$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa File: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (raw, json) Hash identifier: 80+dllhGsc5V16ceFMklKCS0pRmrn7Ju3eUH4c9Qlfg= Subject key identifier: 3E:78:3B:D0:88:EC:AB:3A:B0:C9:E1:D6:63:B8:39:05:97:35:FB:96 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 19DB61D21EC0FFBB87438FC9F1234764DD6BDB65 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa Signing time: Fri 25 Apr 2025 00:00:40 +0000 ROA not before: Fri 25 Apr 2025 00:00:40 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:db:61:d2:1e:c0:ff:bb:87:43:8f:c9:f1:23:47:64:dd:6b:db:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 25 00:00:40 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=abb0f53e0f5fee4c37df11ca66f3ebfd9b56fc2de2adf26781f074e644ab8fd6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9b:5d:47:31:81:17:a4:0b:dc:db:bc:12:22: f7:6f:bf:9b:5d:a0:13:75:5e:92:0e:fa:ea:d4:bb: 6c:ec:94:05:3c:82:83:5d:64:21:ad:c2:9e:0f:4a: 44:e8:0a:8c:e5:d9:55:dc:73:04:53:fc:85:0c:57: 8f:37:d1:db:18:b6:10:f1:ef:36:d0:53:0b:97:fc: 6c:99:46:20:4a:a9:40:bb:ef:55:34:94:85:ba:9f: 92:95:1e:47:55:27:62:b7:e8:12:2f:c0:08:c2:75: 2f:f9:48:d1:f6:27:ca:61:c4:42:e5:aa:c9:f1:52: 05:80:15:e0:b6:f1:74:de:47:37:5f:11:22:18:c1: d6:36:09:2a:bd:47:8c:75:8e:6c:8c:c8:07:19:98: 71:37:c9:40:43:ef:c5:d4:06:86:69:8b:73:bc:ff: 50:b7:99:f7:1e:72:2a:b5:f1:10:09:09:93:51:3d: 5e:55:84:f1:45:1b:7e:7d:b2:c2:38:6d:5e:db:ac: 66:c8:6f:ed:9a:b7:0f:f9:08:ad:8d:5b:d3:8b:61: ea:ae:5d:84:4b:1a:98:e6:e0:66:b1:1b:1f:a9:82: e6:7c:e4:91:23:f5:8f:78:ab:61:d6:03:f1:4c:71: 1d:f4:a4:1e:ba:a0:46:0d:61:1d:16:21:e5:62:40: 64:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:78:3B:D0:88:EC:AB:3A:B0:C9:E1:D6:63:B8:39:05:97:35:FB:96 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 07:2a:a1:f4:83:cf:77:42:03:7e:5d:4b:0d:ae:24:4d:e1:b8: 5d:cf:30:84:a7:c8:4b:83:57:1b:6f:e5:bc:76:b0:ae:82:98: 07:e0:c5:b2:ff:79:af:41:ed:cb:a1:96:83:56:48:a2:d1:16: 79:18:4e:af:eb:0f:bf:08:65:ec:74:9f:7a:fa:41:16:f3:6e: 13:4e:10:0d:17:1e:fe:9c:81:48:e3:eb:b9:d1:c8:69:da:f1: ce:57:f3:0a:1d:68:60:7f:0c:db:c0:a7:86:02:7d:25:d3:65: f7:5f:15:6d:32:a7:9f:1b:87:d3:19:03:b6:95:d3:fa:45:e0: 1c:c3:91:a8:b9:bf:42:ff:03:b9:fe:78:49:81:14:53:00:f4: b8:c1:15:ca:ff:62:9e:f6:67:c2:b4:4a:40:f4:8b:53:11:f4: 22:c0:ff:06:37:53:e1:a6:96:9a:cd:89:64:41:74:03:f8:5b: a1:c9:7a:65:1e:6c:fd:0b:bd:af:dc:cd:c0:d6:97:09:9e:9f: 22:02:41:50:e4:47:47:b6:95:6b:39:a1:1b:d4:24:f1:31:1a: b6:2a:02:ca:b7:c0:a1:4c:97:10:0c:b9:3b:a3:a1:63:16:4a: ed:04:a3:a7:97:ca:22:a5:28:b7:fb:64:da:70:e4:d9:e6:1f: 01:07:79:9b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGdth0h7A/7uHQ4/J8SNHZN1r22UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDQyNTAwMDA0MFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAYWJiMGY1M2UwZjVmZWU0YzM3ZGYx MWNhNjZmM2ViZmQ5YjU2ZmMyZGUyYWRmMjY3ODFmMDc0ZTY0NGFiOGZkNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5tdRzGBF6QL3Nu8EiL3b7+bXaAT dV6SDvrq1Lts7JQFPIKDXWQhrcKeD0pE6AqM5dlV3HMEU/yFDFePN9HbGLYQ8e82 0FMLl/xsmUYgSqlAu+9VNJSFup+SlR5HVSdit+gSL8AIwnUv+UjR9ifKYcRC5arJ 8VIFgBXgtvF03kc3XxEiGMHWNgkqvUeMdY5sjMgHGZhxN8lAQ+/F1AaGaYtzvP9Q t5n3HnIqtfEQCQmTUT1eVYTxRRt+fbLCOG1e26xmyG/tmrcP+QitjVvTi2Hqrl2E SxqY5uBmsRsfqYLmfOSRI/WPeKth1gPxTHEd9KQeuqBGDWEdFiHlYkBkhwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFD54O9CI7Ks6sMnh1mO4OQWXNfuWMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1ZDZjYmFlLThiN2YtNDVhOS04ZDliLTQ1OGQxMGE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQAHKqH0g893QgN+XUsNriRN 4bhdzzCEp8hLg1cbb+W8drCugpgH4MWy/3mvQe3LoZaDVkii0RZ5GE6v6w+/CGXs dJ96+kEW824TThANFx7+nIFI4+u50chp2vHOV/MKHWhgfwzbwKeGAn0l02X3XxVt MqefG4fTGQO2ldP6ReAcw5Goub9C/wO5/nhJgRRTAPS4wRXK/2Ke9mfCtEpA9ItT EfQiwP8GN1PhppaazYlkQXQD+FuhyXplHmz9C72v3M3A1pcJnp8iAkFQ5EdHtpVr OaEb1CTxMRq2KgLKt8ChTJcQDLk7o6FjFkrtBKOnl8oipSi3+2TacOTZ5h8BB3mb -----END CERTIFICATE-----Generated at Sat Apr 26 07:33:40 2025 by rpki-client