$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa File: 245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa (raw, json) Hash identifier: OWV8Q86skh5oa+OzEjFSL1cJ+WN1fwgJqGrnX0afKvk= Subject key identifier: 60:0B:6B:AA:76:6D:74:4A:C5:BE:A1:BE:9C:66:96:FD:6F:8F:9F:DC Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 3F6530BA6F534D51F1058269047D6501270B638C Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa Signing time: Fri 13 Jun 2025 00:00:06 +0000 ROA not before: Fri 13 Jun 2025 00:00:06 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:65:30:ba:6f:53:4d:51:f1:05:82:69:04:7d:65:01:27:0b:63:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 13 00:00:06 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=c3dec3a02ff379fdb04c89d022910227b513c8e476cbe4e6ad0824cde00274c6, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6c:c9:3b:e3:10:ef:1b:fb:21:c3:25:6b:75: e7:0d:0d:c8:08:ac:f6:ad:df:da:e3:b7:ce:79:55: 84:26:18:5e:e1:c6:61:dc:b3:fc:b3:ad:e8:40:9d: fb:fc:d4:96:a1:da:d3:41:22:a3:a9:dd:35:38:d2: e6:e5:23:1f:e8:45:67:62:91:cd:46:d7:61:2b:9f: 2a:c6:25:d3:f3:cc:1e:a9:0d:e5:05:5a:2a:94:99: 6f:8b:5f:e2:1f:f6:34:ac:93:e8:24:88:ca:65:77: 82:79:ae:5e:87:1b:8a:2b:12:28:40:d6:6f:fe:c9: bf:35:0f:13:e8:a7:e0:37:25:59:1e:97:1e:5b:a7: f6:8e:10:e2:64:df:b9:d4:88:de:82:25:a4:44:9a: 3b:33:c0:64:2f:4a:f8:de:a3:ca:ae:e4:d3:f9:8b: c2:52:8e:29:fc:c2:27:d7:4d:ad:02:b0:ef:93:44: f9:65:39:3a:49:8a:db:10:47:07:68:9b:18:e4:3b: 9c:b7:1c:02:19:b5:65:70:e5:38:08:8f:0e:1f:60: a4:f0:04:c1:e7:dd:ff:10:7b:81:28:ea:7d:b7:38: af:86:cd:4c:2a:67:4e:8d:00:3e:b5:22:56:6a:e5: 02:c8:a7:bf:86:5b:74:9e:a6:30:39:d8:fd:8b:19: 39:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:0B:6B:AA:76:6D:74:4A:C5:BE:A1:BE:9C:66:96:FD:6F:8F:9F:DC X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/19 Signature Algorithm: sha256WithRSAEncryption 4e:d2:b7:8f:12:73:82:d3:1d:a8:6f:c6:6b:0e:6d:3b:aa:7a: 37:64:1c:37:b9:db:2a:80:0f:94:d5:d9:b9:b7:a4:45:cc:99: 88:e4:ac:50:6c:75:66:b5:c0:46:06:e4:b2:93:c4:27:42:b7: e5:d5:10:fc:2e:f8:dc:92:c4:29:01:3d:70:62:c7:3d:9c:03: c5:5d:2f:fd:3a:03:12:31:ca:ba:97:16:e3:6b:d4:0e:fa:9a: 20:ab:cb:dd:da:8a:73:53:72:24:cb:48:fa:85:20:2f:54:33: db:56:e9:4e:11:a2:f6:f7:84:97:e6:66:89:7c:f9:04:30:3e: 84:cd:24:ed:ce:57:48:44:c6:87:7b:a6:91:cf:0c:5b:a8:d1: d5:f2:e9:88:cc:ec:8c:a9:3a:15:35:e2:51:39:c6:b6:7f:6f: cb:fb:bb:66:99:fd:ba:ea:2e:a2:15:a3:8e:b7:f1:20:9b:97: 35:38:16:0f:d5:27:ef:eb:50:28:01:ad:42:3e:de:a5:2d:47: f5:5f:5a:46:f1:9d:29:40:82:a2:46:53:a3:f8:5a:0c:0b:92: d6:00:c7:50:63:bc:6f:1b:b8:80:aa:42:9c:26:93:78:ff:9b: 84:2a:62:e1:2d:b1:91:35:38:d9:d9:24:88:f1:5d:02:be:3b: a7:39:47:dd -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUP2Uwum9TTVHxBYJpBH1lAScLY4wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYxMzAwMDAwNloX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAYzNkZWMzYTAyZmYzNzlmZGIwNGM4 OWQwMjI5MTAyMjdiNTEzYzhlNDc2Y2JlNGU2YWQwODI0Y2RlMDAyNzRjNjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomzJO+MQ7xv7IcMla3XnDQ3ICKz2 rd/a47fOeVWEJhhe4cZh3LP8s63oQJ37/NSWodrTQSKjqd01ONLm5SMf6EVnYpHN RtdhK58qxiXT88weqQ3lBVoqlJlvi1/iH/Y0rJPoJIjKZXeCea5ehxuKKxIoQNZv /sm/NQ8T6KfgNyVZHpceW6f2jhDiZN+51IjegiWkRJo7M8BkL0r43qPKruTT+YvC Uo4p/MIn102tArDvk0T5ZTk6SYrbEEcHaJsY5DuctxwCGbVlcOU4CI8OH2Ck8ATB 593/EHuBKOp9tzivhs1MKmdOjQA+tSJWauUCyKe/hlt0nqYwOdj9ixk5wwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGALa6p2bXRKxb6hvpxmlv1vj5/cMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzI0NWZhNGViLTZkMGQtNGRmNy05ZTJkLTI5YTdkMzlhZGNiOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQFevjAMA0GCSqGSIb3DQEBCwUAA4IBAQBO0rePEnOC0x2ob8ZrDm07 qno3ZBw3udsqgA+U1dm5t6RFzJmI5KxQbHVmtcBGBuSyk8QnQrfl1RD8LvjcksQp AT1wYsc9nAPFXS/9OgMSMcq6lxbja9QO+pogq8vd2opzU3Iky0j6hSAvVDPbVulO EaL294SX5maJfPkEMD6EzSTtzldIRMaHe6aRzwxbqNHV8umIzOyMqToVNeJROca2 f2/L+7tmmf266i6iFaOOt/Egm5c1OBYP1Sfv61AoAa1CPt6lLUf1X1pG8Z0pQIKi RlOj+FoMC5LWAMdQY7xvG7iAqkKcJpN4/5uEKmLhLbGRNTjZ2SSI8V0CvjunOUfd -----END CERTIFICATE-----Generated at Sat Jun 14 06:24:14 2025 by rpki-client