$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa File: 245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa (raw, json) Hash identifier: BF9J+iGkXA7qGvOxTP9F3QsijJ0Dcygmz89uD4/QG5s= Subject key identifier: ED:C6:AB:77:E0:7B:26:DC:C3:D4:C7:7B:0C:3A:88:15:3C:1F:33:75 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 705456F0722108006FC1B87A821C4ECE0A93CB90 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa Signing time: Fri 16 May 2025 16:00:09 +0000 ROA not before: Fri 16 May 2025 16:00:09 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:54:56:f0:72:21:08:00:6f:c1:b8:7a:82:1c:4e:ce:0a:93:cb:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 16:00:09 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=0badb20fcddc386e34eda2a99b44a6cd75d0ac6a4002dd99108ec44d38369d2a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:7f:15:38:8a:af:64:5f:c1:8d:a7:9d:3b:24: 54:a4:6c:52:ef:6b:ab:f0:39:be:a8:c3:e3:c1:3f: 19:02:08:5d:07:4f:60:95:00:89:74:1f:e9:a2:4b: 81:06:d2:1b:76:00:9b:94:d9:5f:02:52:5d:de:21: 2a:00:a1:c9:2f:51:9b:c2:69:48:f0:64:ec:9e:b4: 56:5f:02:47:af:4b:52:88:58:f6:13:d9:46:40:3f: 97:67:4a:30:cc:f0:59:00:df:14:4a:0f:76:ed:7d: e5:40:27:54:01:29:fe:8d:b0:46:d7:91:8c:a5:74: 5d:c2:74:a8:f7:5e:f9:aa:50:d1:00:2d:ea:78:dc: 5f:5e:4d:82:86:46:37:80:cd:96:66:0f:86:73:e1: fe:bf:c1:68:30:5a:74:98:e5:b3:a6:da:39:cb:20: 78:17:05:0e:4e:79:44:32:94:a7:58:aa:24:e8:7d: bc:15:0a:f0:74:f4:49:1b:d4:58:02:5d:ab:d5:82: 7e:2c:00:56:41:73:1e:fd:27:69:4b:f6:4f:36:84: ef:1c:7b:ca:a7:14:4c:ca:6a:bb:36:7a:d9:a1:80: b4:8b:38:f6:57:55:ae:07:54:1f:47:ec:2e:d6:8f: 1f:2b:df:d0:0f:04:7c:41:5b:6f:95:6a:d4:d2:a7: 14:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:C6:AB:77:E0:7B:26:DC:C3:D4:C7:7B:0C:3A:88:15:3C:1F:33:75 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.44.0/22 Signature Algorithm: sha256WithRSAEncryption 53:68:c4:6a:ed:8c:bd:c9:77:40:0f:0f:df:13:d6:b4:6d:0f: 97:71:16:3b:50:b2:a3:ce:ad:a9:03:fc:29:80:53:ff:b2:16: 28:43:2d:17:2c:2c:fe:f2:0c:83:e1:32:45:dc:3d:7b:6f:7a: cf:82:bd:1c:78:88:4c:ef:e9:97:d4:84:d2:53:a7:37:b2:53: 2c:d3:78:37:50:a2:5d:a8:a1:27:16:97:c9:75:a0:24:c2:e9: d9:08:24:87:ea:25:7f:ae:e6:bb:c1:7e:d3:73:5d:d8:05:df: 87:f7:b9:f0:6d:30:19:11:2d:d1:b5:7a:57:26:26:4a:5f:2d: 67:ce:62:1a:ab:77:8b:ed:91:3f:1c:c3:e5:32:e9:a0:f3:b9: 68:aa:e1:20:05:b8:15:14:0a:50:20:84:fc:ae:04:fc:77:0c: 89:b6:6d:5d:de:4d:54:02:36:bf:c3:4f:8f:c1:b5:d6:a4:da: bb:b0:88:ff:bf:ba:ca:82:07:d9:ea:2a:57:e4:6d:cd:d8:ac: b9:ac:fc:81:f4:a9:ab:1f:53:ec:77:e7:ec:da:f2:4d:8e:74: dc:89:9f:e9:b8:4a:b7:82:a6:a8:24:56:23:5b:df:2f:4e:f9: 2b:e3:d2:73:f9:bc:52:13:6d:71:ad:20:22:f0:44:ad:00:a6: 65:4a:18:c9 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcFRW8HIhCABvwbh6ghxOzgqTy5AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE2MDAwOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMGJhZGIyMGZjZGRjMzg2ZTM0ZWRh MmE5OWI0NGE2Y2Q3NWQwYWM2YTQwMDJkZDk5MTA4ZWM0NGQzODM2OWQyYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA038VOIqvZF/BjaedOyRUpGxS72ur 8Dm+qMPjwT8ZAghdB09glQCJdB/pokuBBtIbdgCblNlfAlJd3iEqAKHJL1GbwmlI 8GTsnrRWXwJHr0tSiFj2E9lGQD+XZ0owzPBZAN8USg927X3lQCdUASn+jbBG15GM pXRdwnSo9175qlDRAC3qeNxfXk2ChkY3gM2WZg+Gc+H+v8FoMFp0mOWzpto5yyB4 FwUOTnlEMpSnWKok6H28FQrwdPRJG9RYAl2r1YJ+LABWQXMe/SdpS/ZPNoTvHHvK pxRMymq7NnrZoYC0izj2V1WuB1QfR+wu1o8fK9/QDwR8QVtvlWrU0qcU/wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFO3Gq3fgeybcw9THeww6iBU8HzN1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0NWE2NWJiLTU5MWMtNDdiYy04YThjLTZjODZiMDkzZmQ4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQBTaMRq7Yy9yXdADw/fE9a0 bQ+XcRY7ULKjzq2pA/wpgFP/shYoQy0XLCz+8gyD4TJF3D17b3rPgr0ceIhM7+mX 1ITSU6c3slMs03g3UKJdqKEnFpfJdaAkwunZCCSH6iV/rua7wX7Tc13YBd+H97nw bTAZES3RtXpXJiZKXy1nzmIaq3eL7ZE/HMPlMumg87loquEgBbgVFApQIIT8rgT8 dwyJtm1d3k1UAja/w0+PwbXWpNq7sIj/v7rKggfZ6ipX5G3N2Ky5rPyB9KmrH1Ps d+fs2vJNjnTciZ/puEq3gqaoJFYjW98vTvkr49Jz+bxSE21xrSAi8EStAKZlShjJ -----END CERTIFICATE-----Generated at Mon Jun 2 06:15:49 2025 by rpki-client