$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: oswh/Fx6aO5On8Aftv8Si8+w0jTtCv2Q5lkxz1aRPaA= Subject key identifier: 6E:0E:00:61:D2:CF:64:75:2D:D2:A5:8E:E8:D2:84:F9:90:B9:B0:CC Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 7BD46007C6AC45907F842A5C9645A4B96DE9828F Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Fri 18 Apr 2025 00:01:12 +0000 ROA not before: Fri 18 Apr 2025 00:01:12 +0000 ROA not after: Fri 23 May 2025 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:d4:60:07:c6:ac:45:90:7f:84:2a:5c:96:45:a4:b9:6d:e9:82:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 18 00:01:12 2025 GMT Not After : May 23 23:59:59 2025 GMT Subject: serialNumber=b8825c651877afcb984686c1bc89a47ca376d451e64c046b5e9fc2136cf0571f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:66:e5:69:c5:30:c9:45:56:57:4e:15:54:db: 87:64:d2:72:5f:57:16:50:89:22:02:4b:a5:ce:a0: 5f:84:77:af:68:ef:81:16:4a:ed:c5:19:b6:22:19: ce:4f:22:0f:15:ef:c8:9d:15:8a:bb:4d:57:41:ca: e7:53:5d:3e:a1:07:f4:cb:95:54:15:72:2d:5f:2f: 6b:94:75:9b:ef:9a:84:57:78:1e:eb:9a:92:af:95: 92:8a:1b:e2:1f:d3:8a:bd:bb:4e:5e:6d:06:e1:42: 4e:d2:04:0d:9a:f9:52:5d:3f:0b:cc:ff:26:2e:3e: 02:a1:09:e2:46:03:95:97:aa:a9:34:1f:2f:e2:00: e3:1c:41:fe:fc:5f:63:22:78:bc:89:d3:67:9a:6a: 6b:00:b3:bf:cc:8f:de:c2:90:cb:71:e7:65:dd:45: 53:0f:cf:9e:73:f8:57:77:60:23:f7:15:91:57:8e: 93:e9:b0:45:c6:d5:43:43:78:b5:28:2a:1e:1e:1b: 45:97:25:f2:67:b1:da:00:e0:60:27:4a:65:29:c3: cc:2f:0d:1f:f7:c4:87:a5:a0:b9:3f:ed:c0:96:6c: da:26:39:36:6c:a9:bc:34:81:96:94:e7:88:69:6e: bc:bb:86:d1:9f:07:25:10:bc:41:da:b4:e7:95:46: 3e:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:0E:00:61:D2:CF:64:75:2D:D2:A5:8E:E8:D2:84:F9:90:B9:B0:CC X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 02:0d:2c:1b:2d:19:72:49:2c:20:dc:21:92:92:33:3b:07:32: 52:12:77:2a:97:02:de:26:19:d7:bb:e8:f1:9d:dc:a6:50:44: be:b2:a9:b4:ea:da:8c:f6:80:a5:5e:82:03:e4:68:e2:27:42: 95:25:88:ac:54:0c:78:f1:c5:84:4f:66:c0:64:7c:0b:38:cc: d7:72:18:32:df:15:38:8d:2b:2f:9d:84:e6:27:17:24:78:fa: a8:de:6e:99:4b:b4:3d:07:93:10:dc:fb:c5:2b:e6:4a:06:5f: 9b:48:bc:48:55:44:35:a1:19:41:03:86:10:f3:c7:3f:20:bc: 72:9f:39:96:c4:40:de:d2:f7:c1:3e:d9:28:ed:06:16:c1:9a: 12:2e:a6:58:7c:a9:a2:dd:75:b1:22:a4:f0:80:54:52:bb:d7: d7:5f:d2:0e:36:e6:0c:4f:02:5d:14:20:44:64:e6:71:27:13: b5:e2:26:81:5c:57:c7:34:78:ae:fc:75:95:3a:ff:61:11:26: 32:77:b1:2c:3a:cf:b8:70:34:48:d6:1d:27:8f:f8:2c:ba:66: 18:0f:4e:77:17:85:c4:e1:38:fe:8e:53:da:16:59:f2:4f:e0: 86:b4:74:80:23:4b:96:4f:d6:67:e4:5d:35:44:a8:47:12:58: 53:b0:c9:cf -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUe9RgB8asRZB/hCpclkWkuW3pgo8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDQxODAwMDExMloX DTI1MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAYjg4MjVjNjUxODc3YWZjYjk4NDY4 NmMxYmM4OWE0N2NhMzc2ZDQ1MWU2NGMwNDZiNWU5ZmMyMTM2Y2YwNTcxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GblacUwyUVWV04VVNuHZNJyX1cW UIkiAkulzqBfhHevaO+BFkrtxRm2IhnOTyIPFe/InRWKu01XQcrnU10+oQf0y5VU FXItXy9rlHWb75qEV3ge65qSr5WSihviH9OKvbtOXm0G4UJO0gQNmvlSXT8LzP8m Lj4CoQniRgOVl6qpNB8v4gDjHEH+/F9jIni8idNnmmprALO/zI/ewpDLcedl3UVT D8+ec/hXd2Aj9xWRV46T6bBFxtVDQ3i1KCoeHhtFlyXyZ7HaAOBgJ0plKcPMLw0f 98SHpaC5P+3AlmzaJjk2bKm8NIGWlOeIaW68u4bRnwclELxB2rTnlUY+vQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFG4OAGHSz2R1LdKljujShPmQubDMMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQACDSwbLRlySSwg3CGSkjM7 BzJSEncqlwLeJhnXu+jxndymUES+sqm06tqM9oClXoID5GjiJ0KVJYisVAx48cWE T2bAZHwLOMzXchgy3xU4jSsvnYTmJxckePqo3m6ZS7Q9B5MQ3PvFK+ZKBl+bSLxI VUQ1oRlBA4YQ88c/ILxynzmWxEDe0vfBPtko7QYWwZoSLqZYfKmi3XWxIqTwgFRS u9fXX9IONuYMTwJdFCBEZOZxJxO14iaBXFfHNHiu/HWVOv9hESYyd7EsOs+4cDRI 1h0nj/gsumYYD053F4XE4Tj+jlPaFlnyT+CGtHSAI0uWT9Zn5F01RKhHElhTsMnP -----END CERTIFICATE-----Generated at Sat Apr 26 07:36:47 2025 by rpki-client