$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ab8755a-b40e-412e-8b0b-d13e0c39aed0.roa File: 9ab8755a-b40e-412e-8b0b-d13e0c39aed0.roa (raw, json) Hash identifier: 5RL21Yonfp6X1+GPWycHOXvHS9rfnmySyH7KXWgq070= Subject key identifier: 0E:24:39:28:02:65:0A:BB:0C:AD:49:F9:CC:28:BD:02:4A:D6:6D:D7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14BDE3D2DF2F53335F82DD5C9739445B95108779 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ab8755a-b40e-412e-8b0b-d13e0c39aed0.roa Signing time: Fri 25 Apr 2025 00:00:50 +0000 ROA not before: Fri 25 Apr 2025 00:00:50 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:bd:e3:d2:df:2f:53:33:5f:82:dd:5c:97:39:44:5b:95:10:87:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 25 00:00:50 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=e5b00da3235aef57c87b600935b5303680c4f405a2f8d64453ce7f36a47dabcb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:e1:08:ca:53:74:7d:9d:d2:a2:de:37:cc:f9: 5d:75:ac:ef:41:cc:c4:c1:aa:a6:12:e6:10:13:17: eb:1c:dd:cc:a3:ba:0f:c1:80:a1:7d:15:5b:74:91: c0:2b:9f:c5:ff:6a:f2:b1:86:40:fd:0f:4b:97:25: 41:1e:39:6e:74:d5:a4:c2:36:01:25:57:49:89:9f: 17:2c:87:b7:9a:0b:4c:19:d5:18:69:fa:3b:ad:e5: 06:4b:b5:83:3f:41:48:25:36:b8:d6:63:e8:33:da: c5:2b:e8:e9:6c:5e:e7:20:33:ea:95:c9:42:1d:a3: 6b:21:f8:83:4d:30:2d:41:a7:b9:27:a5:fa:58:5b: dc:d1:b2:d6:02:32:2b:7d:67:f7:02:a7:41:26:9c: cb:f0:6d:64:23:d0:05:84:3c:a8:85:e6:fa:c8:cf: 7d:7e:d9:9e:fc:7e:6e:75:92:1e:0c:e0:15:31:e1: 3f:94:2d:7b:6a:97:e4:03:a7:06:70:16:2e:66:ad: 4e:f7:31:08:c3:6a:f2:16:81:1e:72:79:56:54:74: 69:0a:8b:c5:53:0d:5c:25:e5:9c:f0:c3:07:7a:78: a4:a7:9a:16:a5:47:87:56:c5:f4:60:b9:0d:ef:34: 31:1c:46:b8:ed:30:d5:0f:4c:94:c0:f1:86:22:c0: e9:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:24:39:28:02:65:0A:BB:0C:AD:49:F9:CC:28:BD:02:4A:D6:6D:D7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ab8755a-b40e-412e-8b0b-d13e0c39aed0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.53.0/24 Signature Algorithm: sha256WithRSAEncryption 48:ce:c6:5d:d1:1e:1f:eb:23:32:13:c0:a2:83:00:28:66:54: 26:95:b9:e4:43:ae:32:24:fb:65:f7:81:a1:55:93:7f:a3:c1: 89:6e:b1:82:2f:0c:15:41:c6:fa:3b:be:af:37:27:e7:db:b4: 40:02:b2:ee:6a:dd:2e:a7:03:52:53:d9:cd:42:b2:02:5b:4f: 7a:5e:bf:26:ae:42:b7:4f:d5:1d:27:b4:e3:88:6a:6b:05:03: f7:eb:21:0c:70:d3:76:a9:7a:f7:0e:41:08:40:81:34:ca:25: 3f:82:90:6b:08:98:42:33:b6:22:ce:de:c4:62:79:6e:ce:56: f6:fe:36:e2:e9:6e:54:6e:4d:cd:a3:9d:65:24:bc:63:68:e4: 49:1f:27:15:e0:b3:ed:0a:9e:36:5f:30:c8:39:23:a5:30:31: bc:4d:43:66:d8:24:9f:c2:96:ff:5b:98:59:4c:16:fe:60:b3: 94:11:8c:4a:77:6c:76:ef:3c:24:d6:2a:7b:4e:bb:c5:e8:c1: d5:28:2a:73:13:16:64:8c:72:b0:b6:2c:e6:d7:c6:81:d0:e8: b3:a2:ac:71:d0:75:7a:5c:7d:d3:1e:31:e1:93:2e:d5:11:f4: 24:c9:65:22:61:51:42:9f:c4:64:ab:76:bb:4e:ce:da:c2:d6: c6:33:d9:df -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFL3j0t8vUzNfgt1clzlEW5UQh3kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyNTAwMDA1MFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAZTViMDBkYTMyMzVhZWY1N2M4N2I2 MDA5MzViNTMwMzY4MGM0ZjQwNWEyZjhkNjQ0NTNjZTdmMzZhNDdkYWJjYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uEIylN0fZ3Sot43zPlddazvQczE waqmEuYQExfrHN3Mo7oPwYChfRVbdJHAK5/F/2rysYZA/Q9LlyVBHjludNWkwjYB JVdJiZ8XLIe3mgtMGdUYafo7reUGS7WDP0FIJTa41mPoM9rFK+jpbF7nIDPqlclC HaNrIfiDTTAtQae5J6X6WFvc0bLWAjIrfWf3AqdBJpzL8G1kI9AFhDyoheb6yM99 ftme/H5udZIeDOAVMeE/lC17apfkA6cGcBYuZq1O9zEIw2ryFoEecnlWVHRpCovF Uw1cJeWc8MMHenikp5oWpUeHVsX0YLkN7zQxHEa47TDVD0yUwPGGIsDphQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFA4kOSgCZQq7DK1J+cwovQJK1m3XMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhYjg3NTVhLWI0MGUtNDEyZS04YjBiLWQxM2UwYzM5YWVkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A1MA0GCSqGSIb3DQEBCwUAA4IBAQBIzsZd0R4f6yMyE8CigwAo ZlQmlbnkQ64yJPtl94GhVZN/o8GJbrGCLwwVQcb6O76vNyfn27RAArLuat0upwNS U9nNQrICW096Xr8mrkK3T9UdJ7TjiGprBQP36yEMcNN2qXr3DkEIQIE0yiU/gpBr CJhCM7Yizt7EYnluzlb2/jbi6W5Ubk3No51lJLxjaORJHycV4LPtCp42XzDIOSOl MDG8TUNm2CSfwpb/W5hZTBb+YLOUEYxKd2x27zwk1ip7TrvF6MHVKCpzExZkjHKw tizm18aB0Oizoqxx0HV6XH3THjHhky7VEfQkyWUiYVFCn8Rkq3a7Ts7awtbGM9nf -----END CERTIFICATE-----Generated at Sat Apr 26 07:30:42 2025 by rpki-client