$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa File: 084fc721-60a4-414f-b72d-dc01788e0fc2.roa (raw, json) Hash identifier: L6HcGAGxvJJU99EZJ0YKmD8YxBtqVnh7DASkSMPclkI= Subject key identifier: CC:34:6E:43:EC:FF:71:D2:4A:BB:C6:55:6A:FF:DB:0F:29:5A:90:62 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 47C635E59B4B6CAE76DE957AC5C8D3995EE8B5B1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa Signing time: Mon 19 May 2025 15:00:59 +0000 ROA not before: Mon 19 May 2025 15:00:59 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:c6:35:e5:9b:4b:6c:ae:76:de:95:7a:c5:c8:d3:99:5e:e8:b5:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 15:00:59 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=059d7e72f263a8b09e4c8515add5d5e4eb9c289b1532f4c6ee0d74d8d7469910, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3d:1b:d0:a5:3e:e4:39:11:69:63:ee:ce:c5: 2b:1a:68:5b:ed:9f:8f:b3:2e:26:16:77:06:7b:85: 4d:02:e3:9f:10:ab:11:05:29:c8:9d:1c:ca:75:88: 88:88:5e:5b:ec:d8:72:9f:03:87:71:65:60:56:84: 32:9b:81:ae:80:53:6b:db:2d:84:08:b7:e2:37:29: 86:b2:0a:c8:b6:66:15:18:e2:5d:ff:63:24:9b:6b: 44:0e:72:43:6c:a2:19:bd:a4:52:e3:a1:6d:78:16: ce:8e:28:73:23:8f:ad:97:7c:e2:e0:7f:1d:a8:cf: cc:69:90:9d:50:de:72:69:55:fd:29:5b:d4:d2:a3: 45:ab:eb:60:66:90:f2:2d:24:d4:31:bc:63:b1:af: 1c:86:bb:d9:98:70:a2:94:97:e5:1f:b4:2c:a1:f9: 78:a6:1a:49:91:b7:2c:67:6a:e4:a3:06:ca:de:d9: ab:ef:82:03:04:b0:01:37:33:db:f9:09:6f:0a:74: 0e:fe:9d:9c:b6:14:bf:9d:6f:74:c1:1f:a2:83:08: d7:53:43:b7:65:27:d0:7e:9b:8d:93:bf:08:d1:2f: 54:a6:a1:81:f7:b4:17:48:71:1b:10:21:27:7d:b6: c0:52:78:ff:0a:c3:56:65:06:a6:cc:6b:fc:a6:f1: 5c:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:34:6E:43:EC:FF:71:D2:4A:BB:C6:55:6A:FF:DB:0F:29:5A:90:62 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.61.0/24 Signature Algorithm: sha256WithRSAEncryption 31:06:1f:c1:07:e4:d5:e3:f7:70:d4:d3:36:4c:ea:73:9e:0f: eb:0e:1f:7b:77:9d:63:8b:6f:9a:ec:37:60:57:06:9b:5e:67: f4:ec:3c:64:96:3a:d0:da:8b:d7:34:23:30:17:13:72:52:ca: 4e:3e:cf:75:5a:72:73:a3:39:58:1d:d7:0e:eb:f7:9a:fd:bf: 47:df:6f:51:63:6e:ed:77:a4:3c:d0:52:97:d7:cc:d0:43:9d: 94:15:a0:35:66:c3:c9:61:ac:27:56:1b:e0:86:c0:24:5b:f6: da:cb:8c:d8:ce:2a:51:a3:d9:60:da:36:9b:c0:7f:ff:38:1b: c9:88:f6:68:2e:e9:cb:bb:41:2f:52:ac:c6:a4:26:17:4a:c8: 7b:7c:ab:03:02:e5:1b:7c:f2:85:5c:52:45:eb:a5:96:12:f3: 6e:2b:18:54:18:b0:8b:90:ac:9b:33:4d:d5:51:6c:85:73:68: 23:bd:a4:c6:52:7c:10:6c:c0:6a:67:01:b8:65:26:0d:a7:aa: df:af:3a:17:c3:09:55:aa:10:87:05:ef:a3:c4:c2:bc:28:a4: 92:3f:9d:b2:eb:33:45:85:f3:44:31:d3:dc:da:b4:24:7e:c1: 1c:8b:5c:26:43:e3:75:a3:cf:c6:8a:9b:48:be:b2:a6:20:df: 08:b8:5d:cb -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUR8Y15ZtLbK523pV6xcjTmV7otbEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxOTE1MDA1OVoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAMDU5ZDdlNzJmMjYzYThiMDllNGM4 NTE1YWRkNWQ1ZTRlYjljMjg5YjE1MzJmNGM2ZWUwZDc0ZDhkNzQ2OTkxMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT0b0KU+5DkRaWPuzsUrGmhb7Z+P sy4mFncGe4VNAuOfEKsRBSnInRzKdYiIiF5b7NhynwOHcWVgVoQym4GugFNr2y2E CLfiNymGsgrItmYVGOJd/2Mkm2tEDnJDbKIZvaRS46FteBbOjihzI4+tl3zi4H8d qM/MaZCdUN5yaVX9KVvU0qNFq+tgZpDyLSTUMbxjsa8chrvZmHCilJflH7Qsofl4 phpJkbcsZ2rkowbK3tmr74IDBLABNzPb+QlvCnQO/p2cthS/nW90wR+igwjXU0O3 ZSfQfpuNk78I0S9UpqGB97QXSHEbECEnfbbAUnj/CsNWZQamzGv8pvFcdwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMw0bkPs/3HSSrvGVWr/2w8pWpBiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4NGZjNzIxLTYwYTQtNDE0Zi1iNzJkLWRjMDE3ODhlMGZjMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g9MA0GCSqGSIb3DQEBCwUAA4IBAQAxBh/BB+TV4/dw1NM2TOpz ng/rDh97d51ji2+a7DdgVwabXmf07DxkljrQ2ovXNCMwFxNyUspOPs91WnJzozlY HdcO6/ea/b9H329RY27td6Q80FKX18zQQ52UFaA1ZsPJYawnVhvghsAkW/bay4zY zipRo9lg2jabwH//OBvJiPZoLunLu0EvUqzGpCYXSsh7fKsDAuUbfPKFXFJF66WW EvNuKxhUGLCLkKybM03VUWyFc2gjvaTGUnwQbMBqZwG4ZSYNp6rfrzoXwwlVqhCH Be+jxMK8KKSSP52y6zNFhfNEMdPc2rQkfsEci1wmQ+N1o8/GiptIvrKmIN8IuF3L -----END CERTIFICATE-----Generated at Tue Jun 3 23:36:03 2025 by rpki-client