$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa File: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (raw, json) Hash identifier: IkBcOwPfW2kOf8xx912I8K/L35Tx9gCRrFjq6MCNYCs= Subject key identifier: D3:D3:7F:23:96:27:60:57:D9:5D:34:AB:6A:2A:81:54:4A:79:29:86 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 169ABF18D2217E56DD923947EBD04B13F102DC74 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa Signing time: Fri 25 Apr 2025 00:00:38 +0000 ROA not before: Fri 25 Apr 2025 00:00:38 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:9a:bf:18:d2:21:7e:56:dd:92:39:47:eb:d0:4b:13:f1:02:dc:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 25 00:00:38 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=8b507ac74d367835b6e25c7c4a1e5dde6550cb05dee165da1222530f7de793f2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d1:d0:aa:85:07:fe:ea:e7:db:ab:2f:8f:9c: 53:78:98:2c:be:a2:8b:3b:ed:32:72:4d:63:e2:58: af:2a:92:96:17:3d:35:c4:52:eb:17:0e:89:9b:35: 71:45:b1:a6:7e:49:51:71:ea:40:89:ef:6b:75:0e: c3:fe:a7:ff:1f:54:73:4d:bf:f2:57:b1:4c:cf:aa: 24:65:d8:48:6d:ea:fd:9b:d1:a1:af:bf:7d:76:20: 20:4f:49:af:d0:7d:c3:22:dd:9d:f2:f7:84:53:c5: 12:f5:5a:62:77:b4:78:18:d5:8f:76:7e:5a:de:83: 3e:6b:89:c7:89:64:57:3d:94:a0:71:27:28:b9:f7: 08:95:d1:d4:d0:cc:2b:36:a1:f6:18:f0:09:26:b5: a9:e9:73:a0:a7:1f:31:da:d6:52:d4:aa:d5:a9:f0: dc:4b:87:de:e1:bd:a8:f3:64:04:0d:a9:f1:0e:34: 7c:d9:aa:92:fd:81:a0:4c:e1:61:ae:17:80:de:69: 04:f7:0a:df:85:a1:b4:cf:fd:cc:42:8a:9c:8a:de: 75:a9:a2:11:cf:cf:b6:68:ed:7b:47:05:36:1a:7f: 48:39:4e:98:28:70:88:06:5d:df:43:c2:5b:f6:fd: e2:fa:4e:fd:8c:c6:c3:a5:43:40:cd:b6:ac:a2:72: e6:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:D3:7F:23:96:27:60:57:D9:5D:34:AB:6A:2A:81:54:4A:79:29:86 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.240.0/21 Signature Algorithm: sha256WithRSAEncryption 50:19:5a:03:d5:6d:a7:b9:d8:81:9f:2d:6e:68:7f:de:8e:74: c5:b8:72:a1:0f:6e:26:9b:8d:87:4a:9f:b9:f2:0e:2b:77:02: 55:45:3f:cb:51:09:31:18:53:5c:74:04:05:27:9b:6d:e7:44: 72:00:00:4d:12:90:bb:42:16:15:b4:f1:aa:1e:a9:20:02:0b: 8f:b4:1a:68:86:c7:1a:8d:94:b4:be:c6:0a:04:f5:eb:4d:6b: 3d:2b:de:67:8d:b4:3b:43:a8:1a:97:ec:e4:f1:a4:f2:e3:d7: 4e:28:53:5d:ed:78:22:9c:b0:73:f5:c7:3f:4f:22:34:75:0c: 67:3e:83:25:15:3b:45:93:2d:78:3b:4d:6a:ed:f5:17:23:5a: 80:ca:22:de:4c:fb:e2:c0:d3:cf:20:82:e8:bf:ab:fb:07:f8: 74:62:de:5e:26:88:fe:cd:ff:3f:2f:d5:b3:f5:88:30:76:9d: 52:78:d2:31:46:a2:93:9f:35:39:5f:72:0b:fc:20:7d:70:d5: 93:c3:25:61:c4:64:ad:95:a5:9b:a1:a4:6f:af:cc:fe:71:88: c6:06:2b:eb:95:a7:dd:2a:f5:13:69:a3:f2:08:c1:91:fa:46: ff:80:6b:aa:fd:7e:c6:02:7d:cc:b1:21:61:3f:92:e0:5b:88: a9:30:4f:fc -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFpq/GNIhflbdkjlH69BLE/EC3HQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDQyNTAwMDAzOFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAOGI1MDdhYzc0ZDM2NzgzNWI2ZTI1 YzdjNGExZTVkZGU2NTUwY2IwNWRlZTE2NWRhMTIyMjUzMGY3ZGU3OTNmMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdHQqoUH/urn26svj5xTeJgsvqKL O+0yck1j4livKpKWFz01xFLrFw6JmzVxRbGmfklRcepAie9rdQ7D/qf/H1RzTb/y V7FMz6okZdhIber9m9Ghr799diAgT0mv0H3DIt2d8veEU8US9Vpid7R4GNWPdn5a 3oM+a4nHiWRXPZSgcScoufcIldHU0MwrNqH2GPAJJrWp6XOgpx8x2tZS1KrVqfDc S4fe4b2o82QEDanxDjR82aqS/YGgTOFhrheA3mkE9wrfhaG0z/3MQoqcit51qaIR z8+2aO17RwU2Gn9IOU6YKHCIBl3fQ8Jb9v3i+k79jMbDpUNAzbasonLmiQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNPTfyOWJ2BX2V00q2oqgVRKeSmGMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwOTU2NjkwLTM2NjEtNDlmMi04ZWJjLTJmYTVhNDdhOThhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jwMA0GCSqGSIb3DQEBCwUAA4IBAQBQGVoD1W2nudiBny1uaH/e jnTFuHKhD24mm42HSp+58g4rdwJVRT/LUQkxGFNcdAQFJ5tt50RyAABNEpC7QhYV tPGqHqkgAguPtBpohscajZS0vsYKBPXrTWs9K95njbQ7Q6gal+zk8aTy49dOKFNd 7XginLBz9cc/TyI0dQxnPoMlFTtFky14O01q7fUXI1qAyiLeTPviwNPPIILov6v7 B/h0Yt5eJoj+zf8/L9Wz9Ygwdp1SeNIxRqKTnzU5X3IL/CB9cNWTwyVhxGStlaWb oaRvr8z+cYjGBivrlafdKvUTaaPyCMGR+kb/gGuq/X7GAn3MsSFhP5LgW4ipME/8 -----END CERTIFICATE-----Generated at Sat Apr 26 07:36:02 2025 by rpki-client