$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa File: c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa (raw, json) Hash identifier: YzXu71Qi6LSK9Fnqw9q1gUtYXxlCAoVxfBi2fmViNac= Subject key identifier: 1A:E1:F4:44:07:ED:2B:FD:88:D3:D8:27:AA:FA:9E:3F:DA:1C:93:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09C524049A662F983D9A5CD14C15C5EF9AC04CE3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa Signing time: Sat 29 Mar 2025 00:00:59 +0000 ROA not before: Sat 29 Mar 2025 00:00:59 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:c5:24:04:9a:66:2f:98:3d:9a:5c:d1:4c:15:c5:ef:9a:c0:4c:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 29 00:00:59 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: serialNumber=a4445771a02c3d8cf92c780f92bb2b24f72c4c5255efc1beaec0e745f0b460b5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:7c:87:2f:b7:15:b2:13:07:25:44:53:d2:b6: e8:c2:cc:b0:c8:0b:f9:ef:d7:43:96:c3:b4:0b:26: 88:75:f7:08:3f:4a:86:01:ec:49:d4:70:da:9e:f4: f6:43:4e:19:d0:8f:6c:37:f4:50:03:bc:63:1e:e8: 59:11:2d:89:a1:94:15:6c:0d:e6:00:a7:d3:57:5f: 58:9c:63:5f:d9:df:6b:25:be:fc:cb:92:83:23:33: d4:20:ab:98:7e:55:dd:f8:70:98:95:9d:79:01:d1: e5:7c:eb:f9:2b:a9:00:e7:ec:39:26:18:e1:93:f1: 2a:40:72:99:0c:f4:78:d3:1f:ad:68:cb:31:29:bb: f8:30:2a:10:7e:e9:ab:06:04:a8:93:0b:9d:52:49: de:e0:d6:06:1f:36:6d:6c:1c:69:f5:01:c3:c9:0e: 7c:fa:96:56:62:f3:da:e0:98:6a:33:c8:00:f7:8d: 81:41:9c:30:95:77:3c:38:07:8a:dd:8e:4b:af:90: 60:bb:0d:47:1e:37:a4:a9:fe:8b:2a:3d:a4:c6:7e: 40:f8:d7:97:e2:5e:97:60:8c:f7:d4:51:38:33:4f: 45:bd:a5:bd:1a:16:be:2d:51:86:32:13:a2:6a:79: 7e:24:de:4d:f4:bb:63:e9:0b:1d:05:88:75:5e:ef: ed:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:E1:F4:44:07:ED:2B:FD:88:D3:D8:27:AA:FA:9E:3F:DA:1C:93:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.158.0/23 Signature Algorithm: sha256WithRSAEncryption 15:87:8e:ac:18:89:48:e2:39:c0:74:28:b6:b5:b9:51:d8:03: 43:60:4c:38:aa:8d:09:9b:23:76:d7:0f:fe:6e:3e:e3:61:a2: 3a:8b:8c:12:3a:12:5b:58:25:27:19:d7:4a:70:d0:7c:a8:c0: e3:95:c8:00:f4:12:19:f2:5e:e5:66:bf:a4:a5:7a:c1:85:4f: a3:c6:b8:b7:98:65:6d:8a:2e:e4:41:14:ec:36:4b:0f:77:28: 79:13:de:ae:a9:46:6e:83:d6:33:ad:ba:a6:e7:da:f1:57:04: b7:a9:c6:5a:5c:06:93:fc:45:a0:54:6a:97:fc:86:45:3b:7a: 8a:8f:72:e3:d7:e2:35:04:03:0c:db:07:d0:81:e8:48:59:44: 2e:da:52:4d:32:8e:1e:1e:93:47:7b:73:ee:9a:68:39:19:fd: 93:6e:0f:e4:ee:c9:bc:47:3f:73:b0:c3:95:4f:00:b4:b5:e5: af:28:5f:9a:68:51:1f:ac:40:4b:7d:01:e2:6f:be:5c:f1:43: 03:3f:83:8c:f2:62:45:4d:74:79:df:76:f8:bd:76:2d:a3:dd: e7:3d:35:1e:94:65:15:7b:82:a3:29:53:ed:47:9a:93:c4:8a: 78:9e:65:9e:37:d1:69:e3:50:6e:be:88:e2:ba:54:5e:4a:1f: 6b:91:05:34 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUCcUkBJpmL5g9mlzRTBXF75rATOMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDA1OVoX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAYTQ0NDU3NzFhMDJjM2Q4Y2Y5MmM3 ODBmOTJiYjJiMjRmNzJjNGM1MjU1ZWZjMWJlYWVjMGU3NDVmMGI0NjBiNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3yHL7cVshMHJURT0rbowsywyAv5 79dDlsO0CyaIdfcIP0qGAexJ1HDanvT2Q04Z0I9sN/RQA7xjHuhZES2JoZQVbA3m AKfTV19YnGNf2d9rJb78y5KDIzPUIKuYflXd+HCYlZ15AdHlfOv5K6kA5+w5Jhjh k/EqQHKZDPR40x+taMsxKbv4MCoQfumrBgSokwudUkne4NYGHzZtbBxp9QHDyQ58 +pZWYvPa4JhqM8gA942BQZwwlXc8OAeK3Y5Lr5Bguw1HHjekqf6LKj2kxn5A+NeX 4l6XYIz31FE4M09FvaW9Gha+LVGGMhOianl+JN5N9Ltj6QsdBYh1Xu/tGQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBrh9EQH7Sv9iNPYJ6r6nj/aHJNYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZTA3MzVkLWE5MWUtNDc4ZC04MmQyLWEzZjA0ZWU0MzVkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9qeMA0GCSqGSIb3DQEBCwUAA4IBAQAVh46sGIlI4jnAdCi2tblR 2ANDYEw4qo0JmyN21w/+bj7jYaI6i4wSOhJbWCUnGddKcNB8qMDjlcgA9BIZ8l7l Zr+kpXrBhU+jxri3mGVtii7kQRTsNksPdyh5E96uqUZug9Yzrbqm59rxVwS3qcZa XAaT/EWgVGqX/IZFO3qKj3Lj1+I1BAMM2wfQgehIWUQu2lJNMo4eHpNHe3Pummg5 Gf2Tbg/k7sm8Rz9zsMOVTwC0teWvKF+aaFEfrEBLfQHib75c8UMDP4OM8mJFTXR5 33b4vXYto93nPTUelGUVe4KjKVPtR5qTxIp4nmWeN9Fp41BuvojiulReSh9rkQU0 -----END CERTIFICATE-----Generated at Thu Apr 17 17:24:35 2025 by rpki-client