$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa File: 1dffeac8-b779-49ef-ba27-58bc19891e60.roa (raw, json) Hash identifier: pO1ZXG6sSfgfPTB9M91yC1+vKT6fjVgLHLXWYb4AAnM= Subject key identifier: 48:59:1F:E7:93:93:CE:16:36:D9:EA:6D:D9:5D:52:9F:77:83:27:F0 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 0CA6E091B3A376653EE548DCD7767995E8ED8F0B Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa Signing time: Fri 13 Jun 2025 00:00:12 +0000 ROA not before: Fri 13 Jun 2025 00:00:12 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.144.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 00:03:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:a6:e0:91:b3:a3:76:65:3e:e5:48:dc:d7:76:79:95:e8:ed:8f:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 13 00:00:12 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=c1e63c9fab5606bee72454f19c0292fe48cb1b8eea66a7a4bc1720d4ac91255a, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:1e:2c:81:a8:5f:57:43:bb:4c:fd:d9:c2:8b: df:56:b7:a2:79:bd:7a:60:21:e8:d9:a3:75:ee:3c: 49:3c:0d:26:2b:77:57:d9:b5:06:96:55:88:4c:cd: 27:4f:98:8c:ff:24:35:98:2f:4d:f5:14:a3:80:3d: ae:29:ad:d6:e5:ec:a8:c5:e9:3b:9e:a9:04:c6:c4: 65:55:6b:98:a6:31:36:85:17:af:eb:16:83:c8:62: 31:9c:a9:77:d1:69:c6:59:0d:7a:d9:92:f9:68:96: dc:be:6d:1c:c2:fd:a1:53:7c:a0:76:a3:45:38:61: 7f:67:3b:3a:ad:5f:30:84:92:09:0b:3a:17:19:ba: e8:41:91:7a:b9:37:15:49:09:09:c2:0e:06:03:c7: 32:95:ee:e3:54:2e:a6:5f:00:ef:2d:0c:46:40:64: 46:fb:4d:24:6d:ad:2b:b1:a7:92:c3:92:2b:66:96: 76:c8:1d:7d:5a:0e:2a:e1:46:61:da:cd:a7:e8:33: 9d:f9:9d:eb:30:f0:d7:69:bd:99:e9:74:f5:59:8c: 06:f4:62:67:2a:24:66:36:a0:48:d2:39:26:b1:5d: bb:8f:c0:ab:88:11:2c:05:b8:5c:73:b3:26:1a:42: af:c7:20:03:d9:43:87:50:2b:46:2f:41:1c:72:ab: ed:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:59:1F:E7:93:93:CE:16:36:D9:EA:6D:D9:5D:52:9F:77:83:27:F0 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.144.0/22 Signature Algorithm: sha256WithRSAEncryption 61:74:fa:51:82:9a:b9:e1:0d:f4:61:a7:dc:fd:ea:79:57:0f: 90:1e:d8:f5:7f:85:75:1d:a9:ec:c8:3c:fa:cc:f4:4e:1a:94: e0:a3:b9:62:00:4d:97:2b:3d:22:d2:c3:57:22:9f:9e:d8:32: 3f:15:5a:cb:e4:e8:04:ee:d2:05:29:21:1d:f1:a6:de:e1:f3: 09:c9:0f:c4:e2:ab:98:08:91:36:e6:9b:c8:03:3e:85:27:0e: e2:04:1d:48:6b:46:a8:65:8a:3f:49:9d:32:61:68:9e:89:5e: 83:6c:e2:e2:87:67:bb:2a:01:61:a6:5a:8c:e4:42:bc:dc:e1: 26:4e:97:fd:5c:da:af:73:4c:e7:ee:93:cf:bc:3a:10:e9:24: 9a:f9:ea:f0:7a:21:6a:84:b4:96:94:29:26:41:8f:00:9f:64: 32:01:fe:c9:27:87:84:04:bc:e9:14:2b:10:b8:2b:8d:a0:42: 95:58:1e:27:f9:e5:63:2e:8b:c2:87:6e:53:2b:b5:6c:c8:ed: 6e:14:ca:9f:dd:24:84:86:79:7f:68:c5:db:68:1f:ca:86:63: d7:bc:5e:09:07:3f:05:ea:01:a1:39:de:f7:77:1c:2b:23:e3: 9c:54:5d:5d:fa:6f:27:7b:d9:13:99:8c:e3:f9:d4:f8:3f:b6: d8:dd:96:e5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDKbgkbOjdmU+5Ujc13Z5lejtjwswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYxMzAwMDAxMloX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAYzFlNjNjOWZhYjU2MDZiZWU3MjQ1 NGYxOWMwMjkyZmU0OGNiMWI4ZWVhNjZhN2E0YmMxNzIwZDRhYzkxMjU1YTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR4sgahfV0O7TP3ZwovfVreieb16 YCHo2aN17jxJPA0mK3dX2bUGllWITM0nT5iM/yQ1mC9N9RSjgD2uKa3W5eyoxek7 nqkExsRlVWuYpjE2hRev6xaDyGIxnKl30WnGWQ162ZL5aJbcvm0cwv2hU3ygdqNF OGF/Zzs6rV8whJIJCzoXGbroQZF6uTcVSQkJwg4GA8cyle7jVC6mXwDvLQxGQGRG +00kba0rsaeSw5IrZpZ2yB19Wg4q4UZh2s2n6DOd+Z3rMPDXab2Z6XT1WYwG9GJn KiRmNqBI0jkmsV27j8CriBEsBbhcc7MmGkKvxyAD2UOHUCtGL0EccqvtvQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEhZH+eTk84WNtnqbdldUp93gyfwMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzFkZmZlYWM4LWI3NzktNDllZi1iYTI3LTU4YmMxOTg5MWU2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrymQMA0GCSqGSIb3DQEBCwUAA4IBAQBhdPpRgpq54Q30Yafc/ep5 Vw+QHtj1f4V1HansyDz6zPROGpTgo7liAE2XKz0i0sNXIp+e2DI/FVrL5OgE7tIF KSEd8abe4fMJyQ/E4quYCJE25pvIAz6FJw7iBB1Ia0aoZYo/SZ0yYWieiV6DbOLi h2e7KgFhplqM5EK83OEmTpf9XNqvc0zn7pPPvDoQ6SSa+erweiFqhLSWlCkmQY8A n2QyAf7JJ4eEBLzpFCsQuCuNoEKVWB4n+eVjLovCh25TK7VsyO1uFMqf3SSEhnl/ aMXbaB/KhmPXvF4JBz8F6gGhOd73dxwrI+OcVF1d+m8ne9kTmYzj+dT4P7bY3Zbl -----END CERTIFICATE-----Generated at Mon Jun 30 18:19:47 2025 by rpki-client