$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: aHPqZ4TQ5MstcaBFDMnqp9HG8RnCGzPnwNYpMd3K7s4= Subject key identifier: 42:92:C2:82:B5:26:E2:A8:6F:7F:B4:72:A1:FE:C2:4D:C5:C6:7C:0C Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2CC561F3A89666E06D60173B397C2E6EB7C6D490 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Wed 30 Apr 2025 00:00:04 +0000 ROA not before: Wed 30 Apr 2025 00:00:04 +0000 ROA not after: Wed 04 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 00:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:c5:61:f3:a8:96:66:e0:6d:60:17:3b:39:7c:2e:6e:b7:c6:d4:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 30 00:00:04 2025 GMT Not After : Jun 4 23:59:59 2025 GMT Subject: serialNumber=6d96c8b2578d3f12db69b3546834856bb516a69e25b8bcaf9d676c7fd0bc9833, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:64:d4:25:cb:65:70:f8:15:18:1e:61:99:d6: 73:6d:7a:ee:61:78:1f:b9:de:43:a0:8b:28:1e:1b: 49:b3:64:11:f7:27:c8:2b:5a:46:62:ce:06:a0:a3: 8a:93:1a:e1:ef:84:16:be:0f:4f:2a:33:37:2e:59: 35:df:8a:51:44:1a:a1:43:54:6d:de:a8:22:7e:5b: c3:d9:b4:6b:70:63:b6:66:02:c5:fd:55:b5:42:d6: 05:e3:d9:26:37:2e:f5:c0:7f:1a:b7:63:09:07:99: bc:a9:63:66:a9:1d:a5:08:81:62:a9:eb:f2:46:52: 85:36:5a:30:01:4c:33:1d:9d:87:72:7b:97:a8:64: 52:0c:93:75:f1:7e:cf:c4:f5:bb:9b:c6:29:d7:f7: 10:49:05:eb:88:f2:32:ed:20:86:57:15:ad:5a:11: 4d:56:c5:07:07:8d:61:35:8c:3b:44:9b:c3:fd:4a: 7b:99:2e:83:9d:8c:fb:43:a8:e6:0b:cc:b2:42:6e: aa:8a:15:b5:42:57:14:cd:b1:d0:f4:ff:ce:1d:3d: 78:ce:8c:50:03:aa:f1:31:37:8f:e9:ec:82:30:80: 2a:5a:bd:dd:67:5f:7f:55:3a:56:49:70:27:b7:25: 34:57:1e:51:be:0d:99:70:72:7e:c5:a6:89:0b:2b: 5b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:92:C2:82:B5:26:E2:A8:6F:7F:B4:72:A1:FE:C2:4D:C5:C6:7C:0C X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 22:6e:68:13:96:56:2f:df:7a:af:25:41:c0:00:82:9c:99:f1: e9:db:49:96:82:5c:b9:4c:75:1f:3a:64:b9:0f:c4:96:b8:48: 65:77:ec:c5:4c:e2:93:ab:d1:c5:d7:49:07:00:18:dc:ce:6a: f6:3d:83:fc:a3:e1:4d:3a:6c:73:23:fb:3b:c9:59:4a:68:52: 3c:52:c4:6d:20:1e:64:71:67:79:e9:3f:8f:66:d9:30:df:c5: 5a:91:b0:6e:00:fe:89:6d:3a:14:17:f7:ca:01:24:cf:7f:9d: ad:f4:b0:5f:fb:df:22:2d:8e:52:4d:81:a4:f2:9b:a5:ed:0d: 71:19:8f:82:fc:01:c1:23:12:d3:3d:95:39:9a:68:65:f3:3e: e0:d0:cf:03:b8:12:8e:87:37:72:9f:31:02:e0:bb:cd:06:90: 61:07:dd:20:4d:68:64:62:e9:7d:a2:27:7d:50:a4:87:96:c1: f7:cb:b2:1e:a6:de:d9:48:e8:3f:3d:4c:34:ce:0d:cb:7e:36: 96:86:85:89:fc:d5:b7:04:4a:01:82:e7:cd:5d:a4:46:e6:3f: 4b:f1:d1:9f:04:54:6a:83:1e:f7:7a:1d:c0:b8:35:ec:42:33: 36:54:c9:e0:fe:e3:7e:14:92:4a:ad:34:39:e3:11:83:1a:da: 77:ec:f0:d4 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIULMVh86iWZuBtYBc7OXwubrfG1JAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQzMDAwMDAwNFoX DTI1MDYwNDIzNTk1OVowejFJMEcGA1UEBRNANmQ5NmM4YjI1NzhkM2YxMmRiNjli MzU0NjgzNDg1NmJiNTE2YTY5ZTI1YjhiY2FmOWQ2NzZjN2ZkMGJjOTgzMzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymTUJctlcPgVGB5hmdZzbXruYXgf ud5DoIsoHhtJs2QR9yfIK1pGYs4GoKOKkxrh74QWvg9PKjM3Llk134pRRBqhQ1Rt 3qgiflvD2bRrcGO2ZgLF/VW1QtYF49kmNy71wH8at2MJB5m8qWNmqR2lCIFiqevy RlKFNlowAUwzHZ2HcnuXqGRSDJN18X7PxPW7m8Yp1/cQSQXriPIy7SCGVxWtWhFN VsUHB41hNYw7RJvD/Up7mS6DnYz7Q6jmC8yyQm6qihW1QlcUzbHQ9P/OHT14zoxQ A6rxMTeP6eyCMIAqWr3dZ19/VTpWSXAntyU0Vx5Rvg2ZcHJ+xaaJCytb4wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFEKSwoK1JuKob3+0cqH+wk3FxnwMMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAIm5oE5ZWL996ryVBwACC nJnx6dtJloJcuUx1HzpkuQ/ElrhIZXfsxUzik6vRxddJBwAY3M5q9j2D/KPhTTps cyP7O8lZSmhSPFLEbSAeZHFneek/j2bZMN/FWpGwbgD+iW06FBf3ygEkz3+drfSw X/vfIi2OUk2BpPKbpe0NcRmPgvwBwSMS0z2VOZpoZfM+4NDPA7gSjoc3cp8xAuC7 zQaQYQfdIE1oZGLpfaInfVCkh5bB98uyHqbe2UjoPz1MNM4Ny342loaFifzVtwRK AYLnzV2kRuY/S/HRnwRUaoMe93odwLg17EIzNlTJ4P7jfhSSSq00OeMRgxrad+zw 1A== -----END CERTIFICATE-----Generated at Mon May 5 06:41:25 2025 by rpki-client