$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa File: 05bc8dbb-c70a-48da-b45b-4448364614ff.roa (raw, json) Hash identifier: YTDq95/cD2y6kgjonoqKu3d/UvPX3mpCjEjBur8UT4w= Subject key identifier: 21:0D:0C:43:ED:F3:D7:49:12:42:4B:06:FB:CD:8B:5B:7F:29:CE:A5 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 5B7EC0AA4FA708468EABA1A6BAA2EF4AC9F72B88 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa Signing time: Fri 13 Jun 2025 00:00:14 +0000 ROA not before: Fri 13 Jun 2025 00:00:14 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.208.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:7e:c0:aa:4f:a7:08:46:8e:ab:a1:a6:ba:a2:ef:4a:c9:f7:2b:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jun 13 00:00:14 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=40e622dd5171f91e1d25eaeecf9ebb23ca3a44b7163f15dde5e70436a814c312, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:17:27:ff:bf:39:38:cd:4c:6f:04:da:b9:95: dc:1f:c9:62:e4:78:0b:50:e6:f3:e5:e7:47:36:ac: 2d:f8:e7:53:c2:87:75:bc:ef:fa:ec:fa:0f:0b:76: 67:8b:31:a8:63:dd:6c:44:57:ac:bd:8e:a1:20:a4: dd:76:78:8f:fa:2c:38:87:0e:4c:c7:15:1a:fe:4e: f2:45:ad:d2:b7:b8:42:d0:08:45:e6:55:08:d9:87: 91:61:4c:83:c6:7d:e3:9b:28:d8:f5:74:04:60:68: f7:a4:e0:96:e6:c0:47:17:dc:23:55:9c:b9:39:c5: 74:f3:74:7d:e0:e8:2f:87:bd:8b:9c:db:4b:41:b7: c5:64:e5:9a:9e:c5:33:2a:11:85:83:2b:a3:c7:2a: f3:60:08:5f:65:04:fe:bb:78:19:a7:fa:82:c3:01: af:5b:65:64:2c:1c:12:90:a8:df:11:8c:5f:44:d5: 64:6f:0f:a4:19:f3:0a:ff:c7:99:3f:09:11:aa:bc: 4f:cd:69:60:0d:db:30:eb:e2:0c:e5:63:2c:36:91: 4c:6c:6c:ac:4e:18:81:13:b0:48:ca:d4:dd:a7:61: 1f:cb:1c:5d:aa:e6:39:01:cd:aa:91:99:b2:be:eb: 8b:1b:2f:7d:f5:e8:f5:1c:95:8b:27:22:84:e0:7b: 3d:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:0D:0C:43:ED:F3:D7:49:12:42:4B:06:FB:CD:8B:5B:7F:29:CE:A5 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.208.0/20 Signature Algorithm: sha256WithRSAEncryption 18:ab:dd:8c:3d:50:ad:86:9e:8f:1e:4e:e9:f2:b9:d1:48:6f: ad:2d:c2:59:53:57:af:57:02:79:0d:e4:7a:2e:4a:64:4b:68: 08:1d:7a:fc:f1:cf:c8:7d:47:73:77:1b:0a:ae:99:d5:a1:96: a3:3f:17:b9:aa:f1:71:07:37:8f:99:be:72:22:b5:72:ef:06: d7:33:97:e2:f4:c8:13:70:d8:f1:cb:0b:1f:cd:a4:fa:98:b6: e5:e8:b6:6f:4a:99:2e:49:3a:33:61:62:39:70:9f:2b:05:92: 26:ed:b4:cb:cb:8f:0a:22:24:86:da:7b:56:26:75:a5:93:d8: b6:b8:61:ea:1f:0e:dd:e9:29:db:c8:d9:4e:e5:ab:78:f9:50: 09:51:e2:9e:88:31:1b:7d:d5:35:60:d9:b2:ad:99:54:56:ff: 54:ad:a7:d8:b9:8e:22:67:07:63:f1:dc:b7:1d:54:5b:5c:ab: 58:87:ef:9f:dd:b2:67:95:75:3d:c4:bc:9d:be:9a:3d:9f:41: a6:cf:63:e1:83:3f:44:f1:de:a3:45:c2:2c:f3:1a:50:74:fb: e1:1b:3e:dd:20:3f:be:c3:47:21:b2:a3:1d:7b:a5:62:92:ca: 21:27:3a:e4:96:14:ce:fe:72:a3:6e:96:4f:fb:69:09:47:01: cd:9f:7a:19 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUW37Aqk+nCEaOq6GmuqLvSsn3K4gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDYxMzAwMDAxNFoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNANDBlNjIyZGQ1MTcxZjkxZTFkMjVl YWVlY2Y5ZWJiMjNjYTNhNDRiNzE2M2YxNWRkZTVlNzA0MzZhODE0YzMxMjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRcn/785OM1MbwTauZXcH8li5HgL UObz5edHNqwt+OdTwod1vO/67PoPC3ZnizGoY91sRFesvY6hIKTddniP+iw4hw5M xxUa/k7yRa3St7hC0AhF5lUI2YeRYUyDxn3jmyjY9XQEYGj3pOCW5sBHF9wjVZy5 OcV083R94Ogvh72LnNtLQbfFZOWansUzKhGFgyujxyrzYAhfZQT+u3gZp/qCwwGv W2VkLBwSkKjfEYxfRNVkbw+kGfMK/8eZPwkRqrxPzWlgDdsw6+IM5WMsNpFMbGys ThiBE7BIytTdp2EfyxxdquY5Ac2qkZmyvuuLGy999ej1HJWLJyKE4Hs9HwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCENDEPt89dJEkJLBvvNi1t/Kc6lMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzA1YmM4ZGJiLWM3MGEtNDhkYS1iNDViLTQ0NDgzNjQ2MTRmZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQErynQMA0GCSqGSIb3DQEBCwUAA4IBAQAYq92MPVCthp6PHk7p8rnR SG+tLcJZU1evVwJ5DeR6LkpkS2gIHXr88c/IfUdzdxsKrpnVoZajPxe5qvFxBzeP mb5yIrVy7wbXM5fi9MgTcNjxywsfzaT6mLbl6LZvSpkuSTozYWI5cJ8rBZIm7bTL y48KIiSG2ntWJnWlk9i2uGHqHw7d6SnbyNlO5at4+VAJUeKeiDEbfdU1YNmyrZlU Vv9UrafYuY4iZwdj8dy3HVRbXKtYh++f3bJnlXU9xLydvpo9n0Gmz2Phgz9E8d6j RcIs8xpQdPvhGz7dID++w0chsqMde6ViksohJzrklhTO/nKjbpZP+2kJRwHNn3oZ -----END CERTIFICATE-----Generated at Sat Jun 14 05:48:34 2025 by rpki-client