$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa File: 15f0df98-8d36-4eb8-8d73-6075251475ae.roa (raw, json) Hash identifier: cjcFaMsTRSMttkcahOXojoEwQrZTzV2+A83YOGWnKA0= Subject key identifier: FC:0C:7E:FF:12:CC:B8:F9:DA:3E:78:BD:07:8A:FD:D3:2A:F4:FB:BA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2973C60BF8778E37217893AEED16D708FE28A87C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa Signing time: Tue 25 Mar 2025 16:51:08 +0000 ROA not before: Tue 25 Mar 2025 16:51:08 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.220.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:73:c6:0b:f8:77:8e:37:21:78:93:ae:ed:16:d7:08:fe:28:a8:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 25 16:51:08 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: serialNumber=a8230e99f51041d7cd45909efddc59d877848dbb9b86a49acb8a210314883b09, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:78:24:37:03:72:87:6d:33:c6:03:ee:b3:71: a8:a3:ab:90:b1:da:96:77:79:ba:6b:a9:48:57:e2: 19:53:b6:dc:60:dc:06:d3:9b:1d:ea:ec:8d:27:54: 04:d2:05:6d:a2:91:39:cd:26:0d:3a:f9:71:12:4b: d1:04:e0:9d:2d:ca:34:47:8f:0e:9b:b4:6e:d5:17: ca:ff:fe:55:e3:27:55:af:d1:90:1e:39:24:58:be: a0:69:f1:0f:b2:72:cf:1e:d4:2e:2a:36:a8:74:f7: bf:99:82:b4:c0:b5:db:99:b1:a2:8a:8f:59:43:ed: 6f:b4:38:2f:be:18:56:8c:5b:73:a4:93:d3:79:1e: f3:3c:ca:1b:99:ba:62:76:be:df:65:5c:e3:88:c0: a1:c9:53:10:25:9d:0f:e5:bd:df:e5:70:46:19:88: de:ac:e0:6c:85:23:18:98:bd:78:e8:24:5c:ae:c6: bb:eb:51:77:cc:93:40:ab:21:3d:89:8a:6e:a1:b6: 5f:a6:2e:58:d9:e8:29:d8:55:05:cb:20:e8:4b:06: 86:3b:f0:88:c9:72:2d:42:46:8d:14:29:d5:56:0d: 85:1b:b8:44:bf:e8:69:c7:66:d7:3b:ba:5d:ea:6d: 70:08:07:89:07:ba:bb:8f:cd:ff:59:30:c0:c0:26: 6c:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:0C:7E:FF:12:CC:B8:F9:DA:3E:78:BD:07:8A:FD:D3:2A:F4:FB:BA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15f0df98-8d36-4eb8-8d73-6075251475ae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.220.0.0/15 Signature Algorithm: sha256WithRSAEncryption 74:e7:a8:6c:37:96:e9:f4:f8:ef:3c:1a:36:df:32:6d:e2:87: 83:fc:a2:a1:42:29:d1:cc:97:8f:0f:72:20:6c:bc:9c:98:10: 97:b2:fc:85:be:c2:45:06:a7:2e:47:e1:e9:5b:14:a7:5f:92: d2:3e:ad:20:c2:db:a9:a4:96:8c:41:1e:6a:3b:cc:c9:61:1a: b4:f0:46:21:32:23:13:03:9c:0d:28:d5:74:39:3e:d4:e7:aa: d8:b6:b6:0e:9b:81:45:56:91:4f:2e:f0:e1:b4:78:5c:34:3f: c0:ba:3a:e4:a8:b7:ca:a3:58:0c:09:9a:ca:57:9c:fc:43:74: a9:68:b4:36:8b:b8:95:63:db:d3:b1:c7:11:8e:33:29:b9:58: 45:68:17:7f:32:82:85:73:b2:1d:c9:36:b0:ba:8d:4c:3e:54: 25:f5:dc:b8:28:58:ad:0b:2d:87:b6:8f:75:33:9b:f1:b7:44: 69:57:e7:ca:f5:f9:2f:09:15:3a:22:f3:c2:2c:85:e2:14:29: 5b:48:ba:2d:79:aa:17:4f:f1:97:cb:0f:60:97:af:79:05:b9: 48:00:3b:b3:6b:0e:83:b1:00:29:61:99:25:f0:84:1b:7f:44: 03:3c:73:83:fb:15:70:f9:f4:3c:d2:33:c2:cb:ac:4d:fe:48: f5:ff:b5:fe -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUKXPGC/h3jjcheJOu7RbXCP4oqHwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTE2NTEwOFoX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYTgyMzBlOTlmNTEwNDFkN2NkNDU5 MDllZmRkYzU5ZDg3Nzg0OGRiYjliODZhNDlhY2I4YTIxMDMxNDg4M2IwOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3gkNwNyh20zxgPus3Goo6uQsdqW d3m6a6lIV+IZU7bcYNwG05sd6uyNJ1QE0gVtopE5zSYNOvlxEkvRBOCdLco0R48O m7Ru1RfK//5V4ydVr9GQHjkkWL6gafEPsnLPHtQuKjaodPe/mYK0wLXbmbGiio9Z Q+1vtDgvvhhWjFtzpJPTeR7zPMobmbpidr7fZVzjiMChyVMQJZ0P5b3f5XBGGYje rOBshSMYmL146CRcrsa761F3zJNAqyE9iYpuobZfpi5Y2egp2FUFyyDoSwaGO/CI yXItQkaNFCnVVg2FG7hEv+hpx2bXO7pd6m1wCAeJB7q7j83/WTDAwCZsdwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFPwMfv8SzLj52j54vQeK/dMq9Pu6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE1ZjBkZjk4LThkMzYtNGViOC04ZDczLTYwNzUyNTE0NzVhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9wwDQYJKoZIhvcNAQELBQADggEBAHTnqGw3lun0+O88GjbfMm3i h4P8oqFCKdHMl48PciBsvJyYEJey/IW+wkUGpy5H4elbFKdfktI+rSDC26mkloxB Hmo7zMlhGrTwRiEyIxMDnA0o1XQ5PtTnqti2tg6bgUVWkU8u8OG0eFw0P8C6OuSo t8qjWAwJmspXnPxDdKlotDaLuJVj29OxxxGOMym5WEVoF38ygoVzsh3JNrC6jUw+ VCX13LgoWK0LLYe2j3Uzm/G3RGlX58r1+S8JFToi88IsheIUKVtIui15qhdP8ZfL D2CXr3kFuUgAO7NrDoOxAClhmSXwhBt/RAM8c4P7FXD59DzSM8LLrE3+SPX/tf4= -----END CERTIFICATE-----Generated at Thu Apr 17 18:11:50 2025 by rpki-client