$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa File: 25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa (raw, json) Hash identifier: y3DUntKbHJ7Q1vzNE0PykWCu998OcuQoV/Nt6IAJAuE= Subject key identifier: DC:CD:CA:E5:5F:14:FB:58:C7:53:E3:67:97:52:88:60:5E:15:04:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01CA059CF06C28977EC8B0E98A02C9E60C9328C4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa Signing time: Tue 03 Jun 2025 00:00:15 +0000 ROA not before: Tue 03 Jun 2025 00:00:15 +0000 ROA not after: Tue 08 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:ca:05:9c:f0:6c:28:97:7e:c8:b0:e9:8a:02:c9:e6:0c:93:28:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 3 00:00:15 2025 GMT Not After : Jul 8 23:59:59 2025 GMT Subject: serialNumber=03a0e8fe34b1788b903d49ae8bf48dff05c450c68d97c5b7a262e71978bb305e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:cd:5c:9b:4a:31:42:94:36:12:7d:c6:d2:f2: d2:e5:1f:40:f4:f4:31:a3:ab:82:ce:e5:fe:3d:62: 5e:c0:6f:26:f3:c3:ec:a9:6c:de:3f:f2:f5:44:65: 9d:d3:83:5c:ac:da:63:9f:fd:b0:2c:26:09:e4:aa: 16:5f:1c:4c:d7:4c:4a:98:dd:0a:33:f3:ee:8d:08: 26:4d:97:5e:9c:bf:3e:29:73:80:f7:3b:58:c8:b7: cc:dc:21:5c:4f:3b:24:4a:1e:a0:34:67:21:98:e9: e8:01:dd:36:b7:de:09:1e:cb:03:6d:f7:7b:97:f7: b9:54:47:57:30:18:6d:1c:10:43:90:28:f4:b2:fd: 6b:83:9d:e1:6b:d8:52:f1:93:cb:3b:34:81:97:cb: a6:4d:40:e9:89:4a:e2:4d:1c:d6:eb:51:7e:6f:fd: c8:d4:90:b2:1b:95:a6:87:cc:bf:fb:13:1e:50:6c: 2a:30:0a:d3:88:50:2c:a8:45:92:b0:51:d6:30:36: 65:7e:47:19:9d:80:93:d3:e8:ea:89:62:1b:e1:0b: a7:8c:0b:86:59:f9:64:17:80:0c:e8:24:e8:72:2b: 0b:9d:ec:32:87:d1:46:4b:4d:5f:d0:c6:c0:1b:4a: 47:e8:28:05:75:11:54:b6:dd:f6:ed:cb:7f:c1:fb: 3b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:CD:CA:E5:5F:14:FB:58:C7:53:E3:67:97:52:88:60:5E:15:04:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.70.0/24 Signature Algorithm: sha256WithRSAEncryption 68:98:2f:9a:83:9e:d0:42:f5:d4:c5:1f:d8:98:fc:3d:28:6e: 19:a4:22:b9:9b:a1:3c:08:95:5e:e5:2c:0e:87:19:c7:2e:98: d0:c1:30:b3:2c:46:1f:81:53:dd:87:e8:95:6a:2a:93:23:d3: 22:59:4f:e4:54:f1:39:b4:c9:df:15:e0:4d:02:bf:b4:63:66: 0b:c4:6d:7b:56:f9:8c:f8:a8:a2:6c:4a:0c:bc:f9:47:87:a4: ba:72:6c:04:26:0b:d4:a0:4b:0b:98:66:2f:e5:2c:37:bc:a2: 3f:aa:f9:55:01:d2:f2:e8:25:03:60:73:03:c0:0c:51:20:8a: 66:a3:74:85:f7:d8:84:d2:23:15:51:0d:44:c0:65:92:a3:63: 25:c1:6d:f7:80:5c:a5:60:79:22:24:c8:33:5d:94:7a:70:5a: 28:1d:37:9c:4e:6c:83:72:d8:d1:8e:c4:3f:e9:b8:cd:c1:59: ec:26:2d:66:7f:36:17:8a:de:c8:bb:42:b5:ac:bd:f6:9d:a2: 69:78:14:ac:1b:dd:76:c4:03:40:d4:b4:f8:f2:7a:b8:eb:86: 00:41:d5:b9:a3:e6:0c:7c:26:06:f3:7a:8a:8d:df:8a:75:42: bd:8c:1b:59:8c:ba:06:81:62:6f:5c:a2:35:2c:69:87:65:83: 67:2e:03:51 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAcoFnPBsKJd+yLDpigLJ5gyTKMQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMzAwMDAxNVoX DTI1MDcwODIzNTk1OVowejFJMEcGA1UEBRNAMDNhMGU4ZmUzNGIxNzg4YjkwM2Q0 OWFlOGJmNDhkZmYwNWM0NTBjNjhkOTdjNWI3YTI2MmU3MTk3OGJiMzA1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM1cm0oxQpQ2En3G0vLS5R9A9PQx o6uCzuX+PWJewG8m88PsqWzeP/L1RGWd04NcrNpjn/2wLCYJ5KoWXxxM10xKmN0K M/PujQgmTZdenL8+KXOA9ztYyLfM3CFcTzskSh6gNGchmOnoAd02t94JHssDbfd7 l/e5VEdXMBhtHBBDkCj0sv1rg53ha9hS8ZPLOzSBl8umTUDpiUriTRzW61F+b/3I 1JCyG5Wmh8y/+xMeUGwqMArTiFAsqEWSsFHWMDZlfkcZnYCT0+jqiWIb4QunjAuG WflkF4AM6CTocisLnewyh9FGS01f0MbAG0pH6CgFdRFUtt327ct/wfs7IQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNzNyuVfFPtYx1PjZ5dSiGBeFQQRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1ZTA0YzVkLTRhZTktNDQ3MC04MTM4LWRlYTFlOGIzMTYwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RGMA0GCSqGSIb3DQEBCwUAA4IBAQBomC+ag57QQvXUxR/YmPw9 KG4ZpCK5m6E8CJVe5SwOhxnHLpjQwTCzLEYfgVPdh+iVaiqTI9MiWU/kVPE5tMnf FeBNAr+0Y2YLxG17VvmM+KiibEoMvPlHh6S6cmwEJgvUoEsLmGYv5Sw3vKI/qvlV AdLy6CUDYHMDwAxRIIpmo3SF99iE0iMVUQ1EwGWSo2MlwW33gFylYHkiJMgzXZR6 cFooHTecTmyDctjRjsQ/6bjNwVnsJi1mfzYXit7Iu0K1rL32naJpeBSsG912xANA 1LT48nq464YAQdW5o+YMfCYG83qKjd+KdUK9jBtZjLoGgWJvXKI1LGmHZYNnLgNR -----END CERTIFICATE-----Generated at Tue Jun 3 23:31:33 2025 by rpki-client