$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa File: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (raw, json) Hash identifier: Y61C0xsr59coKegF/Fb7kRMesSqxu6amCzKA4hGnoss= Subject key identifier: D7:35:21:C9:1B:4C:9B:E2:99:F8:20:B6:62:47:40:63:1F:27:76:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 70D4C1B8FEDDC5F30767D8A2A25B215D409AF865 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa Signing time: Fri 25 Apr 2025 00:00:42 +0000 ROA not before: Fri 25 Apr 2025 00:00:42 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:d4:c1:b8:fe:dd:c5:f3:07:67:d8:a2:a2:5b:21:5d:40:9a:f8:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 25 00:00:42 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=40b69d3289d62190cffe2cc1eb6ff04dec5ba566622f20ddd60fbdcd4745fe11, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ec:40:bb:65:0a:f4:1a:b0:f2:64:97:ff:0e: 92:d7:d9:51:cc:94:11:12:14:33:c2:5b:f7:f8:2b: 0e:03:35:cb:bd:35:37:e2:d3:fb:fe:50:bc:9d:f5: a4:5b:79:04:91:82:85:1b:d6:25:5d:94:aa:9f:59: 80:7b:3f:44:60:3c:33:ab:c4:b2:fa:61:fd:61:ae: fa:9a:82:c0:15:92:bb:3c:28:3a:1c:75:86:25:ad: 26:82:0a:ec:cb:c8:f6:9b:e6:46:4a:24:7a:fd:cb: 37:91:3c:0a:e0:66:71:9e:47:70:b7:bc:4e:93:86: 67:0f:f5:af:2e:40:a9:2e:f1:50:c1:65:14:66:f9: 86:97:a1:31:9f:2f:a2:c9:9f:ae:f7:74:c9:e0:23: 59:8e:eb:42:ea:97:8b:c5:e3:ba:52:bf:1e:d1:6f: fe:d6:4e:6d:71:37:cb:5d:33:af:a2:e0:55:96:16: 86:06:f8:af:fd:c7:a0:94:2d:89:1f:8c:96:b2:00: 8a:e3:24:96:25:07:2c:8d:8d:96:b3:c7:d7:f7:9d: f1:d0:8b:23:a8:57:ad:03:64:79:ec:f2:50:a1:6e: d9:2a:f3:6c:cf:f4:09:26:07:47:6a:d1:3d:ec:3b: e1:02:7b:cd:14:b9:59:48:bb:e4:56:c3:20:a4:2c: bb:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:35:21:C9:1B:4C:9B:E2:99:F8:20:B6:62:47:40:63:1F:27:76:C5 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 19:0d:80:fd:b5:1b:b6:ed:2b:04:ce:13:68:16:cc:75:e2:69: 49:bc:20:3e:3c:ca:09:01:5c:9f:66:44:30:fd:56:08:e7:ca: ca:57:73:2b:b6:2d:55:e7:6b:02:c5:69:15:0f:e4:cf:3a:2c: 00:00:bf:96:bd:e7:45:96:e0:81:0e:9c:87:e1:34:05:63:56: bb:4c:9e:96:32:aa:6f:ec:68:46:d0:a9:ca:3b:b8:d4:b9:e2: f7:4d:21:ec:de:07:0c:c4:89:11:c4:2b:d2:b5:14:fb:56:97: e4:a8:77:bc:9f:ba:3f:27:21:17:c4:e3:29:47:06:56:84:16: 2b:cd:07:31:61:e9:df:1c:b6:29:21:b1:f8:55:ed:2e:2b:1a: 62:2a:ef:92:2c:09:d0:13:a8:cb:27:85:23:5e:7a:58:73:52: 28:55:1c:f1:64:03:48:32:a2:3c:22:08:62:35:30:dc:09:07: f5:c7:1e:7f:58:1a:d5:15:2c:3c:a8:f2:86:bc:e9:00:72:cc: 70:f3:39:d3:7d:19:ec:f4:29:11:64:a1:d5:40:4c:8e:90:c0: e9:d1:1c:78:e3:a0:04:e8:f5:b9:bf:44:09:ba:f8:bc:5f:2e: e4:5d:97:f3:c5:7e:43:1c:ea:66:c2:b5:30:5c:5f:ad:9e:3f: 93:a6:70:68 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcNTBuP7dxfMHZ9iiolshXUCa+GUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDQyNTAwMDA0MloX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNANDBiNjlkMzI4OWQ2MjE5MGNmZmUy Y2MxZWI2ZmYwNGRlYzViYTU2NjYyMmYyMGRkZDYwZmJkY2Q0NzQ1ZmUxMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+xAu2UK9Bqw8mSX/w6S19lRzJQR EhQzwlv3+CsOAzXLvTU34tP7/lC8nfWkW3kEkYKFG9YlXZSqn1mAez9EYDwzq8Sy +mH9Ya76moLAFZK7PCg6HHWGJa0mggrsy8j2m+ZGSiR6/cs3kTwK4GZxnkdwt7xO k4ZnD/WvLkCpLvFQwWUUZvmGl6Exny+iyZ+u93TJ4CNZjutC6peLxeO6Ur8e0W/+ 1k5tcTfLXTOvouBVlhaGBviv/ceglC2JH4yWsgCK4ySWJQcsjY2Ws8fX953x0Isj qFetA2R57PJQoW7ZKvNsz/QJJgdHatE97DvhAnvNFLlZSLvkVsMgpCy7/wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNc1IckbTJvimfggtmJHQGMfJ3bFMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjYjNlOWY5LTQ2YTItNDFlYi1hNGI3LTc1YjUzZDc5MWYzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQAZDYD9tRu27SsEzhNoFsx1 4mlJvCA+PMoJAVyfZkQw/VYI58rKV3Mrti1V52sCxWkVD+TPOiwAAL+WvedFluCB DpyH4TQFY1a7TJ6WMqpv7GhG0KnKO7jUueL3TSHs3gcMxIkRxCvStRT7VpfkqHe8 n7o/JyEXxOMpRwZWhBYrzQcxYenfHLYpIbH4Ve0uKxpiKu+SLAnQE6jLJ4UjXnpY c1IoVRzxZANIMqI8IghiNTDcCQf1xx5/WBrVFSw8qPKGvOkAcsxw8znTfRns9CkR ZKHVQEyOkMDp0Rx446AE6PW5v0QJuvi8Xy7kXZfzxX5DHOpmwrUwXF+tnj+TpnBo -----END CERTIFICATE-----Generated at Sat Apr 26 07:30:52 2025 by rpki-client