$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dbe44f29-2c7d-46ec-898d-c756e1c81196.roa File: dbe44f29-2c7d-46ec-898d-c756e1c81196.roa (raw, json) Hash identifier: X7w8x5pZ7iQ0wcBmi3QY5LeBMd2Yfd+PP/2GEmjEj7I= Subject key identifier: 0A:40:CE:B7:CE:E9:6B:DC:99:6A:57:BE:F2:53:78:88:A4:B2:6E:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5D582D001159535AC930A5B36E301322A055B235 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dbe44f29-2c7d-46ec-898d-c756e1c81196.roa Signing time: Sat 29 Mar 2025 00:00:56 +0000 ROA not before: Sat 29 Mar 2025 00:00:56 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.52.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 16:08:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:58:2d:00:11:59:53:5a:c9:30:a5:b3:6e:30:13:22:a0:55:b2:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 29 00:00:56 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: serialNumber=f3a86eebc2baa4bac0be5ed113daef7c94346fd4ad444b40e3161896b99be09d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:46:f9:6d:f4:fd:ca:b1:14:89:36:d9:f3:77: e8:ab:d1:f5:aa:94:78:9a:39:b0:84:f3:fb:65:e4: 1e:b2:c3:7f:7e:a9:65:38:41:1e:cc:2f:7d:9f:ea: f4:89:b0:c0:eb:ec:f2:a5:54:91:32:92:f2:33:47: 9c:62:9e:30:de:8c:c7:ff:0d:92:2e:eb:59:28:d1: 2e:26:7f:03:fc:0a:1b:19:a5:e0:49:c9:bf:3e:9c: 1b:cb:39:a4:02:64:35:c5:35:54:de:8d:a0:8e:02: b1:a9:9d:03:29:ea:53:e1:a9:0e:2a:47:c6:17:91: 4f:4c:66:9d:2b:a3:c0:75:8e:aa:46:d4:ea:2c:90: 21:ba:1c:48:03:06:4b:fe:63:13:65:24:71:d7:33: f3:6a:be:6f:ef:49:d7:49:cb:f5:49:d2:43:62:e8: 1e:66:01:85:e2:00:6c:5c:96:6e:13:94:a6:33:52: f1:b6:67:c9:8f:00:9c:3e:24:e0:0a:75:bc:14:ea: da:c6:4a:b4:af:df:d7:98:0a:31:e0:21:d3:14:33: f1:88:c4:6d:c5:66:c4:9c:0c:22:39:41:4a:5e:80: 23:db:b0:9c:e8:31:43:24:19:69:f3:f2:ee:62:d4: ec:e1:9d:44:9a:0c:63:72:48:bd:e2:b0:70:6d:b9: 50:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:40:CE:B7:CE:E9:6B:DC:99:6A:57:BE:F2:53:78:88:A4:B2:6E:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dbe44f29-2c7d-46ec-898d-c756e1c81196.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.52.0/23 Signature Algorithm: sha256WithRSAEncryption 64:9e:c0:8e:ed:d2:9d:1c:35:82:8c:18:e0:b8:e9:a9:c0:9a: 73:07:6c:d2:39:dd:57:d8:89:aa:b5:5a:b9:cc:3f:89:e4:37: 79:21:12:05:77:35:1b:0f:54:37:14:eb:84:0f:73:ab:03:c7: 7b:2c:26:0b:6d:11:15:a0:b5:be:00:48:80:8f:b2:59:38:16: 23:99:0e:72:0a:23:8d:ba:f8:dd:48:aa:c6:7a:99:38:77:6e: 0b:10:ea:76:67:84:20:39:27:00:a8:87:fe:a9:9b:f4:fb:ec: b3:0d:7e:56:0b:15:81:1f:8b:07:e0:34:b5:76:ea:1f:6f:d0: b1:44:db:7b:22:ae:bc:d4:1f:7d:60:3f:29:4d:7f:09:02:be: 80:07:97:27:63:77:9c:e3:7b:75:b2:53:5b:31:62:67:bb:cd: 6e:92:22:0b:5e:19:63:1a:dc:e8:ec:4e:fb:f7:e6:8d:90:bc: 36:a7:b9:6f:ad:67:d1:71:f7:8d:aa:de:dd:37:0e:bc:41:51: 5a:00:6b:fe:3b:f9:a0:ed:01:c7:6b:fe:11:4c:27:75:2d:29: cf:30:dd:7a:15:7a:b3:12:e2:38:70:5a:41:27:d5:5e:45:49: 49:c4:19:25:c0:e7:b1:f2:fc:05:0a:96:bc:9f:40:4d:f8:0e: 48:cb:4a:f2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXVgtABFZU1rJMKWzbjATIqBVsjUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyOTAwMDA1NloX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAZjNhODZlZWJjMmJhYTRiYWMwYmU1 ZWQxMTNkYWVmN2M5NDM0NmZkNGFkNDQ0YjQwZTMxNjE4OTZiOTliZTA5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kb5bfT9yrEUiTbZ83foq9H1qpR4 mjmwhPP7ZeQessN/fqllOEEezC99n+r0ibDA6+zypVSRMpLyM0ecYp4w3ozH/w2S LutZKNEuJn8D/AobGaXgScm/PpwbyzmkAmQ1xTVU3o2gjgKxqZ0DKepT4akOKkfG F5FPTGadK6PAdY6qRtTqLJAhuhxIAwZL/mMTZSRx1zPzar5v70nXScv1SdJDYuge ZgGF4gBsXJZuE5SmM1LxtmfJjwCcPiTgCnW8FOraxkq0r9/XmAox4CHTFDPxiMRt xWbEnAwiOUFKXoAj27Cc6DFDJBlp8/LuYtTs4Z1Emgxjcki94rBwbblQPwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFApAzrfO6WvcmWpXvvJTeIiksm6/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiZTQ0ZjI5LTJjN2QtNDZlYy04OThkLWM3NTZlMWM4MTE5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9g0MA0GCSqGSIb3DQEBCwUAA4IBAQBknsCO7dKdHDWCjBjguOmp wJpzB2zSOd1X2ImqtVq5zD+J5Dd5IRIFdzUbD1Q3FOuED3OrA8d7LCYLbREVoLW+ AEiAj7JZOBYjmQ5yCiONuvjdSKrGepk4d24LEOp2Z4QgOScAqIf+qZv0++yzDX5W CxWBH4sH4DS1duofb9CxRNt7Iq681B99YD8pTX8JAr6AB5cnY3ec43t1slNbMWJn u81ukiILXhljGtzo7E779+aNkLw2p7lvrWfRcfeNqt7dNw68QVFaAGv+O/mg7QHH a/4RTCd1LSnPMN16FXqzEuI4cFpBJ9VeRUlJxBklwOex8vwFCpa8n0BN+A5Iy0ry -----END CERTIFICATE-----Generated at Thu Apr 17 17:45:57 2025 by rpki-client