$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa File: 5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa (raw, json) Hash identifier: JCTSX6Shji1udH66Y++PNoEiAYcI21mHlUHx3al7nU0= Subject key identifier: 9C:6D:53:BE:34:B2:B3:30:D7:68:92:A0:00:3C:4D:11:47:FA:EC:50 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4E5A034CCE452131676934C7CCB968450001E779 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa Signing time: Sat 26 Apr 2025 00:00:05 +0000 ROA not before: Sat 26 Apr 2025 00:00:05 +0000 ROA not after: Sat 31 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.0.0/13 maxlen: 13 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:5a:03:4c:ce:45:21:31:67:69:34:c7:cc:b9:68:45:00:01:e7:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 26 00:00:05 2025 GMT Not After : May 31 23:59:59 2025 GMT Subject: serialNumber=ce64f2e6c5da9d3365f2e11534a23ae2d12f470c9ce7583990d3985d61c4bd51, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:82:b4:43:f2:03:fe:27:73:65:98:dc:ad:41: 72:fc:9c:20:b1:81:26:84:fa:b3:27:70:e9:e4:98: 8f:27:f2:34:ce:99:ed:6c:6c:ca:57:a2:b0:54:c3: ad:d0:23:13:34:dc:3f:19:4c:01:da:e9:6b:22:70: 27:69:24:df:d4:e5:8b:a8:6a:fa:d3:89:de:e2:63: 82:5e:58:4f:c5:ce:78:9b:0a:4d:f7:30:1e:9e:1d: 22:66:57:6b:cd:d2:58:6b:58:f7:a1:5c:fc:b5:90: d1:da:d5:49:7c:83:20:5f:6a:ac:92:3f:b0:38:10: 1b:f4:b6:61:21:df:3f:d2:32:01:a4:15:0c:39:25: 9e:6f:ab:93:ca:56:76:51:6f:7e:0d:c1:ea:c3:5e: ad:17:98:14:ef:f9:ea:21:b7:1a:69:26:7b:e3:77: 41:2b:ee:91:72:26:8e:ef:52:b2:ae:44:92:c7:31: d0:5e:53:1d:49:6b:c4:9e:42:b5:b0:c6:0e:fd:4d: 03:fe:96:ee:7e:e3:83:e6:6c:16:db:ce:42:7a:65: d3:e7:52:b4:31:f7:ab:4c:8c:30:6d:a5:53:2e:6b: 8e:18:8a:34:3e:38:98:8c:d6:08:70:84:0f:fc:24: fc:bc:48:97:18:14:ab:22:46:aa:cb:09:85:55:4a: 17:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:6D:53:BE:34:B2:B3:30:D7:68:92:A0:00:3C:4D:11:47:FA:EC:50 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.0.0/13 Signature Algorithm: sha256WithRSAEncryption 6a:63:05:25:93:7b:4a:63:2e:de:98:c6:86:b1:1a:a4:1e:f1: 70:6a:38:56:89:76:ab:9c:06:77:e8:6f:77:28:9e:a2:16:03: 92:d1:50:42:9d:3f:34:6d:f3:a4:83:49:67:51:aa:43:35:b0: 07:c3:17:07:77:66:8c:ad:d4:f8:c5:16:7d:07:e8:8a:81:95: bb:65:16:38:9a:5a:3f:0d:e5:3a:5f:7d:9c:a4:79:a7:40:c8: bb:9c:15:33:9b:8d:87:39:f3:ad:6b:e7:33:1d:ab:43:42:d7: 5f:0b:96:3b:3a:7f:17:8b:59:f2:62:d9:aa:5b:dc:1a:ce:cb: 49:eb:ef:dd:f8:eb:ba:74:e3:11:fc:12:a8:de:ee:fb:a2:e0: 67:4d:23:b6:13:ff:d0:b1:f2:56:d4:06:b4:43:8f:f0:16:c2: e5:0e:8b:5f:13:2d:b6:4d:bd:c9:33:76:39:5a:24:fc:9e:7a: 80:ba:1c:86:7d:86:7b:36:1a:ac:aa:63:6e:22:4a:cd:c8:84: 43:d9:ee:3a:12:3e:14:cc:c2:95:ca:6e:cb:5f:5a:50:65:84: be:6e:08:6c:75:a4:bd:c1:bd:5f:34:33:87:13:2c:a4:b8:38: aa:71:66:b7:dd:71:a7:f5:bb:18:39:a6:43:5b:a4:63:e7:7b: 2f:e1:f5:60 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUTloDTM5FITFnaTTHzLloRQAB53kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyNjAwMDAwNVoX DTI1MDUzMTIzNTk1OVowejFJMEcGA1UEBRNAY2U2NGYyZTZjNWRhOWQzMzY1ZjJl MTE1MzRhMjNhZTJkMTJmNDcwYzljZTc1ODM5OTBkMzk4NWQ2MWM0YmQ1MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4K0Q/ID/idzZZjcrUFy/JwgsYEm hPqzJ3Dp5JiPJ/I0zpntbGzKV6KwVMOt0CMTNNw/GUwB2ulrInAnaSTf1OWLqGr6 04ne4mOCXlhPxc54mwpN9zAenh0iZldrzdJYa1j3oVz8tZDR2tVJfIMgX2qskj+w OBAb9LZhId8/0jIBpBUMOSWeb6uTylZ2UW9+DcHqw16tF5gU7/nqIbcaaSZ743dB K+6RciaO71KyrkSSxzHQXlMdSWvEnkK1sMYO/U0D/pbufuOD5mwW285CemXT51K0 MferTIwwbaVTLmuOGIo0PjiYjNYIcIQP/CT8vEiXGBSrIkaqywmFVUoXYwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFJxtU740srMw12iSoAA8TRFH+uxQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzViZjRkMjlkLWI3NTUtNDVlOS1hZDEyLWNhZDhiODhiMDFiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK9AwDQYJKoZIhvcNAQELBQADggEBAGpjBSWTe0pjLt6YxoaxGqQe 8XBqOFaJdqucBnfob3conqIWA5LRUEKdPzRt86SDSWdRqkM1sAfDFwd3Zoyt1PjF Fn0H6IqBlbtlFjiaWj8N5TpffZykeadAyLucFTObjYc5861r5zMdq0NC118Lljs6 fxeLWfJi2apb3BrOy0nr793467p04xH8Eqje7vui4GdNI7YT/9Cx8lbUBrRDj/AW wuUOi18TLbZNvckzdjlaJPyeeoC6HIZ9hns2GqyqY24iSs3IhEPZ7joSPhTMwpXK bstfWlBlhL5uCGx1pL3BvV80M4cTLKS4OKpxZrfdcaf1uxg5pkNbpGPney/h9WA= -----END CERTIFICATE-----Generated at Sat Apr 26 07:32:01 2025 by rpki-client