$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa File: 565f9740-389f-45ac-956e-b96e19889315.roa (raw, json) Hash identifier: e/8dQLlGg4I6ypc/gYLTZWobutoBYrYEkEvH6RUfOHA= Subject key identifier: 4C:D7:45:7F:D0:E3:3D:67:5A:2D:DD:99:CF:50:0D:60:26:80:9C:22 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 698058B45E95567EA902B520F811661137DA43EF Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa Signing time: Sat 14 Jun 2025 00:00:09 +0000 ROA not before: Sat 14 Jun 2025 00:00:09 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:80:58:b4:5e:95:56:7e:a9:02:b5:20:f8:11:66:11:37:da:43:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jun 14 00:00:09 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=ec6bc1a223e3566d8edc565422afb34792973d6664f293f5f070b3addde3358a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:c6:59:e2:08:8c:26:0a:87:50:f6:e5:36:73: 5b:e4:a5:5f:d9:44:39:bb:02:70:dc:b3:ab:33:f5: b2:61:f8:61:20:64:9d:bf:4f:b4:73:a1:53:ea:81: 49:b8:93:1b:b8:a9:b3:cb:69:c0:df:37:72:93:30: 8c:59:ce:06:34:19:1d:b5:92:67:85:51:76:9b:b6: 66:08:83:97:7b:df:7a:2c:c4:86:0b:43:a9:dd:52: 34:55:3e:4e:bd:c8:0f:a7:81:84:8f:2c:b3:cc:2e: 28:57:1c:c4:81:05:7c:0b:16:a6:ce:f6:3e:52:6b: 75:53:27:aa:7a:ec:58:aa:aa:9b:42:83:27:b4:5a: 7d:69:ea:e1:e0:03:0a:24:25:5f:a0:d6:da:a2:9b: 3b:08:32:4c:fd:1d:68:d1:c2:2f:b4:5f:79:ce:68: c0:5d:0a:ce:4a:28:c7:fd:17:c7:98:0a:e8:d1:dd: a0:ec:35:e7:4e:08:9e:d2:65:ef:76:66:b2:f8:0e: eb:01:c7:6f:bc:0d:e7:7a:c3:03:76:56:14:b5:0d: 73:04:98:33:00:6b:88:c3:ea:41:71:ec:b2:67:d6: bf:ab:ef:94:da:8b:95:4d:e5:1d:7f:1f:36:77:e4: a0:dd:8d:06:cf:85:fa:88:8f:0e:66:02:25:c1:42: d0:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:D7:45:7F:D0:E3:3D:67:5A:2D:DD:99:CF:50:0D:60:26:80:9C:22 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 35:c3:03:f5:7e:a3:cf:88:c2:35:d3:03:4f:72:ec:ec:1f:65: 85:9c:61:a1:39:2d:6d:51:bf:bc:dd:87:f7:89:55:08:0a:c4: 61:3f:52:c7:83:aa:9c:3c:ef:e9:f4:05:6a:e5:c2:12:c5:ea: 7d:e3:d8:18:12:10:11:25:e1:8e:9f:94:bb:f3:fe:17:2a:1d: 3e:63:03:54:bd:cc:fa:ac:88:89:f9:9f:30:9a:aa:8a:85:88: 28:35:a8:6f:d1:78:6e:f1:1d:45:e8:99:4c:ef:92:11:3b:b6: df:8f:51:5e:71:dc:ce:0a:e7:05:69:58:ad:02:bf:d1:86:a0: 5d:36:cc:92:76:41:16:fb:17:31:3a:e5:f5:4d:0e:bd:6c:0d: 27:e6:42:11:4e:2d:38:97:1a:88:9a:eb:2b:79:e6:35:47:bb: 5c:74:9b:6d:9e:13:68:a3:2f:a1:5e:ee:77:78:33:92:bd:09: 7d:fd:b3:e6:aa:22:9a:ea:04:b3:0b:a1:8b:7f:b8:4d:e7:90: 7a:ac:94:f3:05:8f:9e:39:bb:b4:f4:44:ef:49:0f:51:12:38: c3:19:71:e4:49:ca:93:d3:a3:03:f0:fe:28:e7:57:7e:31:32: 9e:f5:e2:f1:24:e3:4c:72:ad:89:a3:ea:8e:f9:bd:e3:d6:84: 87:8c:cf:b0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUaYBYtF6VVn6pArUg+BFmETfaQ+8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDYxNDAwMDAwOVoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAZWM2YmMxYTIyM2UzNTY2ZDhlZGM1 NjU0MjJhZmIzNDc5Mjk3M2Q2NjY0ZjI5M2Y1ZjA3MGIzYWRkZGUzMzU4YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8ZZ4giMJgqHUPblNnNb5KVf2UQ5 uwJw3LOrM/WyYfhhIGSdv0+0c6FT6oFJuJMbuKmzy2nA3zdykzCMWc4GNBkdtZJn hVF2m7ZmCIOXe996LMSGC0Op3VI0VT5OvcgPp4GEjyyzzC4oVxzEgQV8CxamzvY+ Umt1UyeqeuxYqqqbQoMntFp9aerh4AMKJCVfoNbaops7CDJM/R1o0cIvtF95zmjA XQrOSijH/RfHmAro0d2g7DXnTgie0mXvdmay+A7rAcdvvA3nesMDdlYUtQ1zBJgz AGuIw+pBceyyZ9a/q++U2ouVTeUdfx82d+Sg3Y0Gz4X6iI8OZgIlwULQXQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEzXRX/Q4z1nWi3dmc9QDWAmgJwiMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2NWY5NzQwLTM4OWYtNDVhYy05NTZlLWI5NmUxOTg4OTMxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jgMA0GCSqGSIb3DQEBCwUAA4IBAQA1wwP1fqPPiMI10wNPcuzs H2WFnGGhOS1tUb+83Yf3iVUICsRhP1LHg6qcPO/p9AVq5cISxep949gYEhARJeGO n5S78/4XKh0+YwNUvcz6rIiJ+Z8wmqqKhYgoNahv0Xhu8R1F6JlM75IRO7bfj1Fe cdzOCucFaVitAr/RhqBdNsySdkEW+xcxOuX1TQ69bA0n5kIRTi04lxqImusreeY1 R7tcdJttnhNooy+hXu53eDOSvQl9/bPmqiKa6gSzC6GLf7hN55B6rJTzBY+eObu0 9ETvSQ9REjjDGXHkScqT06MD8P4o51d+MTKe9eLxJONMcq2Jo+qO+b3j1oSHjM+w -----END CERTIFICATE-----Generated at Sat Jun 14 18:56:59 2025 by rpki-client