$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa File: d953b731-7921-47dd-abf3-b7b8cc367900.roa (raw, json) Hash identifier: XnwrkVxmWlu3oxMlkNnilulDwQFjCB65v8yjRMLXLr8= Subject key identifier: 0D:78:84:7A:8A:24:63:9A:17:02:01:55:6E:E0:94:2F:73:83:CC:CB Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 38BA956064F39F0F9877EC14ED8C0DDF0F77EFBB Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa Signing time: Fri 13 Jun 2025 00:00:03 +0000 ROA not before: Fri 13 Jun 2025 00:00:03 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:ba:95:60:64:f3:9f:0f:98:77:ec:14:ed:8c:0d:df:0f:77:ef:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 13 00:00:03 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=36a0817f0d15065566b7ab3f5fdf41b550ec3b2fc3e00763d0922366da056b8b, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:13:b2:c7:7a:4b:e4:89:25:ad:2c:e1:b7:02: 48:b7:55:6a:b4:4b:8a:9e:52:f0:f9:76:5b:57:01: 0e:65:75:b2:09:0c:b7:a5:9d:13:66:79:a7:bf:d0: 50:95:54:71:60:3f:70:b6:64:bb:97:ac:58:82:61: a8:4d:81:64:7b:fa:a7:72:81:71:e7:94:95:3b:01: 5a:8c:15:8c:14:f1:0c:45:f0:42:03:1c:37:fb:c2: 00:8d:9f:09:ec:4f:08:99:1e:68:ef:71:63:25:26: aa:2d:61:80:be:e7:f1:3c:40:8b:72:8c:72:78:c3: 19:39:fd:4f:3f:64:46:88:37:9c:c1:9d:3b:70:5d: c3:6b:0d:f9:5c:d8:95:94:f5:13:0c:df:af:2f:4d: e7:6e:a9:ce:04:ca:33:a8:04:04:8d:d8:4c:52:ef: fe:25:94:90:71:3d:d0:6f:f0:cc:a6:bf:ef:6d:49: c5:db:28:e8:9b:d0:cb:52:b9:fb:f5:dc:2e:e3:8c: a5:ed:de:d6:15:7b:64:55:1d:3d:93:ec:e9:92:45: e7:64:2a:17:19:50:1f:42:d8:5f:0e:3c:41:eb:df: 0a:53:71:73:4b:b2:34:2d:e2:f9:6c:02:a6:88:30: b9:9c:58:2f:f4:a2:46:89:61:48:ed:bd:93:e3:9f: c8:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:78:84:7A:8A:24:63:9A:17:02:01:55:6E:E0:94:2F:73:83:CC:CB X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/18 Signature Algorithm: sha256WithRSAEncryption 07:8b:6d:da:61:e7:77:f2:bd:c2:7e:da:2c:38:8f:51:55:9d: 1e:ab:c8:e2:71:b7:39:9e:8a:df:e3:10:10:84:31:26:f7:38: 5e:52:55:66:2d:a1:83:50:63:78:06:40:b9:ad:ac:a6:e8:5f: fd:b7:83:7c:a6:a9:89:88:ee:a8:01:3d:a1:54:8d:7e:c4:e0: a0:d6:d6:43:d7:dd:6c:06:9d:99:a6:c5:d8:8d:6f:de:f1:84: b2:3b:42:1a:b9:5a:83:95:f6:4b:cf:04:3f:88:44:91:fa:5b: 4c:9d:1b:17:de:8f:d9:ae:f5:85:aa:f8:19:f1:d4:20:d8:b5: 95:4c:72:a9:97:a5:fd:77:69:b5:8c:3d:60:9b:ee:00:a2:f2: 09:66:12:ab:0b:0b:ff:92:c0:ae:78:e7:c6:3e:8a:29:49:ae: 6a:fa:09:24:f5:da:10:28:c6:99:0e:c5:d2:e4:92:70:62:ae: cc:b1:ce:4d:8f:45:7c:72:8b:2c:20:63:7f:9c:d7:ae:aa:1b: 05:27:e4:38:53:d0:5c:13:df:98:11:11:66:46:c2:3e:44:c1: 86:90:37:67:d6:e7:26:30:fd:7e:19:ae:19:eb:cd:96:4c:54: 96:ef:87:74:40:fe:29:4f:ff:24:be:6b:46:8d:90:75:c3:fe: 46:d9:ee:d1 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOLqVYGTznw+Yd+wU7YwN3w9377swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYxMzAwMDAwM1oX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAMzZhMDgxN2YwZDE1MDY1NTY2Yjdh YjNmNWZkZjQxYjU1MGVjM2IyZmMzZTAwNzYzZDA5MjIzNjZkYTA1NmI4YjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhOyx3pL5IklrSzhtwJIt1VqtEuK nlLw+XZbVwEOZXWyCQy3pZ0TZnmnv9BQlVRxYD9wtmS7l6xYgmGoTYFke/qncoFx 55SVOwFajBWMFPEMRfBCAxw3+8IAjZ8J7E8ImR5o73FjJSaqLWGAvufxPECLcoxy eMMZOf1PP2RGiDecwZ07cF3Daw35XNiVlPUTDN+vL03nbqnOBMozqAQEjdhMUu/+ JZSQcT3Qb/DMpr/vbUnF2yjom9DLUrn79dwu44yl7d7WFXtkVR09k+zpkkXnZCoX GVAfQthfDjxB698KU3FzS7I0LeL5bAKmiDC5nFgv9KJGiWFI7b2T45/I2wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFA14hHqKJGOaFwIBVW7glC9zg8zLMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2Q5NTNiNzMxLTc5MjEtNDdkZC1hYmYzLWI3YjhjYzM2NzkwMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQAHi23aYed38r3CftosOI9R VZ0eq8jicbc5norf4xAQhDEm9zheUlVmLaGDUGN4BkC5raym6F/9t4N8pqmJiO6o AT2hVI1+xOCg1tZD191sBp2ZpsXYjW/e8YSyO0IauVqDlfZLzwQ/iESR+ltMnRsX 3o/ZrvWFqvgZ8dQg2LWVTHKpl6X9d2m1jD1gm+4AovIJZhKrCwv/ksCueOfGPoop Sa5q+gkk9doQKMaZDsXS5JJwYq7Msc5Nj0V8cossIGN/nNeuqhsFJ+Q4U9BcE9+Y ERFmRsI+RMGGkDdn1ucmMP1+Ga4Z682WTFSW74d0QP4pT/8kvmtGjZB1w/5G2e7R -----END CERTIFICATE-----Generated at Sat Jun 14 06:33:15 2025 by rpki-client