$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json) Hash identifier: qCbETJk0yP1VwI8kNGdFus/625iKC0/ke4q4FuEvYOw= Subject key identifier: 5F:0E:81:51:9D:79:09:07:4D:7E:82:DA:31:EA:95:97:28:32:8B:78 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4488B078D25E7A295A371D1BF9259F58B75B9231 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa Signing time: Fri 16 May 2025 16:00:50 +0000 ROA not before: Fri 16 May 2025 16:00:50 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 00:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:88:b0:78:d2:5e:7a:29:5a:37:1d:1b:f9:25:9f:58:b7:5b:92:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 16:00:50 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=52c51c5736629872e09b077732fd49398fb6448e3424a1068d969ac32b83f007, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:77:0e:56:88:38:cd:41:51:21:c4:e5:c9:ab: 00:41:f9:67:ee:f1:5c:5c:ed:62:ef:51:bc:24:dd: 4d:e4:e8:34:c4:79:51:34:ff:bc:2d:6e:7c:53:a6: 69:e3:17:ef:ac:dd:e9:d2:f3:91:88:0a:02:94:54: 67:43:fc:21:83:46:ae:a5:51:f7:a9:f2:58:30:9f: 2a:4c:51:5b:a4:59:35:5b:ec:a6:4e:68:8a:cd:74: 6d:3a:40:6c:e7:63:0a:75:3f:b7:4c:90:de:ae:57: ff:10:04:e3:f4:4e:21:87:11:7e:84:d4:66:6f:94: 05:10:b4:72:ab:d7:64:34:6b:96:20:0f:76:ac:d0: ec:bf:52:fc:5d:8c:cd:15:0b:02:cc:ad:06:95:5b: 17:6f:d9:05:20:6d:ba:e2:91:61:16:2b:a1:20:8b: 6d:1b:1f:e0:4d:3b:5d:b5:5f:31:78:e7:02:c7:42: 48:cf:d7:c6:b4:62:29:e5:e9:a6:98:10:ea:41:3b: 7c:be:d2:7f:a6:62:30:95:70:94:ba:6b:49:ff:a1: 0e:fa:84:05:15:65:40:5d:18:50:a4:ee:ba:f7:bb: a4:24:10:c5:16:22:cf:59:87:6e:c5:25:64:07:d0: 79:b0:20:41:5f:18:90:45:f7:fa:9d:8c:6b:36:c0: b9:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:0E:81:51:9D:79:09:07:4D:7E:82:DA:31:EA:95:97:28:32:8B:78 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7c:ac:b4:85:12:96:05:36:bc:73:09:c5:dc:bc:f5:c3:d7:ba: 3b:2d:b5:33:50:9d:b1:5e:b8:ed:4a:1f:f0:aa:48:59:3a:98: 2e:6c:c1:ab:f5:e1:94:98:3c:db:66:ad:34:70:40:c1:2d:45: 37:47:f1:f6:87:71:38:c8:dd:81:3e:df:98:aa:9e:f2:a0:50: c3:4a:89:aa:c0:80:ff:54:a5:4a:4f:bd:3a:78:0c:5c:e3:88: 1f:26:ed:09:c1:eb:57:6a:ba:42:28:e5:db:3b:e2:2b:98:e8: 21:97:e9:95:3f:ac:5f:eb:5c:7e:9b:56:57:86:23:39:d6:57: fc:23:ee:bb:b7:5a:98:b4:c1:47:18:49:48:6b:e6:50:ae:de: b7:6c:b9:63:1c:7e:a8:ae:f7:2c:66:d1:fb:52:79:f8:70:fa: 03:2c:6a:82:b6:12:d7:48:26:b5:e5:f6:52:de:b6:1d:15:96: 18:62:a2:74:68:23:12:e8:ad:f1:28:b6:3c:ef:8d:f5:f7:34: 3d:94:b3:a4:ad:89:91:ed:d9:3e:85:74:06:33:c4:e7:a4:f7: 23:14:4f:14:62:32:a8:80:e4:1f:c0:e2:ff:09:a0:d2:d4:71: 87:18:a5:a6:ba:20:8d:62:90:88:61:aa:80:17:47:a3:ca:96: b8:b2:28:2c -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIURIiweNJeeilaNx0b+SWfWLdbkjEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE2MDA1MFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANTJjNTFjNTczNjYyOTg3MmUwOWIw Nzc3MzJmZDQ5Mzk4ZmI2NDQ4ZTM0MjRhMTA2OGQ5NjlhYzMyYjgzZjAwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3cOVog4zUFRIcTlyasAQfln7vFc XO1i71G8JN1N5Og0xHlRNP+8LW58U6Zp4xfvrN3p0vORiAoClFRnQ/whg0aupVH3 qfJYMJ8qTFFbpFk1W+ymTmiKzXRtOkBs52MKdT+3TJDerlf/EATj9E4hhxF+hNRm b5QFELRyq9dkNGuWIA92rNDsv1L8XYzNFQsCzK0GlVsXb9kFIG264pFhFiuhIItt Gx/gTTtdtV8xeOcCx0JIz9fGtGIp5emmmBDqQTt8vtJ/pmIwlXCUumtJ/6EO+oQF FWVAXRhQpO6697ukJBDFFiLPWYduxSVkB9B5sCBBXxiQRff6nYxrNsC5SQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFF8OgVGdeQkHTX6C2jHqlZcoMot4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAHystIUSlgU2vHMJxdy89cPX ujsttTNQnbFeuO1KH/CqSFk6mC5swav14ZSYPNtmrTRwQMEtRTdH8faHcTjI3YE+ 35iqnvKgUMNKiarAgP9UpUpPvTp4DFzjiB8m7QnB61dqukIo5ds74iuY6CGX6ZU/ rF/rXH6bVleGIznWV/wj7ru3Wpi0wUcYSUhr5lCu3rdsuWMcfqiu9yxm0ftSefhw +gMsaoK2EtdIJrXl9lLeth0VlhhionRoIxLorfEotjzvjfX3ND2Us6StiZHt2T6F dAYzxOek9yMUTxRiMqiA5B/A4v8JoNLUcYcYpaa6II1ikIhhqoAXR6PKlriyKCw= -----END CERTIFICATE-----Generated at Thu Jun 5 18:20:20 2025 by rpki-client