$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: CauLCmOGxjE3CthIAAHQ2ugy2obpM6T/DAy1MpU5OzY= Subject key identifier: 2A:BF:BC:DE:D4:0A:AA:2A:36:7C:B4:A5:99:F1:C4:C3:82:03:59:A1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 76DEE05886D231DC5FDCE28266821E8485E799F0 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Wed 11 Jun 2025 00:00:01 +0000 ROA not before: Wed 11 Jun 2025 00:00:01 +0000 ROA not after: Wed 16 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:de:e0:58:86:d2:31:dc:5f:dc:e2:82:66:82:1e:84:85:e7:99:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 11 00:00:01 2025 GMT Not After : Jul 16 23:59:59 2025 GMT Subject: serialNumber=54050f34ad4bfcdf48c035fa7a76177b4ebd6587d519693cff3d42ea47c0d0a8, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:18:7d:0c:94:b7:af:f8:2c:26:52:08:2b:fb: a5:be:48:bc:cd:04:bd:32:ee:59:fb:c7:2e:75:21: 88:89:0e:94:3b:f1:b7:a0:ac:c2:1d:e4:94:c3:dc: 97:93:92:5d:9a:04:73:14:b0:c1:e1:a8:5a:4e:76: 45:2c:9f:45:4e:75:f3:e3:c7:f9:9f:49:e5:e9:28: e4:da:34:80:55:21:ef:7e:70:be:5d:7a:2b:b3:f6: c6:50:b2:41:41:7d:e7:72:01:59:d2:23:f3:e3:b4: 97:1a:e5:41:95:46:56:79:bd:32:ce:38:9d:3c:08: 95:26:f0:bf:64:b3:fa:08:b7:0a:7d:c9:2d:c3:94: de:be:27:12:e8:86:bd:45:9e:7d:8a:82:e9:f1:0c: fa:7b:6c:06:f4:0f:6e:0c:ac:81:be:61:83:70:dc: fb:26:42:fc:df:11:b5:09:d1:e5:6f:3b:bb:df:69: a6:c4:04:2f:a0:79:59:ad:dc:b3:2f:44:4a:6a:37: 2c:01:0a:16:38:67:42:9c:8d:60:db:cf:2b:3e:bc: 2f:13:f3:57:a8:6c:be:42:a7:43:95:d8:4b:e0:91: 29:a2:32:6b:77:98:05:c8:2d:13:26:30:bf:76:d2: b5:61:9f:83:e0:17:8c:ca:02:c8:4d:1e:c8:ad:1c: 19:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:BF:BC:DE:D4:0A:AA:2A:36:7C:B4:A5:99:F1:C4:C3:82:03:59:A1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 43:70:ac:11:60:93:7f:9e:1b:79:c1:b0:4f:09:72:91:67:42: 55:dd:8c:49:bc:57:63:b3:24:92:f1:02:ee:74:a7:26:d1:8c: 21:8a:e2:75:ea:25:fd:a4:fa:c5:b4:fd:14:f6:99:c6:19:1c: 5a:b4:83:58:19:24:6a:c4:e1:ad:fb:73:bd:ab:8c:2c:14:eb: 2f:f4:5e:63:cf:25:54:5d:cb:cd:46:c5:fe:27:ed:6a:24:cf: 35:27:72:98:00:aa:c6:ee:f0:54:e7:57:c5:04:2d:56:5d:4c: 50:c0:c1:c9:b4:3f:9f:96:85:75:17:80:0e:95:e6:f6:a9:da: b1:d5:be:60:73:67:99:7f:d8:f6:4e:52:6c:b7:91:db:fa:6f: 19:db:db:fc:6e:6a:30:d3:8f:f4:3a:ee:45:1f:cc:b8:cf:ac: 46:05:02:5b:7d:36:24:73:fe:09:f2:5b:35:12:60:43:d8:38: 89:4f:44:a6:c2:0a:0a:3b:e8:f3:42:a1:80:85:36:5d:57:51: 56:70:9a:3b:6a:5d:39:9e:ed:11:bc:3f:e3:8e:82:79:eb:21: 59:55:e6:d1:8a:aa:71:1d:07:03:58:16:14:2d:5a:3d:6f:c0: 49:d6:6b:bb:41:e7:98:ea:70:c3:14:07:2c:86:f2:45:71:4f: f3:a1:1a:e2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUdt7gWIbSMdxf3OKCZoIehIXnmfAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxMTAwMDAwMVoX DTI1MDcxNjIzNTk1OVowejFJMEcGA1UEBRNANTQwNTBmMzRhZDRiZmNkZjQ4YzAz NWZhN2E3NjE3N2I0ZWJkNjU4N2Q1MTk2OTNjZmYzZDQyZWE0N2MwZDBhODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhh9DJS3r/gsJlIIK/ulvki8zQS9 Mu5Z+8cudSGIiQ6UO/G3oKzCHeSUw9yXk5JdmgRzFLDB4ahaTnZFLJ9FTnXz48f5 n0nl6Sjk2jSAVSHvfnC+XXors/bGULJBQX3ncgFZ0iPz47SXGuVBlUZWeb0yzjid PAiVJvC/ZLP6CLcKfcktw5TevicS6Ia9RZ59ioLp8Qz6e2wG9A9uDKyBvmGDcNz7 JkL83xG1CdHlbzu732mmxAQvoHlZrdyzL0RKajcsAQoWOGdCnI1g288rPrwvE/NX qGy+QqdDldhL4JEpojJrd5gFyC0TJjC/dtK1YZ+D4BeMygLITR7IrRwZFQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCq/vN7UCqoqNny0pZnxxMOCA1mhMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQBDcKwRYJN/nht5wbBPCXKR Z0JV3YxJvFdjsySS8QLudKcm0YwhiuJ16iX9pPrFtP0U9pnGGRxatINYGSRqxOGt +3O9q4wsFOsv9F5jzyVUXcvNRsX+J+1qJM81J3KYAKrG7vBU51fFBC1WXUxQwMHJ tD+floV1F4AOleb2qdqx1b5gc2eZf9j2TlJst5Hb+m8Z29v8bmow04/0Ou5FH8y4 z6xGBQJbfTYkc/4J8ls1EmBD2DiJT0SmwgoKO+jzQqGAhTZdV1FWcJo7al05nu0R vD/jjoJ56yFZVebRiqpxHQcDWBYULVo9b8BJ1mu7QeeY6nDDFAcshvJFcU/zoRri -----END CERTIFICATE-----Generated at Sat Jun 14 05:52:54 2025 by rpki-client