$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: kRpME6MIgos5VaFfSbeAqyYVnbwVuJ0aUPTo4GcLA8c= Subject key identifier: 61:D7:69:23:8E:DF:1E:E0:A2:1C:A3:DB:17:77:C9:59:F8:3C:7B:66 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: E0ACD862CDA423CB366CB1183F1F3DA4161CD1 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Fri 20 Jun 2025 00:00:01 +0000 ROA not before: Fri 20 Jun 2025 00:00:01 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: e0:ac:d8:62:cd:a4:23:cb:36:6c:b1:18:3f:1f:3d:a4:16:1c:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 20 00:00:01 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=c043110eac810fef38d0923290d6c6eb8b58a5f8009fd77f4a04166449bc027a, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:56:bf:3f:60:f1:39:bb:6b:15:44:e1:b3:02: 93:bb:c6:47:34:d2:d9:0d:65:35:8e:c1:4c:74:b2: b4:4e:a3:19:82:01:96:3c:b7:52:2e:a1:e4:3f:ed: 92:0f:37:a8:86:3d:5f:9f:a3:ba:7a:57:c0:9d:c2: bf:ee:3e:5d:7f:03:a7:34:60:5e:cb:56:ea:72:5c: 77:7a:e4:40:00:c6:c7:e1:7b:cc:1a:91:52:1e:dd: 67:a9:0d:7f:14:54:cc:59:f3:80:f0:a2:35:4b:6d: 66:7d:aa:14:e1:39:a0:8d:1e:7f:3f:42:c4:eb:b7: a5:f7:2b:4d:e4:86:cc:dc:91:c9:85:d5:c2:45:24: 4f:86:07:35:b2:dd:84:c5:0a:f7:cc:a0:97:26:19: 34:a2:8b:09:bd:ab:d2:cb:5a:b0:eb:21:03:e9:4b: 61:ae:89:5d:f7:83:55:22:f8:27:65:e5:b2:4b:f5: 3a:53:16:a2:44:b8:a9:2a:b3:91:1b:80:8c:77:2f: e7:78:11:7b:54:79:46:54:a3:59:00:ff:d9:34:10: ee:8e:4e:61:54:02:b9:bf:d9:b9:42:63:ea:83:1f: 2d:87:9b:72:56:dc:2e:8f:e9:d5:05:cb:74:29:28: f0:de:c4:3e:4a:45:a8:d2:60:83:80:39:0a:40:3f: 5c:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:D7:69:23:8E:DF:1E:E0:A2:1C:A3:DB:17:77:C9:59:F8:3C:7B:66 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 2c:15:77:ec:43:ca:54:58:bc:d1:18:df:af:48:26:06:67:8c: 11:da:97:b1:bd:50:39:d0:56:4f:11:d1:27:ff:9e:97:16:1b: 7d:1e:3c:fc:4a:54:6b:92:86:03:97:12:33:10:c6:0f:cb:8f: ef:3f:06:81:b5:88:78:ca:7c:cb:13:34:bf:66:00:f7:23:cf: ab:3f:56:6c:ac:95:ac:70:a7:17:23:14:e4:56:6b:8c:e5:eb: 15:39:f6:bc:78:69:fc:7e:9b:5d:52:3f:5a:ca:1b:4d:49:69: 5d:a3:3a:63:8b:20:d1:75:39:e4:a5:fa:c3:24:2d:4f:9e:c9: 04:37:6a:64:f2:4d:06:70:06:68:10:d9:1a:c4:6a:ac:c0:33: 8e:78:a5:06:ab:91:dd:b8:8c:35:96:b9:cd:a6:da:67:db:0f: c1:4a:8b:21:f9:0f:56:da:0e:3b:0c:f0:01:c1:3a:6d:58:69: 5c:34:e4:80:a6:a2:9b:a4:7e:80:c4:c9:0e:71:89:7d:22:f1: b8:53:71:6a:47:94:d8:ba:3b:75:2f:08:53:cf:e8:4f:97:38: e0:ad:d0:74:ae:31:fb:89:04:26:87:e4:b7:4d:e2:12:b6:ac: 97:bc:c6:5a:b0:55:69:7d:84:c7:da:46:c7:fb:1d:63:f3:78: 7a:c8:05:c5 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUAOCs2GLNpCPLNmyxGD8fPaQWHNEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYyMDAwMDAwMVoX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNAYzA0MzExMGVhYzgxMGZlZjM4ZDA5 MjMyOTBkNmM2ZWI4YjU4YTVmODAwOWZkNzdmNGEwNDE2NjQ0OWJjMDI3YTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArla/P2DxObtrFUThswKTu8ZHNNLZ DWU1jsFMdLK0TqMZggGWPLdSLqHkP+2SDzeohj1fn6O6elfAncK/7j5dfwOnNGBe y1bqclx3euRAAMbH4XvMGpFSHt1nqQ1/FFTMWfOA8KI1S21mfaoU4TmgjR5/P0LE 67el9ytN5IbM3JHJhdXCRSRPhgc1st2ExQr3zKCXJhk0oosJvavSy1qw6yED6Uth rold94NVIvgnZeWyS/U6UxaiRLipKrORG4CMdy/neBF7VHlGVKNZAP/ZNBDujk5h VAK5v9m5QmPqgx8th5tyVtwuj+nVBct0KSjw3sQ+SkWo0mCDgDkKQD9cEQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFGHXaSOO3x7gohyj2xd3yVn4PHtmMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEALBV37EPKVFi80Rjfr0gm BmeMEdqXsb1QOdBWTxHRJ/+elxYbfR48/EpUa5KGA5cSMxDGD8uP7z8GgbWIeMp8 yxM0v2YA9yPPqz9WbKyVrHCnFyMU5FZrjOXrFTn2vHhp/H6bXVI/WsobTUlpXaM6 Y4sg0XU55KX6wyQtT57JBDdqZPJNBnAGaBDZGsRqrMAzjnilBquR3biMNZa5zaba Z9sPwUqLIfkPVtoOOwzwAcE6bVhpXDTkgKaim6R+gMTJDnGJfSLxuFNxakeU2Lo7 dS8IU8/oT5c44K3QdK4x+4kEJofkt03iErasl7zGWrBVaX2Ex9pGx/sdY/N4esgF xQ== -----END CERTIFICATE-----Generated at Sun Jun 29 03:59:03 2025 by rpki-client