$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa File: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (raw, json) Hash identifier: 5YijxIX9ngseBpWgEXEtOJrJ/ZAQOXITkJJZXaF7RnQ= Subject key identifier: D7:A7:DC:DD:86:FC:56:50:50:68:D1:C8:FD:41:69:E3:A9:25:AD:42 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 04EDB8FD30292EECDFC1A39CAEAA6D15A9EBA774 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa Signing time: Tue 20 May 2025 00:00:42 +0000 ROA not before: Tue 20 May 2025 00:00:42 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:ed:b8:fd:30:29:2e:ec:df:c1:a3:9c:ae:aa:6d:15:a9:eb:a7:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 20 00:00:42 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=bd7b3b5a4fc5b0db66077e5d09792c544c2f42a6daa2fd5f27104fe5a8d8c7d4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c8:61:92:4e:1a:53:72:c7:a1:c6:1b:f8:4f: f6:9d:1b:b4:68:ef:aa:16:27:ec:af:fb:53:33:cb: e2:0d:74:c6:30:60:af:21:79:45:68:bf:af:1a:98: 26:b8:55:d3:91:00:08:e0:86:cc:01:5d:28:7c:f6: 14:fc:2e:1a:a0:13:87:2b:2b:f6:53:34:57:10:ca: d9:1e:0a:f1:17:37:92:ab:67:37:0a:25:a0:74:3b: 10:12:7f:7d:8c:17:3a:8d:4d:4d:18:96:73:cb:3a: 33:ae:af:e9:e6:b0:9e:df:ba:75:87:0e:58:ec:ba: 00:60:57:ed:f9:6f:5b:4c:37:f7:3a:ff:d4:8b:51: ed:49:2c:ae:e9:30:ee:ea:e6:a6:29:cb:19:5f:d7: ed:16:c9:97:92:fa:0f:16:76:84:a0:c7:06:39:88: f4:88:a0:8d:eb:e2:f5:b5:64:9d:f5:4f:a1:9f:c7: aa:c2:a7:3e:3b:3f:22:a8:63:83:a4:80:34:dd:dd: 54:7e:59:7e:1a:fe:3e:56:65:73:42:13:c4:89:07: 80:42:06:0e:43:19:8c:b9:e8:3e:15:31:b9:b1:59: 81:79:c4:c2:4a:37:1d:28:a1:86:08:54:c4:ee:63: 01:6b:0d:ae:cc:80:22:89:a8:1a:b8:8d:34:e5:45: ae:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A7:DC:DD:86:FC:56:50:50:68:D1:C8:FD:41:69:E3:A9:25:AD:42 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 2e:6f:be:87:8d:52:64:0c:80:a4:96:0f:d7:c0:75:30:16:c3: f2:1a:c3:e2:e0:12:31:d6:da:43:4d:63:b5:75:0f:be:5c:c5: b8:a4:06:1e:4f:e7:95:37:e6:46:8d:dd:45:3c:50:9d:2e:bb: 53:4d:94:44:0b:8d:dd:8c:55:05:af:43:46:b9:8e:2f:8a:d8: 65:2e:a9:a6:c4:7a:04:87:74:30:37:5f:44:45:2b:04:8b:03: fe:39:c0:d3:b2:5c:16:51:ff:b1:60:6c:08:3a:8b:9c:36:39: 33:a3:64:19:1c:b1:e5:c2:7c:89:22:b1:55:95:20:99:e3:c0: 40:f7:06:25:f8:58:71:fa:78:2a:c1:c5:95:6e:3a:7e:49:46: ef:28:da:12:c4:14:68:c2:20:48:0a:71:9b:24:6f:b3:4d:1a: 50:cd:12:19:ca:b8:de:cd:f3:89:25:e2:d0:8b:6f:b1:9a:f9: 7a:f5:72:10:5b:cb:96:2d:e0:cc:42:74:fc:6c:0a:99:a6:d2: 39:f7:0c:9d:78:ce:15:e4:d0:1a:81:72:22:14:c4:22:4d:66: fd:67:03:bb:8e:1a:6f:22:9b:26:15:c8:43:58:03:5c:31:b7: 4a:4a:4b:1b:ab:6b:95:5e:d5:62:e6:3f:5b:da:97:bb:c3:8f: ee:18:c9:60 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBO24/TApLuzfwaOcrqptFanrp3QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUyMDAwMDA0MloX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAYmQ3YjNiNWE0ZmM1YjBkYjY2MDc3 ZTVkMDk3OTJjNTQ0YzJmNDJhNmRhYTJmZDVmMjcxMDRmZTVhOGQ4YzdkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAushhkk4aU3LHocYb+E/2nRu0aO+q Fifsr/tTM8viDXTGMGCvIXlFaL+vGpgmuFXTkQAI4IbMAV0ofPYU/C4aoBOHKyv2 UzRXEMrZHgrxFzeSq2c3CiWgdDsQEn99jBc6jU1NGJZzyzozrq/p5rCe37p1hw5Y 7LoAYFft+W9bTDf3Ov/Ui1HtSSyu6TDu6uamKcsZX9ftFsmXkvoPFnaEoMcGOYj0 iKCN6+L1tWSd9U+hn8eqwqc+Oz8iqGODpIA03d1Ufll+Gv4+VmVzQhPEiQeAQgYO QxmMueg+FTG5sVmBecTCSjcdKKGGCFTE7mMBaw2uzIAiiagauI005UWuhQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNen3N2G/FZQUGjRyP1BaeOpJa1CMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJlNDBlZTBiLTlhYTktNDkxOS1hMDc5LTk3MTIyMTJlMTI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/joMA0GCSqGSIb3DQEBCwUAA4IBAQAub76HjVJkDICklg/XwHUw FsPyGsPi4BIx1tpDTWO1dQ++XMW4pAYeT+eVN+ZGjd1FPFCdLrtTTZREC43djFUF r0NGuY4vithlLqmmxHoEh3QwN19ERSsEiwP+OcDTslwWUf+xYGwIOoucNjkzo2QZ HLHlwnyJIrFVlSCZ48BA9wYl+Fhx+ngqwcWVbjp+SUbvKNoSxBRowiBICnGbJG+z TRpQzRIZyrjezfOJJeLQi2+xmvl69XIQW8uWLeDMQnT8bAqZptI59wydeM4V5NAa gXIiFMQiTWb9ZwO7jhpvIpsmFchDWANcMbdKSksbq2uVXtVi5j9b2pe7w4/uGMlg -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:58 2025 by rpki-client