$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa File: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (raw, json) Hash identifier: U33+Cmyb8Bh15qZgoTQPIKNpwqwicQuG3CpQ0Ut7BDs= Subject key identifier: 84:86:0B:77:E4:BB:3B:BB:7D:07:AF:C2:CB:3A:14:63:DA:28:9B:B2 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 2A35070589CB9FD09BA5B6C2E4DA3F19D3342A03 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa Signing time: Sat 26 Apr 2025 00:00:03 +0000 ROA not before: Sat 26 Apr 2025 00:00:03 +0000 ROA not after: Sat 31 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 160.235.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:35:07:05:89:cb:9f:d0:9b:a5:b6:c2:e4:da:3f:19:d3:34:2a:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 26 00:00:03 2025 GMT Not After : May 31 23:59:59 2025 GMT Subject: serialNumber=2189541acd792360c7d490594e0ac6bd5df48e3ad060b1cb4ddbdf2ce69c7040, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:46:12:6e:4f:5f:67:a5:29:85:72:e2:0c:93: c0:29:2f:75:2e:11:64:10:16:7b:9f:50:ef:fd:a2: 0d:7b:60:eb:60:af:df:85:96:ff:80:ac:bd:3e:b2: 65:05:65:82:d7:f4:5a:4f:4b:26:2a:9a:ca:f7:32: a4:6c:13:51:18:cf:36:2d:9c:1a:4e:28:54:a3:e5: 24:db:7c:bb:54:1a:2e:a6:d0:22:d8:5d:4e:f2:48: 49:ce:c9:ce:0a:77:36:a3:c9:ce:fd:37:77:a4:c4: e7:84:e2:53:e0:ef:5b:03:e3:5a:f3:d6:25:09:82: 9d:5b:a1:0b:6d:8f:55:47:ad:7d:dd:76:18:1d:4b: 46:15:4d:10:39:ff:c7:39:d6:e9:51:93:c5:77:be: 49:4b:18:c0:ab:67:8f:4d:16:2f:df:13:6d:35:a6: 26:d0:cf:22:b9:d9:18:ae:e8:98:0e:0e:34:20:e1: ac:74:fa:78:42:cc:a3:b5:b2:cd:7a:94:35:b7:79: 6c:dc:11:c3:80:65:fb:fe:02:72:3d:ee:df:f0:15: bc:b1:5e:4f:c7:1d:40:82:e1:75:f5:ae:5e:c3:bb: 53:5c:3e:27:d3:67:90:47:97:d1:b0:23:3d:0d:31: f0:01:01:9c:eb:01:7b:3f:ab:e8:97:97:99:7a:df: 79:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:86:0B:77:E4:BB:3B:BB:7D:07:AF:C2:CB:3A:14:63:DA:28:9B:B2 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.235.0.0/16 Signature Algorithm: sha256WithRSAEncryption 9a:76:15:7a:06:a7:2c:6c:5c:0f:17:1a:95:90:d4:b1:05:77: 7c:f0:9e:71:c6:9a:57:77:b5:6b:41:1f:f4:fe:77:68:f4:e8: 42:ad:97:09:85:f8:bc:ad:b9:6d:d0:a1:92:80:24:28:da:ef: 92:44:9e:7b:5b:d3:a9:94:31:5e:c2:4c:ca:91:15:96:be:2c: ef:65:f3:f7:fe:18:5d:ca:0d:4b:8c:c6:da:15:5b:31:ed:81: 8a:14:ca:8a:55:84:1a:d3:a7:c4:1f:d7:38:c2:97:55:8b:e3: b0:68:03:64:20:7c:73:98:02:40:7d:2e:8d:0c:dc:b9:9b:70: 11:90:2a:45:01:af:fb:8d:42:f0:f8:cb:40:66:43:aa:1a:fb: 1d:1f:84:94:3c:db:72:99:3c:1b:df:5d:c8:5e:36:76:12:c5: 93:1b:95:b9:29:61:55:13:23:dd:2b:db:dc:95:35:ee:10:da: 42:1e:9c:e0:b9:1a:74:89:42:6f:ec:51:62:48:ab:0b:f3:48: a4:3c:36:5f:d8:11:89:bb:9b:b5:f1:9e:f3:63:86:59:ef:f6: 2d:72:c7:4d:ec:fb:b4:9b:9d:6e:71:c5:46:58:e4:b4:72:90: ea:e2:5c:1e:09:4e:6c:01:d2:ed:6f:86:24:08:ab:8b:f7:f2: 15:12:a0:d6 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUKjUHBYnLn9CbpbbC5No/GdM0KgMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDQyNjAwMDAwM1oX DTI1MDUzMTIzNTk1OVowejFJMEcGA1UEBRNAMjE4OTU0MWFjZDc5MjM2MGM3ZDQ5 MDU5NGUwYWM2YmQ1ZGY0OGUzYWQwNjBiMWNiNGRkYmRmMmNlNjljNzA0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kYSbk9fZ6UphXLiDJPAKS91LhFk EBZ7n1Dv/aINe2DrYK/fhZb/gKy9PrJlBWWC1/RaT0smKprK9zKkbBNRGM82LZwa TihUo+Uk23y7VBouptAi2F1O8khJzsnOCnc2o8nO/Td3pMTnhOJT4O9bA+Na89Yl CYKdW6ELbY9VR6193XYYHUtGFU0QOf/HOdbpUZPFd75JSxjAq2ePTRYv3xNtNaYm 0M8iudkYruiYDg40IOGsdPp4QsyjtbLNepQ1t3ls3BHDgGX7/gJyPe7f8BW8sV5P xx1AguF19a5ew7tTXD4n02eQR5fRsCM9DTHwAQGc6wF7P6vol5eZet95GwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFISGC3fkuzu7fQevwss6FGPaKJuyMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkMWZiMWM3LTYxNDAtNGM1Ny05MjhmLTFhNTk1ODZmOWUyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAoOswDQYJKoZIhvcNAQELBQADggEBAJp2FXoGpyxsXA8XGpWQ1LEF d3zwnnHGmld3tWtBH/T+d2j06EKtlwmF+LytuW3QoZKAJCja75JEnntb06mUMV7C TMqRFZa+LO9l8/f+GF3KDUuMxtoVWzHtgYoUyopVhBrTp8Qf1zjCl1WL47BoA2Qg fHOYAkB9Lo0M3LmbcBGQKkUBr/uNQvD4y0BmQ6oa+x0fhJQ823KZPBvfXcheNnYS xZMblbkpYVUTI90r29yVNe4Q2kIenOC5GnSJQm/sUWJIqwvzSKQ8Nl/YEYm7m7Xx nvNjhlnv9i1yx03s+7SbnW5xxUZY5LRykOriXB4JTmwB0u1vhiQIq4v38hUSoNY= -----END CERTIFICATE-----Generated at Sat Apr 26 07:33:11 2025 by rpki-client