$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa File: efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa (raw, json) Hash identifier: UZaCPGz8rJnyV57vAgFNZRdJp4vO5U0dAYHTWG41V9Q= Subject key identifier: DF:06:08:07:C0:D0:1E:83:9E:71:12:90:61:06:49:8E:5B:EB:80:3B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6AF148F3B28A7E1D1171C96DB0961177E0283322 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa Signing time: Mon 21 Apr 2025 15:30:14 +0000 ROA not before: Mon 21 Apr 2025 15:30:14 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:f1:48:f3:b2:8a:7e:1d:11:71:c9:6d:b0:96:11:77:e0:28:33:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 15:30:14 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=4201e523cbc29dfaf8cea180f35c7940ac68638ced7cd18f1ef5a10174f0ebe6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:d6:03:18:4c:af:df:54:45:79:88:b5:14:a4: 89:f2:1b:20:3f:df:60:67:a3:a9:c1:3c:63:d7:4f: d0:a0:3f:ab:95:07:66:b7:f2:65:9e:76:b8:1b:34: 43:30:c3:62:77:48:94:e5:7e:d5:4a:3e:4d:9c:1c: 7d:3b:00:c8:de:f2:02:02:3c:5b:16:69:8f:87:30: 76:ac:dc:b1:0b:13:fe:42:5c:94:e3:08:0a:28:17: 65:2a:35:f0:1b:54:8c:01:65:75:fe:21:24:6f:55: 66:2c:4c:45:d1:11:ec:3c:ca:2b:14:7f:f9:03:d5: 27:88:e7:f6:fe:1e:7e:52:ab:33:89:23:bf:4e:85: 51:bb:f3:a5:62:cf:f2:fe:78:d8:40:17:54:d7:fc: b8:01:9d:8f:13:2f:46:b2:f8:59:4f:3c:e2:46:0b: c0:f6:91:8c:26:e5:80:a1:db:17:72:61:bc:1d:81: 41:a9:90:9f:6c:fb:71:2f:f4:51:e7:1d:c7:2f:03: ca:6b:25:0e:01:09:2b:7e:89:9f:25:cc:11:f0:55: 46:74:89:ba:40:25:02:b6:37:d8:67:48:a4:1b:95: 15:41:c5:01:ea:30:8d:68:63:31:c0:d0:29:90:20: 2c:51:6e:b6:f9:65:c1:f8:76:f2:04:5e:92:47:3d: 1f:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:06:08:07:C0:D0:1E:83:9E:71:12:90:61:06:49:8E:5B:EB:80:3B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption aa:34:da:97:4d:c7:bc:f9:9b:66:6e:d0:a5:5a:35:fa:0e:66: 8b:af:58:b9:32:c9:f1:f5:17:51:74:f3:b1:2d:d7:d3:43:ee: 9b:7f:29:f0:7f:60:72:d6:78:fd:81:36:3c:6a:fb:20:f1:1a: 3b:ff:e2:ff:f6:3f:cc:e2:a6:3d:4d:15:0c:1b:20:fe:4d:1f: 98:fd:1c:68:98:0f:63:74:4b:68:e1:90:b2:ff:6c:fa:c1:f3: d4:91:92:f1:25:10:cc:f0:92:08:2c:f0:b2:ed:c6:6d:e4:83: 7d:13:b5:ec:17:5b:86:ac:ca:d7:d4:30:6a:3a:c1:19:a9:51: a4:21:f3:e9:e5:b4:d0:b5:a3:cf:54:eb:30:19:bb:ba:59:c0: 6d:de:e6:44:57:4d:27:f4:28:22:ed:11:4e:87:aa:77:ca:6c: 82:ee:d5:18:45:75:64:c3:01:e3:eb:0a:fa:0a:86:59:27:ae: 0c:8c:20:1c:ef:f5:4a:3b:da:c3:04:07:45:a8:52:e9:17:35: b4:32:07:2f:14:46:be:4a:2f:5d:cd:98:7d:aa:64:71:34:53: 61:c6:a9:08:aa:33:d8:27:b4:b6:5b:7f:42:da:1e:fd:6d:77: 6d:9b:85:d9:0a:ae:8a:b5:31:40:38:b5:d3:23:90:67:a5:ca: 2f:d0:4a:ab -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUavFI87KKfh0RccltsJYRd+AoMyIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE1MzAxNFoX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNANDIwMWU1MjNjYmMyOWRmYWY4Y2Vh MTgwZjM1Yzc5NDBhYzY4NjM4Y2VkN2NkMThmMWVmNWExMDE3NGYwZWJlNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tYDGEyv31RFeYi1FKSJ8hsgP99g Z6OpwTxj10/QoD+rlQdmt/Jlnna4GzRDMMNid0iU5X7VSj5NnBx9OwDI3vICAjxb FmmPhzB2rNyxCxP+QlyU4wgKKBdlKjXwG1SMAWV1/iEkb1VmLExF0RHsPMorFH/5 A9UniOf2/h5+UqsziSO/ToVRu/OlYs/y/njYQBdU1/y4AZ2PEy9GsvhZTzziRgvA 9pGMJuWAodsXcmG8HYFBqZCfbPtxL/RR5x3HLwPKayUOAQkrfomfJcwR8FVGdIm6 QCUCtjfYZ0ikG5UVQcUB6jCNaGMxwNApkCAsUW62+WXB+HbyBF6SRz0fiQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFN8GCAfA0B6DnnESkGEGSY5b64A7MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VmZDJhYzNkLWRjMzgtNGQ5My1hYWFjLTRjYmQ2Y2M5MTFjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQCqNNqXTce8+ZtmbtClWjX6 DmaLr1i5Msnx9RdRdPOxLdfTQ+6bfynwf2By1nj9gTY8avsg8Ro7/+L/9j/M4qY9 TRUMGyD+TR+Y/RxomA9jdEto4ZCy/2z6wfPUkZLxJRDM8JIILPCy7cZt5IN9E7Xs F1uGrMrX1DBqOsEZqVGkIfPp5bTQtaPPVOswGbu6WcBt3uZEV00n9Cgi7RFOh6p3 ymyC7tUYRXVkwwHj6wr6CoZZJ64MjCAc7/VKO9rDBAdFqFLpFzW0MgcvFEa+Si9d zZh9qmRxNFNhxqkIqjPYJ7S2W39C2h79bXdtm4XZCq6KtTFAOLXTI5Bnpcov0Eqr -----END CERTIFICATE-----Generated at Sat Apr 26 07:36:04 2025 by rpki-client