$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/098c0cc3-be06-46b9-86e2-aeb99985dd07.roa File: 098c0cc3-be06-46b9-86e2-aeb99985dd07.roa (raw, json) Hash identifier: jqwgOh5kWS3z1bEK82fAndF7P90TC9bsHaTEp5XUyI4= Subject key identifier: 16:10:A8:B5:EE:EE:B7:07:5C:A9:AB:29:64:E2:E5:AB:6C:52:2F:8B Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 4EF5810C74F60E4AA0E1AD962268498A89651CB3 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/098c0cc3-be06-46b9-86e2-aeb99985dd07.roa Signing time: Tue 20 May 2025 00:00:41 +0000 ROA not before: Tue 20 May 2025 00:00:41 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:f5:81:0c:74:f6:0e:4a:a0:e1:ad:96:22:68:49:8a:89:65:1c:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 20 00:00:41 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=5e51da945577f4e5f6dbac87a3dee9288e9687d857d4ae884fb15452c1a5c869, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:c5:10:ee:03:93:2b:82:d5:8d:0c:e7:44:79: 8d:b7:4e:5b:3a:f5:0a:3f:a2:9f:e6:67:a2:38:60: 5d:1a:02:68:c8:37:c9:e0:1a:33:b9:72:ee:8c:c1: 0a:cd:6a:fd:d6:6b:f5:6c:74:bc:2e:2a:6c:67:64: bc:76:c3:5d:34:fd:df:61:a4:71:b5:e3:f3:4e:48: 2a:df:0f:bb:e2:44:03:4f:88:e3:e0:8d:7e:54:4f: 0e:94:fc:1f:46:05:7d:55:32:41:6b:06:c2:21:0e: 23:88:f6:2b:09:4d:51:5a:b5:b1:1d:93:d1:3e:00: f8:d7:4a:2a:99:7f:2d:16:f3:27:f4:26:91:98:32: 53:db:27:ec:1d:18:c4:90:e3:9f:9a:5c:04:af:3b: cd:25:2e:e3:4b:22:18:6f:2d:39:c5:12:9a:ee:f6: bf:6c:01:10:fe:a1:05:10:08:65:46:e9:6f:2e:fa: b5:ec:08:9c:bb:c6:20:90:d3:34:46:21:05:63:18: 29:6c:5f:5d:0b:93:df:05:5b:39:27:c6:16:38:ae: bc:df:8a:81:a6:40:60:32:4a:d8:23:12:4f:35:0b: 07:f9:8c:92:34:d4:25:bc:db:48:9a:c5:de:e1:bb: 48:c9:e8:25:7e:bc:f3:fa:d6:61:7f:c4:6d:28:d0: d5:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:10:A8:B5:EE:EE:B7:07:5C:A9:AB:29:64:E2:E5:AB:6C:52:2F:8B X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/098c0cc3-be06-46b9-86e2-aeb99985dd07.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.192.0/18 Signature Algorithm: sha256WithRSAEncryption 64:5f:eb:14:fe:b6:7f:8e:ce:a5:4d:c1:49:47:e5:1e:dc:ea: 4a:82:4c:1c:74:02:0a:ed:38:c3:3b:e4:98:bc:b1:ff:b3:17: ba:77:aa:22:fb:ca:a3:94:b1:df:f1:92:81:af:79:b8:8a:50: f5:2a:6d:bd:9c:a6:6c:0d:6f:a7:90:47:2b:14:c0:b1:55:dc: 21:ec:e7:8b:8f:38:2b:5e:ff:fe:ff:f5:6c:44:99:e3:c9:2b: 75:3c:8b:3a:e2:93:0a:31:6c:b1:56:6e:d7:d7:5f:22:55:41: 7b:22:0d:02:43:d1:98:59:06:b6:46:72:d5:28:2f:36:2d:58: d5:7f:2d:51:f9:46:ca:e6:50:90:51:71:06:98:ae:4c:5d:e6: 18:6a:94:9d:85:fb:b3:d9:2f:49:db:dc:cc:83:50:3f:3b:54: 14:ac:b1:fd:39:34:bb:c8:b3:46:93:4f:b0:c0:82:41:cf:64: 64:77:e5:9a:e7:6f:62:0f:e8:be:22:e1:69:76:bb:e7:af:2b: a8:60:8c:3f:5e:3f:53:c3:20:55:81:cb:81:ae:20:75:d0:8a: 43:e4:7c:8b:e4:f3:c7:cc:7c:9f:f2:9f:11:33:1b:bb:8f:5f: 5b:54:4b:82:62:a5:6c:d1:13:a8:25:5b:ca:e9:7f:05:ce:d1: 9c:da:ba:5f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTvWBDHT2Dkqg4a2WImhJiollHLMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUyMDAwMDA0MVoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNANWU1MWRhOTQ1NTc3ZjRlNWY2ZGJh Yzg3YTNkZWU5Mjg4ZTk2ODdkODU3ZDRhZTg4NGZiMTU0NTJjMWE1Yzg2OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMUQ7gOTK4LVjQznRHmNt05bOvUK P6Kf5meiOGBdGgJoyDfJ4BozuXLujMEKzWr91mv1bHS8LipsZ2S8dsNdNP3fYaRx tePzTkgq3w+74kQDT4jj4I1+VE8OlPwfRgV9VTJBawbCIQ4jiPYrCU1RWrWxHZPR PgD410oqmX8tFvMn9CaRmDJT2yfsHRjEkOOfmlwErzvNJS7jSyIYby05xRKa7va/ bAEQ/qEFEAhlRulvLvq17Aicu8YgkNM0RiEFYxgpbF9dC5PfBVs5J8YWOK6834qB pkBgMkrYIxJPNQsH+YySNNQlvNtImsXe4btIyeglfrzz+tZhf8RtKNDVNwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBYQqLXu7rcHXKmrKWTi5atsUi+LMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA5OGMwY2MzLWJlMDYtNDZiOS04NmUyLWFlYjk5OTg1ZGQwNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGn/jAMA0GCSqGSIb3DQEBCwUAA4IBAQBkX+sU/rZ/js6lTcFJR+Ue 3OpKgkwcdAIK7TjDO+SYvLH/sxe6d6oi+8qjlLHf8ZKBr3m4ilD1Km29nKZsDW+n kEcrFMCxVdwh7OeLjzgrXv/+//VsRJnjySt1PIs64pMKMWyxVm7X118iVUF7Ig0C Q9GYWQa2RnLVKC82LVjVfy1R+UbK5lCQUXEGmK5MXeYYapSdhfuz2S9J29zMg1A/ O1QUrLH9OTS7yLNGk0+wwIJBz2Rkd+Wa529iD+i+IuFpdrvnryuoYIw/Xj9TwyBV gcuBriB10IpD5HyL5PPHzHyf8p8RMxu7j19bVEuCYqVs0ROoJVvK6X8FztGc2rpf -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:15 2025 by rpki-client