$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa File: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (raw, json) Hash identifier: 80SooUcBVMqU1en7vI1c3EBW44p7EiKtvQGktRTq55k= Subject key identifier: F8:14:47:BB:09:3B:20:76:10:94:14:99:44:B6:64:82:2F:AE:8E:E6 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 355D4A70D84F11F31E72E165D0C1F9E68B6C7510 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa Signing time: Sat 14 Jun 2025 00:00:09 +0000 ROA not before: Sat 14 Jun 2025 00:00:09 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:5d:4a:70:d8:4f:11:f3:1e:72:e1:65:d0:c1:f9:e6:8b:6c:75:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jun 14 00:00:09 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=16709bd35b2cbe35583e118f86e935bde8297e4abfb2174277af8078dd4f8cc8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:af:a8:c9:b5:a4:04:08:83:d5:01:24:59:66: 0d:9a:fd:bb:00:e8:76:5e:f0:12:fd:c8:7b:55:6d: 3f:8e:ad:a5:18:7d:19:92:fd:4a:ab:db:e4:62:18: ea:b1:4f:eb:9d:e7:b3:15:98:4f:2f:3b:e0:e1:22: 4e:ed:cd:cc:dc:cf:73:b2:fa:6f:76:9b:e9:80:df: 73:f5:63:ed:d8:51:53:6a:ec:ab:c9:d3:21:3c:60: 70:39:5b:0f:6c:51:65:21:bb:08:e7:0b:73:98:33: ee:d2:fa:08:9e:35:95:35:c0:94:20:b0:c7:7f:a9: a4:20:ae:05:54:47:18:22:06:f9:53:1b:48:5b:47: d3:31:6f:01:60:00:bc:09:79:21:3e:64:24:2e:05: 59:10:47:67:04:8f:a0:f1:bb:41:23:a3:6b:6d:68: 61:46:38:42:0b:03:60:51:9c:5c:3c:87:b4:e3:59: 07:f9:51:41:50:31:d6:9f:89:74:56:b1:63:c0:1b: 6e:ed:4b:0e:31:09:e5:b1:e6:f8:18:c4:4d:0e:ad: 4a:86:1e:77:6d:32:df:d0:d9:8b:4f:a8:ca:d7:f0: a7:56:87:98:df:cd:f3:77:83:02:65:11:26:2b:da: 5d:43:8d:e9:84:e3:5e:b5:8a:37:0c:09:b5:6c:cd: 55:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:14:47:BB:09:3B:20:76:10:94:14:99:44:B6:64:82:2F:AE:8E:E6 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 0f:97:a5:ee:6b:e4:c0:10:f4:30:44:0f:e0:02:9c:e2:34:41: e1:2a:52:19:c5:ac:fe:23:f7:94:7c:6d:e1:5b:64:b9:8b:d1: 4a:cb:94:6f:fd:94:fc:c4:ac:cd:33:c2:b6:9e:a7:a9:9d:df: 00:af:34:b4:3f:74:fa:97:8a:d5:61:93:3c:90:22:19:73:e9: c2:fd:0f:66:9c:47:67:81:53:2a:97:bf:87:61:74:5a:c4:5c: 88:b2:3d:fc:30:99:1e:87:4d:47:ae:7e:09:74:89:8b:17:02: 25:ae:9d:83:ae:e9:b1:88:56:e7:ba:22:1e:1c:02:57:08:d6: df:3f:8d:76:80:a7:c1:10:7f:a6:d3:0e:b8:f2:27:7b:b0:ff: 42:32:32:84:cc:78:43:6b:d4:a0:77:ab:c2:6c:6a:9a:71:6e: 85:78:d4:5c:22:cc:00:a4:60:3f:3f:66:b7:5f:55:29:b6:70: 85:91:ad:5f:f4:60:7c:65:07:02:34:42:3d:3f:91:e8:70:c7: 1e:66:a6:17:d5:53:7b:d0:4e:7f:76:f0:88:97:ad:b3:8f:a4: 32:4a:4a:d5:8b:1e:32:ef:56:b6:0b:7e:29:e1:42:1d:49:78: d1:ab:4e:75:9f:44:4f:5e:4d:2f:bc:85:ea:c0:d2:f3:4a:37: c2:c5:b5:f3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUNV1KcNhPEfMecuFl0MH55otsdRAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDYxNDAwMDAwOVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAMTY3MDliZDM1YjJjYmUzNTU4M2Ux MThmODZlOTM1YmRlODI5N2U0YWJmYjIxNzQyNzdhZjgwNzhkZDRmOGNjODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq+oybWkBAiD1QEkWWYNmv27AOh2 XvAS/ch7VW0/jq2lGH0Zkv1Kq9vkYhjqsU/rneezFZhPLzvg4SJO7c3M3M9zsvpv dpvpgN9z9WPt2FFTauyrydMhPGBwOVsPbFFlIbsI5wtzmDPu0voInjWVNcCUILDH f6mkIK4FVEcYIgb5UxtIW0fTMW8BYAC8CXkhPmQkLgVZEEdnBI+g8btBI6NrbWhh RjhCCwNgUZxcPIe041kH+VFBUDHWn4l0VrFjwBtu7UsOMQnlseb4GMRNDq1Khh53 bTLf0NmLT6jK1/CnVoeY383zd4MCZREmK9pdQ43phONetYo3DAm1bM1VAwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPgUR7sJOyB2EJQUmUS2ZIIvro7mMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjYjNlOWY5LTQ2YTItNDFlYi1hNGI3LTc1YjUzZDc5MWYzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQAPl6Xua+TAEPQwRA/gApzi NEHhKlIZxaz+I/eUfG3hW2S5i9FKy5Rv/ZT8xKzNM8K2nqepnd8ArzS0P3T6l4rV YZM8kCIZc+nC/Q9mnEdngVMql7+HYXRaxFyIsj38MJkeh01Hrn4JdImLFwIlrp2D rumxiFbnuiIeHAJXCNbfP412gKfBEH+m0w648id7sP9CMjKEzHhDa9Sgd6vCbGqa cW6FeNRcIswApGA/P2a3X1UptnCFka1f9GB8ZQcCNEI9P5HocMceZqYX1VN70E5/ dvCIl62zj6QySkrVix4y71a2C34p4UIdSXjRq051n0RPXk0vvIXqwNLzSjfCxbXz -----END CERTIFICATE-----Generated at Sat Jun 14 06:03:04 2025 by rpki-client