$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: bkvR3JA/fWxGuSnPgMF5xYxAGZ1T00VGLETmxfENh+4= Subject key identifier: E7:7C:A8:0A:86:55:5E:EC:CC:B9:26:F8:7D:11:A8:9B:2C:CF:02:6A Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 41ED743600D5A53562CE92719825DDAA0A33A127 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Sat 31 May 2025 00:00:06 +0000 ROA not before: Sat 31 May 2025 00:00:06 +0000 ROA not after: Sat 05 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:ed:74:36:00:d5:a5:35:62:ce:92:71:98:25:dd:aa:0a:33:a1:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 31 00:00:06 2025 GMT Not After : Jul 5 23:59:59 2025 GMT Subject: serialNumber=d590999f356112555606a91eccecf1ef71b11808dc6b72ac41102c270cc49bf3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:f3:a5:0e:71:15:ca:d2:37:5e:88:92:f3:0f: 96:8c:fd:4c:b6:6d:91:0f:9f:1b:c5:bf:c1:09:e5: e9:5e:2a:47:38:20:84:56:54:b6:a0:dd:0f:b1:76: f5:af:58:1e:f8:e7:92:6c:84:6c:a9:36:26:bc:20: bf:33:7d:74:60:60:3e:11:98:55:5a:c3:e6:9c:8a: 5a:74:8b:7f:ff:5b:14:81:2f:a0:52:b7:ce:e6:58: 19:43:92:d6:82:7c:23:7d:6a:12:30:77:1f:d3:4d: 16:11:69:92:88:d8:48:de:5f:02:af:8f:b7:a9:22: ae:a7:c5:b3:91:2c:11:fa:52:1b:79:8b:f7:1a:4c: 90:76:e2:f8:8c:49:93:81:ba:bc:83:3e:74:86:ce: f0:7e:05:95:5d:62:95:10:77:f9:b8:5b:b0:6b:82: 6d:13:15:7f:b2:a9:09:8a:f9:29:dd:c1:3e:ad:6f: d4:ba:7c:71:81:27:07:48:76:d0:4a:e7:c4:f2:a6: 47:49:46:fc:4f:ff:67:5a:97:ba:d2:ed:b4:1b:0b: 25:da:94:74:88:5e:e1:ab:83:07:ba:55:0d:2b:9c: 93:dd:98:59:94:77:ab:e7:62:da:25:d8:d8:3a:b2: cf:f9:c4:48:53:97:9f:af:3f:03:b7:c5:3e:e7:77: 89:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:7C:A8:0A:86:55:5E:EC:CC:B9:26:F8:7D:11:A8:9B:2C:CF:02:6A X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 59:57:ac:45:2d:1a:b6:f1:6a:29:1f:98:08:07:01:25:37:e3: f5:d0:b2:7a:31:2c:a6:73:00:91:2b:10:10:68:a8:95:bb:20: b9:b6:da:be:e2:22:9d:3e:60:43:87:c8:3a:60:db:fe:92:91: b5:18:f1:36:4c:de:b1:8f:47:a2:60:5a:dd:68:2f:b4:23:f8: 4e:0e:84:82:24:04:b6:b0:2e:46:75:66:93:6b:bd:8a:b4:99: fb:75:c4:d0:0b:91:4e:94:26:fa:85:77:b1:d1:97:ee:e0:da: 90:56:59:b7:71:0a:33:4f:ed:c1:a1:58:1c:4d:9f:e3:8a:8d: 04:a5:71:b0:0c:d1:4e:fe:c8:df:41:df:4b:57:c8:df:7c:f9: 2d:07:e7:70:08:c2:50:59:5a:c0:2f:5b:2b:ec:fc:fd:8c:fc: cf:26:a7:69:f5:29:eb:aa:3a:ba:e5:b9:ed:b7:19:e7:dd:1c: 43:74:27:87:0f:6e:95:98:c7:29:78:6d:5a:b6:96:11:08:d4: c0:53:1c:b1:1c:32:cd:46:f3:93:8d:ac:81:c6:d6:a2:fa:aa: c0:fe:13:b0:4b:fe:82:81:6b:da:68:15:a2:fc:01:ec:d0:77: cc:d2:bc:69:b1:2a:07:c2:c0:c9:98:62:fe:1d:65:f9:c5:79: f1:91:72:7e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQe10NgDVpTVizpJxmCXdqgozoScwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUzMTAwMDAwNloX DTI1MDcwNTIzNTk1OVowejFJMEcGA1UEBRNAZDU5MDk5OWYzNTYxMTI1NTU2MDZh OTFlY2NlY2YxZWY3MWIxMTgwOGRjNmI3MmFjNDExMDJjMjcwY2M0OWJmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPOlDnEVytI3XoiS8w+WjP1Mtm2R D58bxb/BCeXpXipHOCCEVlS2oN0PsXb1r1ge+OeSbIRsqTYmvCC/M310YGA+EZhV WsPmnIpadIt//1sUgS+gUrfO5lgZQ5LWgnwjfWoSMHcf000WEWmSiNhI3l8Cr4+3 qSKup8WzkSwR+lIbeYv3GkyQduL4jEmTgbq8gz50hs7wfgWVXWKVEHf5uFuwa4Jt ExV/sqkJivkp3cE+rW/UunxxgScHSHbQSufE8qZHSUb8T/9nWpe60u20Gwsl2pR0 iF7hq4MHulUNK5yT3ZhZlHer52LaJdjYOrLP+cRIU5efrz8Dt8U+53eJtQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOd8qAqGVV7szLkm+H0RqJsszwJqMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQBZV6xFLRq28WopH5gIBwEl N+P10LJ6MSymcwCRKxAQaKiVuyC5ttq+4iKdPmBDh8g6YNv+kpG1GPE2TN6xj0ei YFrdaC+0I/hODoSCJAS2sC5GdWaTa72KtJn7dcTQC5FOlCb6hXex0Zfu4NqQVlm3 cQozT+3BoVgcTZ/jio0EpXGwDNFO/sjfQd9LV8jffPktB+dwCMJQWVrAL1sr7Pz9 jPzPJqdp9Snrqjq65bnttxnn3RxDdCeHD26VmMcpeG1atpYRCNTAUxyxHDLNRvOT jayBxtai+qrA/hOwS/6CgWvaaBWi/AHs0HfM0rxpsSoHwsDJmGL+HWX5xXnxkXJ+ -----END CERTIFICATE-----Generated at Sat Jun 14 06:35:13 2025 by rpki-client