$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa File: db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa (raw, json) Hash identifier: ZPB+g6z9KilE/9W9nNl4fW9Ab4/JqbTacKR+I9lCZv4= Subject key identifier: 10:28:74:9E:E1:8D:55:09:83:FC:E4:44:86:FF:64:50:4F:2B:A1:6D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 69DA797CB992E4193533E661C1FB7634F490D56E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa Signing time: Sat 29 Mar 2025 00:00:51 +0000 ROA not before: Sat 29 Mar 2025 00:00:51 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 18:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:da:79:7c:b9:92:e4:19:35:33:e6:61:c1:fb:76:34:f4:90:d5:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 29 00:00:51 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: serialNumber=1a084dff54176e8cfef409df17aa2819bef1245370ef7a13bb8e6ef169b34138, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ad:f6:9b:70:f7:38:b4:a7:8e:28:7e:45:de: c0:a5:c7:c2:71:b4:ad:65:c6:2b:58:a6:8d:44:41: 5f:55:60:80:29:6a:3f:50:d0:c4:c0:88:dd:3d:e1: 6e:bd:3c:21:b3:b2:a4:11:3e:e7:30:e3:f8:27:f0: 3d:82:fe:58:7c:b4:e2:b6:51:f3:84:6c:24:1f:d6: 70:5c:46:22:2c:75:c2:fb:fb:53:1a:45:03:d3:9e: d9:eb:8d:db:5e:1a:e7:7a:7c:bb:78:13:28:79:c5: 13:f7:27:9f:f2:19:06:31:10:33:1f:7c:36:44:a8: e2:97:20:f6:6e:b0:25:26:83:dd:2a:c5:17:fa:1e: c9:d3:fe:be:e1:4f:18:49:23:61:b3:7c:7c:63:ff: 9c:1a:94:f9:be:9f:80:b8:18:15:3e:46:23:09:92: b1:59:e9:6e:48:75:67:4a:c0:23:b7:f9:1c:1c:3a: c4:3b:a3:3d:66:43:5d:b4:a9:21:5b:c1:2f:75:73: 2f:9b:a1:dc:93:72:7e:05:45:7d:9e:28:a1:b0:18: c7:06:7a:5e:c7:14:cd:f6:a7:29:c9:47:39:d9:6c: 98:59:04:40:4d:09:ab:17:be:aa:46:94:d4:c8:e5: 41:5a:1a:df:13:2f:9d:10:80:10:7d:9a:be:50:85: 0a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:28:74:9E:E1:8D:55:09:83:FC:E4:44:86:FF:64:50:4F:2B:A1:6D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.63.0/24 Signature Algorithm: sha256WithRSAEncryption 77:16:39:26:f2:9a:66:96:66:b0:54:62:7a:d7:58:b1:0a:00: 4e:d6:7a:2e:67:ef:01:b7:8b:2b:9d:fd:79:91:d9:3a:9b:27: 12:dd:e5:0f:f2:0f:10:92:dd:14:91:ef:ac:8f:ca:ea:28:cb: 20:14:56:32:1e:9e:d1:47:d0:52:d5:46:45:cf:77:6b:58:41: 12:b7:a1:48:17:f1:62:a1:6f:b8:e4:0c:8e:a8:b9:c1:b6:9d: 76:a9:7d:94:85:f7:4e:f9:11:25:74:6b:b3:5d:85:5e:ea:55: 63:df:da:8d:48:2e:6e:02:d0:19:e1:74:6d:c1:9b:8b:3c:b5: 05:3a:13:75:e8:12:1e:3d:71:c6:78:8e:cd:4d:7e:b2:18:65: 47:47:82:5a:39:4a:48:d3:86:31:db:b3:8f:50:50:69:6c:e2: 2f:0b:c1:ea:81:db:27:3f:7b:4c:19:15:55:6e:7e:ef:e9:3d: 37:47:2e:57:0f:8a:fb:1f:4b:bd:a4:63:d8:f6:c5:ad:ed:a6: 22:59:89:f8:3a:4c:bb:c3:e0:b2:a6:0d:ae:ef:68:14:96:d2: ef:5c:b6:ee:f4:82:25:0b:a6:ba:53:cf:d5:c6:97:b2:cc:12: f0:43:e1:f6:48:94:7d:f8:39:31:f5:0b:ed:b0:0e:a6:4d:a6: aa:9a:08:71 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUadp5fLmS5Bk1M+Zhwft2NPSQ1W4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDA1MVoX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAMWEwODRkZmY1NDE3NmU4Y2ZlZjQw OWRmMTdhYTI4MTliZWYxMjQ1MzcwZWY3YTEzYmI4ZTZlZjE2OWIzNDEzODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq32m3D3OLSnjih+Rd7ApcfCcbSt ZcYrWKaNREFfVWCAKWo/UNDEwIjdPeFuvTwhs7KkET7nMOP4J/A9gv5YfLTitlHz hGwkH9ZwXEYiLHXC+/tTGkUD057Z643bXhrneny7eBMoecUT9yef8hkGMRAzH3w2 RKjilyD2brAlJoPdKsUX+h7J0/6+4U8YSSNhs3x8Y/+cGpT5vp+AuBgVPkYjCZKx WeluSHVnSsAjt/kcHDrEO6M9ZkNdtKkhW8EvdXMvm6Hck3J+BUV9niihsBjHBnpe xxTN9qcpyUc52WyYWQRATQmrF76qRpTUyOVBWhrfEy+dEIAQfZq+UIUK8QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBAodJ7hjVUJg/zkRIb/ZFBPK6FtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiMDgyNGJiLTcxYjItNGY2ZS1iOGVkLWMxMGVlM2Q0MjdhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g/MA0GCSqGSIb3DQEBCwUAA4IBAQB3Fjkm8ppmlmawVGJ611ix CgBO1nouZ+8Bt4srnf15kdk6mycS3eUP8g8Qkt0Uke+sj8rqKMsgFFYyHp7RR9BS 1UZFz3drWEESt6FIF/FioW+45AyOqLnBtp12qX2UhfdO+REldGuzXYVe6lVj39qN SC5uAtAZ4XRtwZuLPLUFOhN16BIePXHGeI7NTX6yGGVHR4JaOUpI04Yx27OPUFBp bOIvC8HqgdsnP3tMGRVVbn7v6T03Ry5XD4r7H0u9pGPY9sWt7aYiWYn4Oky7w+Cy pg2u72gUltLvXLbu9IIlC6a6U8/VxpeyzBLwQ+H2SJR9+Dkx9QvtsA6mTaaqmghx -----END CERTIFICATE-----Generated at Thu Apr 17 17:36:33 2025 by rpki-client