$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: nWg+LBylrV8IN5SsgajUSoM2vuAYTTyizMzVkBxnL6M= Subject key identifier: FB:AC:02:E2:32:51:90:AF:80:BB:3E:4B:0D:F9:7B:21:F2:1F:A4:47 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 4CEC8717650B223EEA7274BF909012039F6339A6 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Sat 29 Mar 2025 00:00:01 +0000 ROA not before: Sat 29 Mar 2025 00:00:01 +0000 ROA not after: Sat 03 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 00:00:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:ec:87:17:65:0b:22:3e:ea:72:74:bf:90:90:12:03:9f:63:39:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000 Validity Not Before: Mar 29 00:00:01 2025 GMT Not After : May 3 23:59:59 2025 GMT Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:83:bc:4e:a2:61:6f:18:84:b7:d8:c1:f9:a3: f1:34:94:3a:aa:a9:54:36:d9:dc:2a:92:c8:79:c8: e0:2b:ab:71:a7:82:ee:a1:9c:fe:18:f8:21:fd:6d: a0:a5:09:28:a4:b0:bf:1a:66:64:13:6f:1d:eb:da: a5:93:11:0f:43:73:8b:a9:76:19:d8:8d:bb:3f:3c: db:17:89:0d:eb:85:a5:5f:7b:f1:33:7e:d1:e1:28: 06:17:46:e0:0a:f8:3b:7a:e3:1c:f8:3f:96:c6:5b: a8:94:ce:26:e0:98:d3:a5:38:cd:0a:67:b7:3b:72: 28:dd:ec:4a:56:92:08:76:c9:e7:15:2a:d8:87:0a: 1e:2a:76:b4:b2:36:48:80:3b:a4:b6:10:1f:a9:d2: bf:3e:f1:ba:19:83:15:c8:da:a3:d2:14:0d:cf:5c: a0:a5:30:78:fa:50:92:9e:41:f0:91:37:33:d7:45: be:28:f3:b5:72:f9:cd:96:ab:10:63:0f:86:df:b4: ba:b4:2e:ae:1f:36:e5:7f:ff:c1:8a:46:32:57:f9: 58:6c:d3:6b:41:0c:a0:69:87:44:31:f8:66:9e:72: d5:5b:53:69:3f:18:59:aa:b6:15:df:be:c6:b7:7e: 70:43:b9:fc:37:4d:87:2d:09:9a:92:49:78:8f:d4: 00:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:AC:02:E2:32:51:90:AF:80:BB:3E:4B:0D:F9:7B:21:F2:1F:A4:47 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 49:30:1e:c8:70:49:ec:6e:07:9a:d7:27:16:76:cd:d4:15:22: 51:40:e6:8a:fa:32:55:b2:5b:69:12:86:38:40:14:34:99:d9: 95:19:75:8f:64:50:36:b8:8e:65:85:a4:3c:92:9b:da:41:18: 3f:b6:bf:fb:b1:05:71:7a:f2:e1:44:79:ea:33:6f:6a:bc:9b: fe:c3:61:64:35:b1:27:81:33:3f:de:b6:d7:89:91:8c:c6:89: 90:76:cc:97:e3:8f:cc:7b:17:c9:3a:43:bc:5a:24:37:4f:59: 34:b0:28:3b:41:ae:cc:c4:fc:7b:56:4b:56:05:0b:c7:91:b9: 63:a6:27:92:f0:6f:ec:87:b8:32:a4:80:ef:91:17:67:95:70: ca:d0:62:76:0f:9f:1c:1f:a6:10:72:6a:62:96:aa:c2:a4:52: 04:55:a9:52:e8:dc:2f:d9:f2:08:53:13:50:e2:0d:7a:58:46: af:8d:a1:37:20:d5:81:16:b3:19:b0:ca:84:bb:b2:79:db:bc: 01:6a:89:67:a9:c2:2b:67:24:57:f0:d6:ea:54:70:81:7c:5f: 87:1e:42:cd:80:d8:45:73:4a:e0:88:c9:9e:b3:cb:82:64:63: 4b:c8:d3:e1:10:dd:58:db:47:7d:e3:52:f8:26:67:b9:ed:fc: 4d:ec:d4:7d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTOyHF2ULIj7qcnS/kJASA59jOaYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMyOTAwMDAwMVoX DTI1MDUwMzIzNTk1OVowejFJMEcGA1UEBRNAZmY3NGM5MWY2YWU1YjNiZjRhMWJk MzU2MmVlNDFlMDI4NWVhNmI5MjQ5OTJhODAyZDg1OTcxZDM3NmEwODkyYTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4O8TqJhbxiEt9jB+aPxNJQ6qqlU NtncKpLIecjgK6txp4LuoZz+GPgh/W2gpQkopLC/GmZkE28d69qlkxEPQ3OLqXYZ 2I27PzzbF4kN64WlX3vxM37R4SgGF0bgCvg7euMc+D+WxluolM4m4JjTpTjNCme3 O3Io3exKVpIIdsnnFSrYhwoeKna0sjZIgDukthAfqdK/PvG6GYMVyNqj0hQNz1yg pTB4+lCSnkHwkTcz10W+KPO1cvnNlqsQYw+G37S6tC6uHzblf//BikYyV/lYbNNr QQygaYdEMfhmnnLVW1NpPxhZqrYV377Gt35wQ7n8N02HLQmakkl4j9QABQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPusAuIyUZCvgLs+Sw35eyHyH6RHMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQBJMB7IcEnsbgea1ycWds3U FSJRQOaK+jJVsltpEoY4QBQ0mdmVGXWPZFA2uI5lhaQ8kpvaQRg/tr/7sQVxevLh RHnqM29qvJv+w2FkNbEngTM/3rbXiZGMxomQdsyX44/MexfJOkO8WiQ3T1k0sCg7 Qa7MxPx7VktWBQvHkbljpieS8G/sh7gypIDvkRdnlXDK0GJ2D58cH6YQcmpilqrC pFIEValS6Nwv2fIIUxNQ4g16WEavjaE3INWBFrMZsMqEu7J527wBaolnqcIrZyRX 8NbqVHCBfF+HHkLNgNhFc0rgiMmes8uCZGNLyNPhEN1Y20d941L4Jme57fxN7NR9 -----END CERTIFICATE-----Generated at Sat Apr 5 11:00:29 2025 by rpki-client