$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa File: d953b731-7921-47dd-abf3-b7b8cc367900.roa (raw, json) Hash identifier: xPnsrm0Lqa2jGiTEvvm8Oyay4TeL2+fGo4FQ6pOhc9k= Subject key identifier: EB:93:F0:8A:69:90:53:3E:DF:0E:69:68:15:AA:DF:00:89:E9:22:B1 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 6CC13919827B5E6C227C2BFA2D0B7750804D96C8 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa Signing time: Sat 29 Mar 2025 00:00:01 +0000 ROA not before: Sat 29 Mar 2025 00:00:01 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:c1:39:19:82:7b:5e:6c:22:7c:2b:fa:2d:0b:77:50:80:4d:96:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001 Validity Not Before: Mar 29 00:00:01 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d3:ba:1e:78:02:d0:4c:1b:de:44:ee:39:7d: fe:91:cf:d7:bd:d6:c1:dd:2b:c4:7c:3c:85:cc:b7: 63:58:b9:20:ca:3f:ec:de:2a:af:2a:2d:24:d0:85: 03:59:65:e3:c5:52:0b:6d:d0:ea:40:1b:10:49:c0: cf:b4:8c:93:ae:bc:b6:f4:98:2b:6d:6e:14:10:cd: d7:39:f4:8f:a4:11:e3:61:c9:71:7f:2d:f1:68:1f: 99:92:b3:e8:08:8d:64:cf:83:a9:46:e3:bb:ed:89: f6:18:75:18:71:b1:f4:b1:c7:60:80:e1:e2:f7:ba: 13:00:c5:5c:6e:7f:a5:76:3d:25:4f:ca:bb:1f:43: fb:7f:34:11:ce:2d:f3:16:e9:fb:9d:60:b8:a5:a2: 02:ba:00:5f:5f:b0:f3:2c:5f:e8:75:de:a9:c8:44: fe:1b:03:c3:f8:a1:94:c5:b5:44:00:18:34:60:30: ad:4d:d8:ea:bf:c1:70:44:b3:a1:52:00:78:0f:df: 01:83:3b:93:ea:ee:f8:1a:28:ad:70:a2:ff:d6:ca: ec:fc:ed:75:d8:b6:ce:4e:bc:72:9b:cb:6b:d6:cb: 98:37:ad:c5:0c:40:69:0c:be:d1:80:25:f6:ff:1e: 3f:3b:a6:4b:72:ea:db:d5:26:2b:e5:16:b0:87:98: cc:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:93:F0:8A:69:90:53:3E:DF:0E:69:68:15:AA:DF:00:89:E9:22:B1 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/18 Signature Algorithm: sha256WithRSAEncryption ef:e2:0c:59:30:11:00:fe:b4:c6:5c:6a:de:68:3c:4b:62:dd: 8a:8b:0e:66:70:1e:6e:b8:e1:2b:f0:05:69:d1:ee:91:21:47: 66:e8:78:f4:67:50:c5:f6:84:af:52:b5:18:e8:3a:81:f1:85: 2c:b0:da:df:bd:ef:a3:42:35:9b:b7:2d:0a:8b:a4:eb:8e:a7: 76:ba:75:04:52:3a:2b:80:3a:95:7e:0d:0e:40:c0:de:bd:72: d2:90:5b:b1:1b:e5:6d:98:77:ae:a3:b2:1a:e4:a5:78:bb:84: ad:02:2b:10:ce:f5:ca:c9:d2:90:f0:e5:ea:75:eb:22:63:50: cd:98:17:b2:b5:c0:a3:89:a5:23:f5:91:21:d6:1d:82:a8:9a: e7:bd:b0:1d:7b:a8:29:ec:d8:04:d4:2b:4f:ae:02:2b:f6:36: 1c:a9:a6:dc:20:b7:7b:0d:5d:bb:04:19:2e:3d:63:93:1f:47: 9b:92:df:29:7e:95:7c:ce:0c:4e:72:50:f7:9c:c2:10:bf:36: d7:26:c2:4e:74:1a:a2:97:02:9e:bf:bd:16:87:7b:2f:94:61: 9a:4c:d3:3e:ab:18:be:00:db:bd:0e:4d:55:d4:75:f8:aa:3e: 13:ee:2e:20:46:a3:48:32:77:82:81:25:54:dc:17:6a:cf:7e: 9f:6b:eb:fb -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUbME5GYJ7XmwifCv6LQt3UIBNlsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMyOTAwMDAwMVoX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAY2Q1NTIyMWQyZGU3NjZiM2RhYjYx NzZlNzY5NmYxNjFkMmMyMzkwNTY4NDYwYWUxZmJjNzQxZjI0MTUyYzFiMzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdO6HngC0Ewb3kTuOX3+kc/XvdbB 3SvEfDyFzLdjWLkgyj/s3iqvKi0k0IUDWWXjxVILbdDqQBsQScDPtIyTrry29Jgr bW4UEM3XOfSPpBHjYclxfy3xaB+ZkrPoCI1kz4OpRuO77Yn2GHUYcbH0scdggOHi 97oTAMVcbn+ldj0lT8q7H0P7fzQRzi3zFun7nWC4paICugBfX7DzLF/odd6pyET+ GwPD+KGUxbVEABg0YDCtTdjqv8FwRLOhUgB4D98BgzuT6u74GiitcKL/1srs/O11 2LbOTrxym8tr1suYN63FDEBpDL7RgCX2/x4/O6ZLcurb1SYr5Rawh5jMrwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOuT8IppkFM+3w5paBWq3wCJ6SKxMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2Q5NTNiNzMxLTc5MjEtNDdkZC1hYmYzLWI3YjhjYzM2NzkwMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQDv4gxZMBEA/rTGXGreaDxL Yt2Kiw5mcB5uuOEr8AVp0e6RIUdm6Hj0Z1DF9oSvUrUY6DqB8YUssNrfve+jQjWb ty0Ki6Trjqd2unUEUjorgDqVfg0OQMDevXLSkFuxG+VtmHeuo7Ia5KV4u4StAisQ zvXKydKQ8OXqdesiY1DNmBeytcCjiaUj9ZEh1h2CqJrnvbAde6gp7NgE1CtPrgIr 9jYcqabcILd7DV27BBkuPWOTH0ebkt8pfpV8zgxOclD3nMIQvzbXJsJOdBqilwKe v70Wh3svlGGaTNM+qxi+ANu9Dk1V1HX4qj4T7i4gRqNIMneCgSVU3Bdqz36fa+v7 -----END CERTIFICATE-----Generated at Sat Apr 5 11:12:44 2025 by rpki-client