$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: 1x0jErM2uBXVEov0ekXqV5WAL4hpjzMJhlewyg2HoTY= Subject key identifier: 11:1A:33:F8:DA:F3:E8:B3:81:8E:D7:30:FB:9E:CC:9B:E0:65:68:AF Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 55181AD8D320AEEB88C636287FFD7EC74475F451 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Fri 25 Apr 2025 00:00:07 +0000 ROA not before: Fri 25 Apr 2025 00:00:07 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:18:1a:d8:d3:20:ae:eb:88:c6:36:28:7f:fd:7e:c7:44:75:f4:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 25 00:00:07 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=13e555fd87ac2628ab4a55f1a1ba639c70ced4e7c81d2a8bb08876cb03d73936, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:07:07:5b:a9:d1:42:69:46:a3:ab:18:68:71: 61:30:00:77:a5:32:5b:9f:e2:8a:16:c4:89:83:04: 5e:0b:1d:96:de:1d:27:47:6d:55:1e:a3:20:64:16: 64:7f:09:39:b3:bd:53:9c:40:39:fa:78:06:8c:c0: 94:a4:8d:87:85:63:07:a9:e8:5b:48:6b:95:9a:80: 0b:36:5e:11:73:b8:55:57:6e:12:c2:96:35:12:c3: e1:18:04:78:a7:09:2c:5b:73:24:8e:b9:2d:6c:20: c4:8f:05:ef:48:8e:3c:4a:b0:fc:4f:b9:ee:b0:bb: 07:ef:c5:d1:cf:11:82:80:4a:af:1b:ea:56:e9:4a: 2c:8f:d7:f5:cf:c9:86:24:0d:41:d6:04:05:b3:7c: 69:61:6c:58:27:91:f9:06:04:33:50:bc:53:38:e2: a5:52:da:40:4e:f4:ff:01:4e:cb:b8:f9:a0:5e:e7: a7:3d:75:c8:3e:e4:4c:be:2b:c6:87:09:79:7e:bf: ad:d9:43:80:af:4a:c2:7b:83:d6:18:e7:15:5d:2f: 32:3f:c2:ec:28:70:e0:e1:67:fd:a5:29:86:44:3d: 23:21:36:f6:ee:66:59:5a:86:a3:ad:60:33:98:5d: 71:14:b8:f9:ef:58:8f:c6:ec:c7:7a:5a:c1:2c:0a: fa:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:1A:33:F8:DA:F3:E8:B3:81:8E:D7:30:FB:9E:CC:9B:E0:65:68:AF X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 69:1a:a5:2d:86:32:41:6b:f1:ad:8a:50:b9:90:ce:f8:ac:f3: d4:85:72:e7:8d:53:76:f8:13:4a:61:59:16:4f:7c:df:5f:fc: bc:3d:eb:bb:ce:2b:5a:21:c1:cc:91:43:59:cb:4a:1d:5e:ed: e4:87:2e:01:25:77:bd:68:a3:ee:53:e8:14:5d:78:80:6a:68: bd:c6:1e:47:3d:55:53:bd:70:ad:91:a4:34:7e:3e:94:ff:14: cd:a5:b0:38:78:18:60:1b:9c:b1:10:d6:d8:e3:cd:af:51:8e: 98:8b:d9:44:d1:27:49:09:44:25:a7:d7:82:c7:62:be:24:f4: 54:ed:83:b6:ab:d5:96:01:84:bb:fb:33:73:19:f3:2b:46:67: 37:69:65:5d:25:de:ca:af:e3:16:57:2f:0a:da:1f:c1:33:27: 8e:32:5c:ec:69:5d:05:42:4c:b3:d7:5e:30:57:3d:aa:74:6d: 54:09:f3:46:57:53:b9:df:b5:4f:16:d3:d0:8b:4a:1a:88:c3: 5f:be:6d:ae:c4:57:10:e7:4d:03:d2:59:b0:13:7f:78:ec:4d: 17:ae:95:f1:f8:f2:87:64:8e:d5:73:a9:58:19:33:8f:d8:ad: 88:5d:e0:eb:7b:34:c9:1f:2c:45:b1:ae:cd:10:9b:bc:0f:98: 93:f5:87:79 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUVRga2NMgruuIxjYof/1+x0R19FEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyNTAwMDAwN1oX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMTNlNTU1ZmQ4N2FjMjYyOGFiNGE1 NWYxYTFiYTYzOWM3MGNlZDRlN2M4MWQyYThiYjA4ODc2Y2IwM2Q3MzkzNjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAcHW6nRQmlGo6sYaHFhMAB3pTJb n+KKFsSJgwReCx2W3h0nR21VHqMgZBZkfwk5s71TnEA5+ngGjMCUpI2HhWMHqehb SGuVmoALNl4Rc7hVV24SwpY1EsPhGAR4pwksW3MkjrktbCDEjwXvSI48SrD8T7nu sLsH78XRzxGCgEqvG+pW6Uosj9f1z8mGJA1B1gQFs3xpYWxYJ5H5BgQzULxTOOKl UtpATvT/AU7LuPmgXuenPXXIPuRMvivGhwl5fr+t2UOAr0rCe4PWGOcVXS8yP8Ls KHDg4Wf9pSmGRD0jITb27mZZWoajrWAzmF1xFLj571iPxuzHelrBLAr6DwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFBEaM/ja8+izgY7XMPuezJvgZWivMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAaRqlLYYyQWvxrYpQuZDO +Kzz1IVy541TdvgTSmFZFk9831/8vD3ru84rWiHBzJFDWctKHV7t5IcuASV3vWij 7lPoFF14gGpovcYeRz1VU71wrZGkNH4+lP8UzaWwOHgYYBucsRDW2OPNr1GOmIvZ RNEnSQlEJafXgsdiviT0VO2DtqvVlgGEu/szcxnzK0ZnN2llXSXeyq/jFlcvCtof wTMnjjJc7GldBUJMs9deMFc9qnRtVAnzRldTud+1TxbT0ItKGojDX75trsRXEOdN A9JZsBN/eOxNF66V8fjyh2SO1XOpWBkzj9itiF3g63s0yR8sRbGuzRCbvA+Yk/WH eQ== -----END CERTIFICATE-----Generated at Sat Apr 26 20:51:43 2025 by rpki-client