$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa File: 5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa (raw, json) Hash identifier: CTwkS+vlh5gsNelP4Y7lX3qUJvxvfA1r4QVw08TpFGU= Subject key identifier: EE:F5:AC:BA:CC:44:32:00:B8:9B:D0:E6:A9:80:6F:1A:78:E0:ED:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2C098014A1E21E8698E828E9F2C4A881E5629FA1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa Signing time: Sat 14 Jun 2025 00:00:44 +0000 ROA not before: Sat 14 Jun 2025 00:00:44 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.0.0/13 maxlen: 13 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:09:80:14:a1:e2:1e:86:98:e8:28:e9:f2:c4:a8:81:e5:62:9f:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 14 00:00:44 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=ea2bb0f4e28e039ea42d18eba595d8513efd428810a56b2bb0ae2b65b63aa83c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:e4:f9:99:db:6a:ef:0e:56:0a:ca:d9:2f:4b: 0d:ec:31:5b:6e:49:76:54:82:7c:bd:49:75:37:2d: 9f:ea:21:0b:7c:cc:a7:36:48:86:68:7a:c8:7d:de: 44:98:9b:6d:6c:13:d7:06:72:39:62:1d:48:c8:9b: 94:dd:44:cf:6b:a8:8e:30:67:76:fe:7b:0a:53:c2: 8b:04:ec:b7:07:e9:e3:a9:e3:a0:f3:f4:75:d5:c6: 5f:05:28:c4:b7:c2:c2:f5:2c:dd:30:c6:9c:7c:11: d7:ab:fc:10:d6:dc:a1:8e:ba:18:dc:38:0e:d3:8a: c1:4f:2b:ea:6d:5c:f2:01:49:7b:6f:8c:72:27:ac: 76:b2:fb:22:d1:71:67:3e:da:d8:7e:ea:e9:cb:f1: c6:44:2d:ec:8a:d9:c9:47:ad:34:27:cf:05:45:f5: 2e:25:75:3f:54:b3:93:28:a4:86:73:ef:64:b4:0e: 59:d5:2b:f6:dc:40:56:f6:ce:14:db:cd:6c:22:c6: cc:cd:93:f4:21:59:1b:f0:ff:57:05:1d:37:6e:09: 83:1e:62:b4:c0:de:06:31:b8:e3:c8:0d:9b:59:27: 6d:72:f1:98:02:8a:17:6b:00:63:a9:96:9b:2d:20: 0b:eb:b8:fc:5a:d1:98:ea:d6:06:75:96:db:1e:c7: 9d:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:F5:AC:BA:CC:44:32:00:B8:9B:D0:E6:A9:80:6F:1A:78:E0:ED:A7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.0.0/13 Signature Algorithm: sha256WithRSAEncryption 8e:ff:62:00:32:bc:00:bd:81:dc:f8:34:91:f3:a4:b0:8e:68: 20:64:9a:93:04:f0:99:56:03:43:98:13:01:d9:b3:c7:58:c2: 1c:4f:4f:25:c2:00:86:79:e5:80:7d:f7:39:58:54:ad:eb:38: c4:d6:ae:34:2d:c7:ba:5e:d9:7d:ec:78:0c:d8:82:10:18:f5: f6:40:d5:e1:12:37:d6:62:fa:89:73:d1:7b:ea:5e:c8:ab:32: 59:98:f8:e5:08:d7:6d:43:2a:57:0c:7d:49:19:87:aa:48:45: de:e0:9d:11:c6:35:89:8b:28:1c:38:90:e4:ce:bd:e7:50:46: 99:f6:21:3a:1b:4a:06:6e:a1:b3:1d:30:a5:96:12:1f:c8:54: 29:0e:1c:24:53:ee:b5:d7:e7:26:90:4f:7f:04:e9:26:ec:e5: 86:38:73:48:37:9e:03:d8:a1:02:0d:2e:8a:7a:05:b9:9f:d9: 4a:1c:3c:23:e4:3a:55:b2:4a:1e:12:f2:c9:83:d8:e3:53:8e: ea:d6:4d:a0:28:6b:db:d6:b9:3f:63:b7:f4:ec:a4:f0:bf:06: 43:08:ed:dc:11:22:cc:6f:6e:ac:67:c9:42:47:9b:1d:0a:11: 69:2e:59:9e:1d:e0:56:19:68:c3:71:e2:db:28:d4:de:94:af: e8:20:99:ec -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIULAmAFKHiHoaY6Cjp8sSogeVin6EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNDAwMDA0NFoX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAZWEyYmIwZjRlMjhlMDM5ZWE0MmQx OGViYTU5NWQ4NTEzZWZkNDI4ODEwYTU2YjJiYjBhZTJiNjViNjNhYTgzYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOT5mdtq7w5WCsrZL0sN7DFbbkl2 VIJ8vUl1Ny2f6iELfMynNkiGaHrIfd5EmJttbBPXBnI5Yh1IyJuU3UTPa6iOMGd2 /nsKU8KLBOy3B+njqeOg8/R11cZfBSjEt8LC9SzdMMacfBHXq/wQ1tyhjroY3DgO 04rBTyvqbVzyAUl7b4xyJ6x2svsi0XFnPtrYfurpy/HGRC3sitnJR600J88FRfUu JXU/VLOTKKSGc+9ktA5Z1Sv23EBW9s4U281sIsbMzZP0IVkb8P9XBR03bgmDHmK0 wN4GMbjjyA2bWSdtcvGYAooXawBjqZabLSAL67j8WtGY6tYGdZbbHsed/wIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFO71rLrMRDIAuJvQ5qmAbxp44O2nMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzViZjRkMjlkLWI3NTUtNDVlOS1hZDEyLWNhZDhiODhiMDFiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK9AwDQYJKoZIhvcNAQELBQADggEBAI7/YgAyvAC9gdz4NJHzpLCO aCBkmpME8JlWA0OYEwHZs8dYwhxPTyXCAIZ55YB99zlYVK3rOMTWrjQtx7pe2X3s eAzYghAY9fZA1eESN9Zi+olz0XvqXsirMlmY+OUI121DKlcMfUkZh6pIRd7gnRHG NYmLKBw4kOTOvedQRpn2ITobSgZuobMdMKWWEh/IVCkOHCRT7rXX5yaQT38E6Sbs 5YY4c0g3ngPYoQINLop6Bbmf2UocPCPkOlWySh4S8smD2ONTjurWTaAoa9vWuT9j t/TspPC/BkMI7dwRIsxvbqxnyUJHmx0KEWkuWZ4d4FYZaMNx4tso1N6Ur+ggmew= -----END CERTIFICATE-----Generated at Sat Jun 14 06:08:49 2025 by rpki-client