:0c:a0:ab:aa:07:16:b1:9b:2d:21:01:bd:81:31:07:89: 99:52:9d:3c:f0:3f:15:c4:81:3e:fd:fd:44:3a:ef:6e:07:40: 20:ad:44:df:3c:2a:e2:80:ed:2a:b9:2d:3e:b6:6d:21:81:72: e5:d7:d4:16:0b:51:0e:7f:84:e5:02:3c:12:2a:61:a5:74:be: 36:79:09:63:05:63:a7:d9:62:dc:7d:5b:30:1e:ff:83:f8:c8: 24:58:58:b4:f2:25:ba:86:50:a0:be:1c:97:53:77:07:63:bd: 08:b3:86:a5:87:ec:ee:3d:f1:41:40:64:29:3f:9a:5c:a9:ca: bf:20:35:ff:fa:8a:b3:0a:6e:91:ef:17:e5:a2:4d:39:2f:02: 51:92:76:41:7b:80:84:ca:c0:bc:e8:0d:df:65:cf:d5:1e:a8: a8:4a:39:a8:f5:14:3d:aa:85:42:56:d9:60:32:6c:36:de:2b: 6a:7f:2e:73 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUdQG1FpYhk0Vbv3dwHO5TRfo+jBwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYxNDAwMDAwM1oX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNANTQ5YmQ5MmMwNWQyN2VmNWZjODgz NTQwMGZkZGUyNmU0NTJmMWMxOTk3NjM5YjE2MjIxOWUyMDE3OWNhZWNmZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUb65sWn6JESezyB9FS8gsXosSlS gGp/sIHzKxHiWBqmYKoy2lqMgMKy3nBNikLkZYe3bQSABlD94xJ1t4CT2Mgd3sEm pmmY3KdPH3u/o+paOxgoRsIkVRANB9bco7aO+YPv19N51Xr9HnLnI+ScsFLr/69Q c3dPYd4PVVnQrZ6zgCIYjCieRVcMIqPOsGPTF2ccv9Jq7hCim8E7dheoPvfc395J 449zGLKGJPUdoqvH9hOrq/qrzUb/UGsyKeVnZBVnLB6k4Xsj25xjfxXUtWS62a3K eC8+ON6dLzkifT9cKhcIG+yWy1Hpa6ndq6dU1nbPfbheeHHjezwuC1AsxQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFJ+0RAhX0AqxATLVQ1AXWQXQSpc1MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEArfWBfrvkg0oycAbZZU7U c/+jIh3ERshDGs87lOBXnLjHgqCplmA/+EtoE5WjxwSH5o+dboU8QVjgYaSOPmBW HmrBWwzqm76AmA8MoKuqBxaxmy0hAb2BMQeJmVKdPPA/FcSBPv39RDrvbgdAIK1E 3zwq4oDtKrktPrZtIYFy5dfUFgtRDn+E5QI8EiphpXS+NnkJYwVjp9li3H1bMB7/ g/jIJFhYtPIluoZQoL4cl1N3B2O9CLOGpYfs7j3xQUBkKT+aXKnKvyA1//qKswpu ke8X5aJNOS8CUZJ2QXuAhMrAvOgN32XP1R6oqEo5qPUUPaqFQlbZYDJsNt4ran8u cw== -----END CERTIFICATE-----Generated at Sat Jun 14 06:12:57 2025 by rpki-client