$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa File: 565f9740-389f-45ac-956e-b96e19889315.roa (raw, json) Hash identifier: X068U9bzjrj3gFYNuGwKvaqDTdkC448TENmH5VTdgHA= Subject key identifier: 9C:9B:96:78:E1:67:33:B1:C3:4F:9C:D8:10:96:AC:FE:00:7F:96:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 4E33562E201227D54607A7299330A9561CB74EBC Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa Signing time: Fri 25 Apr 2025 00:00:42 +0000 ROA not before: Fri 25 Apr 2025 00:00:42 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:33:56:2e:20:12:27:d5:46:07:a7:29:93:30:a9:56:1c:b7:4e:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 25 00:00:42 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=b2d07111b71e2d8b389d7d932b7a70b852d684caaa17b4d646539b116c8a5acb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:bd:b8:00:b8:a7:82:25:18:5f:7f:aa:ee:eb: de:b3:19:b3:f6:8b:f2:87:18:08:47:36:7d:6d:e4: e3:6f:4c:86:11:b5:44:5d:03:b9:06:70:42:26:29: 0e:9c:58:d7:cc:af:32:a8:16:62:f3:b4:b1:54:a2: 69:d5:81:1b:8e:4b:24:63:42:a3:a3:df:25:a7:34: 68:be:0b:35:17:82:1e:00:bb:f8:9a:d8:34:ea:98: cc:77:03:2a:a9:5e:82:e0:1d:35:f6:d0:81:b1:9d: 08:8d:10:30:fb:f2:dc:cc:d9:85:ba:5a:50:ec:ad: e0:58:b2:c0:44:6a:89:b7:60:fa:ae:b7:19:e5:94: 00:97:1f:f0:90:6c:b4:9f:b5:8c:62:af:a1:7a:4a: 1e:7a:a2:f7:e8:82:2b:bf:81:4d:21:bb:e7:43:7b: 51:cf:00:32:b8:fe:ed:44:6f:10:00:f4:63:ed:04: f9:f3:d6:0d:4e:d8:f1:97:57:49:d8:90:40:7e:6b: 09:82:28:15:69:e9:dc:96:04:6a:7e:ef:1e:30:fc: b3:96:a9:2f:db:c2:b3:dc:74:ff:06:94:ff:af:cd: 34:a4:df:31:28:cb:0a:8d:61:01:11:f8:b7:93:06: ad:29:4b:10:9c:d5:8d:b8:f7:94:78:e7:b4:24:04: 09:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:9B:96:78:E1:67:33:B1:C3:4F:9C:D8:10:96:AC:FE:00:7F:96:B7 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 0a:2a:cb:b6:82:3f:ef:7c:e4:55:2c:25:19:16:c1:de:c9:cb: 21:6e:1b:4d:96:07:74:1f:24:40:e3:8b:21:ef:1d:e7:3e:15: 9d:63:14:0c:5e:0c:4b:11:3e:3c:86:fa:60:f6:01:1e:c5:92: c2:81:f2:77:c3:ec:bb:08:43:e4:b8:72:58:f5:4e:cb:9a:7a: 60:e2:10:c9:a1:5b:99:1b:38:02:f9:aa:89:07:0b:3c:1c:49: 8a:9a:e0:66:7c:3c:24:f4:ad:4e:50:44:12:77:44:23:90:69: 74:6e:08:ea:e4:e8:42:35:2a:b3:8e:8f:be:63:55:02:92:b7: b0:22:8b:f2:f4:cf:e3:5a:75:7a:f2:f9:e8:b4:da:e3:08:30: 69:9a:8e:3d:f4:b9:95:69:e6:d9:32:78:24:c1:d1:82:32:45: a0:a3:93:b3:ae:68:5d:68:68:a6:7c:68:43:36:80:bd:29:a7: 4d:f1:f1:12:8d:5f:c8:61:85:4d:f9:6d:61:d9:99:5d:9a:58: 4d:37:62:a5:df:1b:5d:6b:2a:64:9e:3a:19:cd:c6:30:47:d8: a3:54:f8:d8:79:28:d6:b2:62:39:58:e2:6d:61:90:ab:56:cb: 76:f7:be:3a:0d:e2:aa:84:7c:72:72:eb:22:bf:2d:ed:0a:bb: f1:56:53:36 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTjNWLiASJ9VGB6cpkzCpVhy3TrwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDQyNTAwMDA0MloX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAYjJkMDcxMTFiNzFlMmQ4YjM4OWQ3 ZDkzMmI3YTcwYjg1MmQ2ODRjYWFhMTdiNGQ2NDY1MzliMTE2YzhhNWFjYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr24ALingiUYX3+q7uvesxmz9ovy hxgIRzZ9beTjb0yGEbVEXQO5BnBCJikOnFjXzK8yqBZi87SxVKJp1YEbjkskY0Kj o98lpzRovgs1F4IeALv4mtg06pjMdwMqqV6C4B019tCBsZ0IjRAw+/LczNmFulpQ 7K3gWLLARGqJt2D6rrcZ5ZQAlx/wkGy0n7WMYq+hekoeeqL36IIrv4FNIbvnQ3tR zwAyuP7tRG8QAPRj7QT589YNTtjxl1dJ2JBAfmsJgigVaenclgRqfu8eMPyzlqkv 28Kz3HT/BpT/r800pN8xKMsKjWEBEfi3kwatKUsQnNWNuPeUeOe0JAQJtQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJyblnjhZzOxw0+c2BCWrP4Af5a3MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2NWY5NzQwLTM4OWYtNDVhYy05NTZlLWI5NmUxOTg4OTMxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jgMA0GCSqGSIb3DQEBCwUAA4IBAQAKKsu2gj/vfORVLCUZFsHe ycshbhtNlgd0HyRA44sh7x3nPhWdYxQMXgxLET48hvpg9gEexZLCgfJ3w+y7CEPk uHJY9U7Lmnpg4hDJoVuZGzgC+aqJBws8HEmKmuBmfDwk9K1OUEQSd0QjkGl0bgjq 5OhCNSqzjo++Y1UCkrewIovy9M/jWnV68vnotNrjCDBpmo499LmVaebZMngkwdGC MkWgo5OzrmhdaGimfGhDNoC9KadN8fESjV/IYYVN+W1h2ZldmlhNN2Kl3xtdaypk njoZzcYwR9ijVPjYeSjWsmI5WOJtYZCrVst29746DeKqhHxycusivy3tCrvxVlM2 -----END CERTIFICATE-----Generated at Sat Apr 26 07:40:07 2025 by rpki-client