$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa File: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (raw, json) Hash identifier: n/FQIF59JwGr61LZy6KAZfYmBj5LQT+P8P8ddmzozCA= Subject key identifier: AE:3C:54:1D:46:3E:34:0E:92:74:47:FA:E2:CE:DB:3A:31:D3:61:D7 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 7A96C443E04EBB10EA7E9DB0DC82AF15FA5ED30D Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa Signing time: Sat 14 Jun 2025 00:00:06 +0000 ROA not before: Sat 14 Jun 2025 00:00:06 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:96:c4:43:e0:4e:bb:10:ea:7e:9d:b0:dc:82:af:15:fa:5e:d3:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jun 14 00:00:06 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=c0cf5906fd1097538cfdf8df9b8480d59612c9e40514c7dc09ef113be7e14b60, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ff:84:de:94:f2:55:63:69:e9:95:21:45:ad: c9:0c:f8:6c:bf:3d:9f:f5:5b:a6:c8:c6:43:e1:f8: 8a:34:a3:03:f4:a7:6b:3b:75:50:ae:55:d9:5e:20: 64:f7:57:03:b5:ba:63:e3:9f:9c:33:5f:f3:6d:43: 1f:ed:f2:23:eb:ce:58:f0:ac:22:38:6d:2c:b5:97: 17:92:26:5e:ee:1b:36:94:2e:27:96:2d:de:24:11: f9:ae:20:e5:1d:88:0a:c1:7b:e9:bd:5b:08:a5:b9: 0e:d1:5c:92:cc:1d:76:a9:57:f1:ab:25:45:ef:d8: 7e:4a:a6:bb:cf:8b:1b:ae:1d:92:09:43:7c:d9:50: 8b:08:01:24:ef:50:90:22:6b:ee:f8:ef:59:99:b9: d7:94:26:63:d2:7b:92:fe:2f:82:2e:8e:74:c1:9a: 67:b0:84:58:0a:15:a2:d1:10:17:c9:92:47:a1:31: 3c:e5:6f:7f:86:a3:21:37:08:93:33:aa:79:8b:9a: 71:e2:40:7c:c5:56:d3:a3:e4:bb:c1:f6:c2:6f:29: b5:e2:aa:bc:a1:73:75:99:16:fd:92:44:99:c7:e0: 97:e1:84:e4:2e:f9:8b:81:66:b5:ad:fa:ea:c1:f4: ea:82:11:8a:63:c3:35:60:49:3b:7a:62:5d:f9:6b: d0:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:3C:54:1D:46:3E:34:0E:92:74:47:FA:E2:CE:DB:3A:31:D3:61:D7 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 09:7a:1d:68:83:fa:36:95:58:bb:b4:d7:6b:da:de:7f:29:92: 6b:18:c3:5d:f2:8f:15:ed:12:ac:23:d8:8c:8f:e4:3b:e0:cf: 51:67:91:9b:a3:c1:6b:f9:93:d6:92:ce:0f:2f:68:56:aa:f0: 2f:47:9e:3b:18:c5:f0:81:2d:13:5b:6b:be:cb:c1:6a:40:5e: 9b:63:4e:cc:25:a6:d2:6e:5a:81:64:d8:62:72:61:50:4b:29: 1e:ee:75:55:33:d1:39:34:6c:cd:33:9c:52:32:af:91:91:12: 91:75:ed:1f:d9:d0:ac:02:f9:da:36:e3:f1:70:b6:73:17:8a: 63:68:50:b0:1e:ed:d6:6e:94:a9:fc:15:94:ae:23:c5:d8:ec: d0:6e:95:63:f8:7b:c1:31:8e:c2:c9:37:79:17:3a:47:d5:0f: 44:c7:c4:d3:7b:cb:72:75:b9:b5:c4:a1:fc:5b:a9:d1:7a:a1: 0b:a7:31:38:2c:e2:d1:e6:ea:2a:50:80:de:33:12:de:4c:14: 77:95:f2:54:56:c2:99:20:15:70:55:1d:ce:a3:86:3b:be:b2: 18:c6:39:2f:83:6d:59:8c:8d:e9:f5:03:5e:f2:83:7c:94:de: c4:83:02:47:0e:75:1e:92:7a:ea:04:56:1b:8d:bb:a3:26:de: c1:08:bf:d2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUepbEQ+BOuxDqfp2w3IKvFfpe0w0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDYxNDAwMDAwNloX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAYzBjZjU5MDZmZDEwOTc1MzhjZmRm OGRmOWI4NDgwZDU5NjEyYzllNDA1MTRjN2RjMDllZjExM2JlN2UxNGI2MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP+E3pTyVWNp6ZUhRa3JDPhsvz2f 9VumyMZD4fiKNKMD9KdrO3VQrlXZXiBk91cDtbpj45+cM1/zbUMf7fIj685Y8Kwi OG0stZcXkiZe7hs2lC4nli3eJBH5riDlHYgKwXvpvVsIpbkO0VySzB12qVfxqyVF 79h+Sqa7z4sbrh2SCUN82VCLCAEk71CQImvu+O9ZmbnXlCZj0nuS/i+CLo50wZpn sIRYChWi0RAXyZJHoTE85W9/hqMhNwiTM6p5i5px4kB8xVbTo+S7wfbCbym14qq8 oXN1mRb9kkSZx+CX4YTkLvmLgWa1rfrqwfTqghGKY8M1YEk7emJd+WvQIwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFK48VB1GPjQOknRH+uLO2zox02HXMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1ZDZjYmFlLThiN2YtNDVhOS04ZDliLTQ1OGQxMGE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQAJeh1og/o2lVi7tNdr2t5/ KZJrGMNd8o8V7RKsI9iMj+Q74M9RZ5Gbo8Fr+ZPWks4PL2hWqvAvR547GMXwgS0T W2u+y8FqQF6bY07MJabSblqBZNhicmFQSyke7nVVM9E5NGzNM5xSMq+RkRKRde0f 2dCsAvnaNuPxcLZzF4pjaFCwHu3WbpSp/BWUriPF2OzQbpVj+HvBMY7CyTd5FzpH 1Q9Ex8TTe8tydbm1xKH8W6nReqELpzE4LOLR5uoqUIDeMxLeTBR3lfJUVsKZIBVw VR3Oo4Y7vrIYxjkvg21ZjI3p9QNe8oN8lN7EgwJHDnUeknrqBFYbjbujJt7BCL/S -----END CERTIFICATE-----Generated at Sat Jun 14 06:21:15 2025 by rpki-client