$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: C2MB5GzqK5lKaiTOBmrwnH5PvdTI75G6WtHcMPJ5vW8= Subject key identifier: FD:EF:61:0C:A8:BB:4F:DB:34:21:90:19:66:5E:17:E9:E1:5B:8D:EB Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2DB05672BC3D345C9E32F18EBAB06493C52036 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Fri 13 Jun 2025 00:00:02 +0000 ROA not before: Fri 13 Jun 2025 00:00:02 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:b0:56:72:bc:3d:34:5c:9e:32:f1:8e:ba:b0:64:93:c5:20:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jun 13 00:00:02 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=5fa62ee84cb0b88c3c2330308d6a9685de2a354644f545b1f472413a93d2d342, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:cc:f7:f1:f7:1c:f7:d2:f9:66:10:29:76:cf: 43:40:1e:45:e3:57:c1:09:ba:8e:49:f1:c2:5b:e5: 36:28:3e:24:39:be:36:dc:c1:7c:27:6c:a6:fa:b2: da:22:99:6f:c0:03:d6:3f:be:98:51:14:07:03:d0: 0a:cc:69:5a:be:97:36:64:a7:73:fa:45:26:26:68: 96:51:1a:3e:1d:4f:b8:0a:2b:d7:b2:8b:1a:94:5d: dd:a7:d8:49:2e:8a:01:99:6e:ab:9e:cd:c4:e5:64: 78:4a:d2:8f:93:92:4b:3f:83:0c:c1:fa:2f:91:24: 88:76:79:86:8e:6b:ff:59:6a:aa:dd:7c:b4:72:86: bc:3b:55:ec:1d:d5:e2:29:18:3d:3e:95:ac:5e:77: d6:4a:da:03:4e:09:c8:33:9d:00:a6:79:41:f8:ee: d7:39:88:51:d7:3d:80:fb:1b:53:22:a3:ce:20:ef: 1c:38:32:33:88:95:e8:03:74:72:b7:fb:3e:e7:ef: 83:6d:bd:01:d5:f3:4e:b3:a1:cc:5f:41:91:78:32: b9:93:02:fb:ad:c0:3f:2f:30:70:59:67:bf:63:fc: e8:32:83:19:48:9d:dd:04:9c:50:18:20:81:fe:1f: 29:04:2a:69:17:93:88:92:6b:51:b8:94:38:66:ed: 7a:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:EF:61:0C:A8:BB:4F:DB:34:21:90:19:66:5E:17:E9:E1:5B:8D:EB X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 34:ab:59:7f:45:4d:37:9e:37:76:fe:0e:d4:14:d6:30:90:9a: 17:83:b6:bb:84:62:f6:94:ad:da:26:d6:21:06:ba:fa:22:37: da:d5:02:de:e1:03:91:e9:eb:51:4e:bf:b1:20:c6:d3:ee:79: 15:7a:50:c5:7b:c6:77:47:41:01:bb:6b:75:6f:71:48:60:17: ba:f5:d4:68:f1:9d:d6:e6:da:ae:a9:e2:49:21:87:f0:23:f2: ef:59:a9:5d:98:ac:8c:c7:6b:34:b4:a5:a0:92:3e:2e:4a:7f: e8:61:77:ad:80:a1:ee:a3:f1:0b:e2:dc:cb:2d:b1:b8:8d:c9: cb:76:8c:8a:c7:4c:66:a6:9e:73:52:40:9b:bd:c5:a7:70:7d: 4b:bb:f5:c4:89:73:cb:78:3d:35:01:7a:88:81:fb:82:2a:73: 4a:af:8c:4e:59:12:b4:10:70:8f:93:34:1b:a4:53:58:ac:65: 01:96:d8:f7:7f:6a:2d:0b:d5:db:53:18:e2:4c:59:e4:f2:91: f2:f4:64:89:25:db:57:23:c8:aa:65:b7:39:24:b4:7e:15:b8: 5f:77:39:f4:24:fb:63:ec:14:f8:34:62:c3:b2:77:08:74:ba: 50:3c:f4:85:c2:38:6b:b3:a9:ce:b0:29:cb:51:5d:d8:5c:12: 78:cc:8e:28 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgITLbBWcrw9NFyeMvGOurBkk8UgNjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTE1MDlFQzAwMDAxMTAvBgNVBAUTKDE2RjUyNEY4RTBF QzdDQUUwNzY5QzQyRTUwRkZCM0EyQjU2NEE2QUMwHhcNMjUwNjEzMDAwMDAyWhcN MjUwNzE4MjM1OTU5WjB6MUkwRwYDVQQFE0A1ZmE2MmVlODRjYjBiODhjM2MyMzMw MzA4ZDZhOTY4NWRlMmEzNTQ2NDRmNTQ1YjFmNDcyNDEzYTkzZDJkMzQyMS0wKwYD VQQDEyQ1ODgxMDQwMy05YmEwLTQwM2EtODA5Yi1jNzgyNTJhYjdmNWQwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAzPfx9xz30vlmECl2z0NAHkXjV8EJ uo5J8cJb5TYoPiQ5vjbcwXwnbKb6stoimW/AA9Y/vphRFAcD0ArMaVq+lzZkp3P6 RSYmaJZRGj4dT7gKK9eyixqUXd2n2EkuigGZbquezcTlZHhK0o+Tkks/gwzB+i+R JIh2eYaOa/9ZaqrdfLRyhrw7Vewd1eIpGD0+laxed9ZK2gNOCcgznQCmeUH47tc5 iFHXPYD7G1Mio84g7xw4MjOIlegDdHK3+z7n74NtvQHV806zocxfQZF4MrmTAvut wD8vMHBZZ79j/OgygxlInd0EnFAYIIH+HykEKmkXk4iSa1G4lDhm7XoVAgMBAAGj ggJIMIICRDAdBgNVHQ4EFgQU/e9hDKi7T9s0IZAZZl4X6eFbjeswHwYDVR0jBBgw FoAUFvUk+ODsfK4HacQuUP+zorVkpqwwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0Z2VWstT0Rz Zks0SGFjUXVVUC16b3JWa3Bxdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4ZTVkYmQyMTkv OWI1OWZiZTQtZjI0Mi00ZGJmLTk5NjQtMTUwNDhjM2RhOTk2LnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lL2RiOWEzNzJhLTA5YmMtNGEzMi1iZmU0LThjNDhl NWRiZDIxOS82ZWNiM2NjYS00ODhkLTQzYjktYTUwYi1kMzdjMGM1NWE5ZTEuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBANnBAgwDQYJKoZIhvcNAQELBQADggEBADSrWX9FTTeeN3b+DtQU1jCQ mheDtruEYvaUrdom1iEGuvoiN9rVAt7hA5Hp61FOv7EgxtPueRV6UMV7xndHQQG7 a3VvcUhgF7r11Gjxndbm2q6p4kkhh/Aj8u9ZqV2YrIzHazS0paCSPi5Kf+hhd62A oe6j8Qvi3MstsbiNyct2jIrHTGamnnNSQJu9xadwfUu79cSJc8t4PTUBeoiB+4Iq c0qvjE5ZErQQcI+TNBukU1isZQGW2Pd/ai0L1dtTGOJMWeTykfL0ZIkl21cjyKpl tzkktH4VuF93OfQk+2PsFPg0YsOydwh0ulA89IXCOGuzqc6wKctRXdhcEnjMjig= -----END CERTIFICATE-----Generated at Sat Jun 14 06:12:57 2025 by rpki-client