$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f4f319-e479-493d-8b78-4861fcc44015.roa File: 31f4f319-e479-493d-8b78-4861fcc44015.roa (raw, json) Hash identifier: gHBxX44VVaviGWdo5sUdzxFiwRXj6zNWTmrQj6fXJo8= Subject key identifier: 4C:E3:9A:1B:13:27:73:A4:2A:7C:8C:C6:F6:1D:9D:68:95:FE:F8:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7F2FDCFED9D6463A9719471BC59E2E2F610ACDBC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f4f319-e479-493d-8b78-4861fcc44015.roa Signing time: Sat 14 Jun 2025 00:00:21 +0000 ROA not before: Sat 14 Jun 2025 00:00:21 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.52.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:2f:dc:fe:d9:d6:46:3a:97:19:47:1b:c5:9e:2e:2f:61:0a:cd:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 14 00:00:21 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=e3d2700411ac04ddb33f73677a13dc90a4086eb57ea67da46fc774576fe1731f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d6:b5:97:08:08:e8:2f:5e:a9:d7:50:07:1f: 11:e7:56:2e:d5:57:b1:53:07:6b:28:f9:e1:00:de: fb:26:c7:f3:bf:54:b4:b2:d2:3c:ce:74:e7:31:15: 1b:5a:24:76:44:fc:cf:03:fe:2c:4a:c3:49:42:6c: 4c:4a:a3:57:5d:54:f7:5f:c2:20:7c:c5:c3:a1:87: 31:70:62:ee:2a:7e:e7:68:8f:21:b6:b1:d6:9c:98: 49:28:09:fe:77:a8:84:87:04:5e:68:ed:0f:7b:d3: d2:77:39:4f:74:9f:d9:63:e4:c3:d8:89:85:72:36: 81:5c:6d:3b:80:73:78:18:62:78:2e:c6:49:e6:4c: a6:df:b5:71:51:1e:fc:23:4d:cd:a6:b4:ad:01:88: 2a:1b:da:93:a9:0e:d9:27:3d:f9:83:61:af:2e:5e: 73:ad:34:e6:eb:1e:37:77:3e:b4:65:23:89:0b:a0: 63:89:5d:41:41:4b:50:9c:38:ec:c6:b8:02:b4:96: 20:a2:30:0a:72:53:69:49:13:1c:75:92:47:9d:ca: e3:5e:c4:3a:11:3d:7d:ed:56:ae:05:3c:21:2b:0c: ff:3b:65:34:3d:39:dc:ec:be:3d:24:35:6d:eb:0c: 02:58:c1:40:47:5c:4b:e7:7f:85:a0:2e:c9:9c:a7: 2d:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:E3:9A:1B:13:27:73:A4:2A:7C:8C:C6:F6:1D:9D:68:95:FE:F8:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31f4f319-e479-493d-8b78-4861fcc44015.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.52.0/24 Signature Algorithm: sha256WithRSAEncryption 10:dc:7b:c0:5c:cd:39:74:d0:6d:b8:69:6e:7a:55:e4:ea:9d: d4:25:67:c8:e4:ce:eb:71:f7:80:5e:d6:ec:fc:57:28:1d:a9: a0:eb:bf:c4:3c:a6:a5:0e:e0:c2:7f:f8:59:be:54:6e:ea:6f: 03:4b:3b:fd:13:cf:b8:3a:78:b3:c0:82:d8:09:25:77:65:11: a3:15:b8:ca:dd:ea:38:74:6c:be:9c:63:6d:51:be:3d:b8:54: 59:88:f0:2e:92:d4:37:cb:48:ac:a8:66:e2:93:dc:ab:e1:a8: e1:1f:9f:f7:17:5e:9f:7f:27:10:c0:f1:14:c4:18:a2:00:0e: e4:d3:ca:eb:f5:c2:54:17:70:35:d1:c8:97:f3:78:23:54:a2: e8:9f:04:8e:9c:cd:28:10:66:1d:91:e1:43:ba:7f:46:78:ce: 48:6f:5f:35:54:5b:ae:f8:91:94:e1:c1:69:6a:0a:be:0b:3f: 61:c9:f5:8d:6f:f7:8e:36:3a:de:e6:44:72:bb:8c:17:28:e7: f2:90:07:c6:91:d0:f8:78:c8:4f:2b:ca:f6:43:97:e0:41:af: 5b:1e:43:bc:03:6d:16:c8:45:68:4f:7b:7e:8b:ca:69:9e:31: 87:98:c2:11:51:ce:fb:fd:61:72:bc:b9:8d:33:d1:06:4a:09: 19:0f:6b:50 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUfy/c/tnWRjqXGUcbxZ4uL2EKzbwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNDAwMDAyMVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAZTNkMjcwMDQxMWFjMDRkZGIzM2Y3 MzY3N2ExM2RjOTBhNDA4NmViNTdlYTY3ZGE0NmZjNzc0NTc2ZmUxNzMxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9a1lwgI6C9eqddQBx8R51Yu1Vex UwdrKPnhAN77Jsfzv1S0stI8znTnMRUbWiR2RPzPA/4sSsNJQmxMSqNXXVT3X8Ig fMXDoYcxcGLuKn7naI8htrHWnJhJKAn+d6iEhwReaO0Pe9PSdzlPdJ/ZY+TD2ImF cjaBXG07gHN4GGJ4LsZJ5kym37VxUR78I03NprStAYgqG9qTqQ7ZJz35g2GvLl5z rTTm6x43dz60ZSOJC6BjiV1BQUtQnDjsxrgCtJYgojAKclNpSRMcdZJHncrjXsQ6 ET197VauBTwhKwz/O2U0PTnc7L49JDVt6wwCWMFAR1xL53+FoC7JnKct3QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEzjmhsTJ3OkKnyMxvYdnWiV/vglMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMxZjRmMzE5LWU0NzktNDkzZC04Yjc4LTQ4NjFmY2M0NDAxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A0MA0GCSqGSIb3DQEBCwUAA4IBAQAQ3HvAXM05dNBtuGluelXk 6p3UJWfI5M7rcfeAXtbs/FcoHamg67/EPKalDuDCf/hZvlRu6m8DSzv9E8+4Oniz wILYCSV3ZRGjFbjK3eo4dGy+nGNtUb49uFRZiPAuktQ3y0isqGbik9yr4ajhH5/3 F16ffycQwPEUxBiiAA7k08rr9cJUF3A10ciX83gjVKLonwSOnM0oEGYdkeFDun9G eM5Ib181VFuu+JGU4cFpagq+Cz9hyfWNb/eONjre5kRyu4wXKOfykAfGkdD4eMhP K8r2Q5fgQa9bHkO8A20WyEVoT3t+i8ppnjGHmMIRUc77/WFyvLmNM9EGSgkZD2tQ -----END CERTIFICATE-----Generated at Sat Jun 14 06:34:13 2025 by rpki-client