$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3607965-9901-471c-8ed4-712d48b362f1.roa File: a3607965-9901-471c-8ed4-712d48b362f1.roa (raw, json) Hash identifier: NzngVnBqtSBgi5G3WsPioU1L1edbI001zy3JQqffO8I= Subject key identifier: 40:9B:D0:D6:B3:4C:A9:DC:55:8D:0A:08:2D:C9:66:58:5C:DB:02:91 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0E4B1BACD3F35A88B53E52F3D1D2EF77B4E835E0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3607965-9901-471c-8ed4-712d48b362f1.roa Signing time: Mon 31 Mar 2025 15:01:17 +0000 ROA not before: Mon 31 Mar 2025 15:01:17 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:4b:1b:ac:d3:f3:5a:88:b5:3e:52:f3:d1:d2:ef:77:b4:e8:35:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 31 15:01:17 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: serialNumber=06ddb9207e73cf18f7df06022704d82e8566b90c4058df6f7f6a431d4537e079, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:6b:19:93:fb:14:85:7b:00:ac:7f:0a:cd:23: e7:5c:bb:8f:27:3d:f5:91:79:9c:fb:04:b9:e1:c9: 10:56:07:2e:5b:ec:e4:65:71:b1:c1:8c:f7:1e:16: 8f:3f:44:a0:5d:e5:58:9e:75:7f:34:76:c4:a4:ac: b6:51:0f:bd:f0:a3:74:9f:81:68:5e:3d:d5:a3:8e: e4:dc:6d:c8:c1:85:d9:c1:8f:a6:6b:b9:de:ce:1e: 7e:b7:5c:14:88:0a:8f:dd:69:b5:61:ba:88:e9:4d: d5:f9:bc:0b:61:b0:db:3d:36:27:b2:d9:bb:4b:19: 16:05:e4:88:1c:6d:07:a3:9d:79:07:d4:23:52:86: 23:7e:ea:3a:9e:1e:6d:56:c2:c2:76:7f:60:22:f0: e5:a0:f4:02:e3:da:2a:45:a4:cf:00:9a:d8:57:d6: 24:56:19:aa:99:e5:80:60:e1:a1:46:5b:76:3b:a1: f9:bb:e7:0f:f4:08:db:62:04:f0:e2:9e:bf:02:23: ec:2a:bd:c8:aa:3c:d7:2c:b4:bc:78:6d:63:b5:71: 37:fe:cd:02:ce:a1:7e:82:49:1a:63:f5:58:e8:44: ff:17:f7:27:b4:4d:91:76:59:c2:92:a6:98:72:6d: 96:4a:02:db:c3:13:7d:66:f8:f7:70:34:68:02:f0: 5c:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:9B:D0:D6:B3:4C:A9:DC:55:8D:0A:08:2D:C9:66:58:5C:DB:02:91 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3607965-9901-471c-8ed4-712d48b362f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.55.0/24 Signature Algorithm: sha256WithRSAEncryption 25:85:d2:4b:7a:58:2d:39:03:6a:09:ef:65:bc:a4:44:9d:e4: 95:1d:99:8f:78:83:67:3f:42:2c:a0:80:61:3a:66:03:8c:d4: e2:dc:1d:0a:6d:e4:45:a9:37:80:90:87:27:71:77:b7:7e:99: 50:c3:17:13:f8:72:1e:1e:ba:b2:ee:b5:1b:bd:ca:bc:25:31: 2c:5d:63:24:09:16:14:21:0b:aa:d3:1d:80:b9:9b:d0:d1:90: a4:87:92:c7:27:be:b5:60:68:31:cb:79:92:6e:8c:2b:17:50: 43:27:2a:38:1f:cf:95:52:4d:e5:37:5c:ee:8f:1c:e0:36:65: 6b:ed:86:19:76:90:be:21:e5:95:f6:86:d1:f1:e9:76:75:7d: f3:7a:d1:1b:d4:ae:96:9a:f2:2c:c1:6d:75:10:93:d1:42:6d: 75:64:c9:aa:66:3b:56:4c:57:c5:42:e9:02:d3:a4:c8:7a:a3: 3a:4d:60:29:98:02:32:d3:ee:ba:1e:25:5c:81:ed:79:a5:b3: 91:d5:82:b4:eb:7e:f6:21:dc:bc:d6:df:a7:b5:96:48:d0:15: 12:1f:58:09:e0:99:45:2c:9c:ab:15:cc:4b:b3:09:3a:6e:dc: e4:43:b4:51:94:5b:a8:cc:fa:a4:a9:59:cc:1b:dc:b0:3f:3d: ac:6b:8b:d4 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDksbrNPzWoi1PlLz0dLvd7ToNeAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMzMTE1MDExN1oX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAMDZkZGI5MjA3ZTczY2YxOGY3ZGYw NjAyMjcwNGQ4MmU4NTY2YjkwYzQwNThkZjZmN2Y2YTQzMWQ0NTM3ZTA3OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGsZk/sUhXsArH8KzSPnXLuPJz31 kXmc+wS54ckQVgcuW+zkZXGxwYz3HhaPP0SgXeVYnnV/NHbEpKy2UQ+98KN0n4Fo Xj3Vo47k3G3IwYXZwY+ma7nezh5+t1wUiAqP3Wm1YbqI6U3V+bwLYbDbPTYnstm7 SxkWBeSIHG0Ho515B9QjUoYjfuo6nh5tVsLCdn9gIvDloPQC49oqRaTPAJrYV9Yk VhmqmeWAYOGhRlt2O6H5u+cP9AjbYgTw4p6/AiPsKr3IqjzXLLS8eG1jtXE3/s0C zqF+gkkaY/VY6ET/F/cntE2RdlnCkqaYcm2WSgLbwxN9Zvj3cDRoAvBctQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFECb0NazTKncVY0KCC3JZlhc2wKRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EzNjA3OTY1LTk5MDEtNDcxYy04ZWQ0LTcxMmQ0OGIzNjJmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A3MA0GCSqGSIb3DQEBCwUAA4IBAQAlhdJLelgtOQNqCe9lvKRE neSVHZmPeINnP0IsoIBhOmYDjNTi3B0KbeRFqTeAkIcncXe3fplQwxcT+HIeHrqy 7rUbvcq8JTEsXWMkCRYUIQuq0x2AuZvQ0ZCkh5LHJ761YGgxy3mSbowrF1BDJyo4 H8+VUk3lN1zujxzgNmVr7YYZdpC+IeWV9obR8el2dX3zetEb1K6WmvIswW11EJPR Qm11ZMmqZjtWTFfFQukC06TIeqM6TWApmAIy0+66HiVcge15pbOR1YK06372Idy8 1t+ntZZI0BUSH1gJ4JlFLJyrFcxLswk6btzkQ7RRlFuozPqkqVnMG9ywPz2sa4vU -----END CERTIFICATE-----Generated at Thu Apr 17 17:43:41 2025 by rpki-client