$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: NIj4/9nFBGK+Vn9i148rv3zESFxJslWIzQnP0S133PE= Subject key identifier: 5E:10:78:A9:C9:F6:BA:96:14:13:E2:04:FE:4B:2B:68:88:FE:F1:7B Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 76B6C4EEFEE20E0DD6A2EEB4F84C6B4A7D947058 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Tue 13 May 2025 00:00:40 +0000 ROA not before: Tue 13 May 2025 00:00:40 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:b6:c4:ee:fe:e2:0e:0d:d6:a2:ee:b4:f8:4c:6b:4a:7d:94:70:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 13 00:00:40 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=7d4b1b87650b7f95f242aaad11359a835168ef9e81abb8e25e8c6063d5a99b55, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ae:02:f6:60:22:cf:70:b0:e3:43:4c:d0:c7: e8:1e:a2:ab:bb:02:50:b5:15:4a:74:fe:ae:89:ca: 5d:28:11:38:06:8a:45:ae:3c:9d:1f:7b:1e:22:a8: 66:b7:1e:f7:32:11:73:57:15:d9:2a:3c:05:88:66: 4f:8b:ae:74:35:c9:0c:7a:9b:6c:30:83:6f:02:9d: 9d:63:71:ea:42:1b:73:91:99:a6:90:48:43:dc:a7: 29:ec:60:8c:ba:ac:e7:81:1f:0b:9e:46:b9:4a:7c: 9d:fd:70:9b:90:a9:ab:d5:94:4e:63:0d:c6:72:4e: 71:80:20:c8:78:6d:ae:4d:74:2c:35:42:35:4d:5a: c2:ca:99:d4:98:38:03:20:1b:6b:07:d2:13:a5:53: 0f:9a:85:1b:2e:b3:09:ea:f0:b3:e1:0d:e9:24:e7: 37:a2:5a:72:18:59:68:85:e4:c8:31:0c:4e:9e:b5: ad:a1:f3:85:a2:3c:ea:ef:75:24:25:1b:4d:67:5b: 57:b9:24:ec:26:b1:3d:15:43:d3:aa:74:9b:06:cf: 40:c7:59:24:15:d6:e9:8b:38:b8:d9:e2:e9:b1:b7: 61:79:8e:7d:94:ad:20:13:06:1d:8e:fe:16:4c:c5: 91:18:77:33:73:64:4e:67:ea:fc:e1:3f:25:8c:97: e8:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:10:78:A9:C9:F6:BA:96:14:13:E2:04:FE:4B:2B:68:88:FE:F1:7B X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 16:80:df:70:80:96:30:f3:05:3e:a6:d4:a5:01:6e:bc:8b:40: 7a:75:05:ae:47:41:e5:99:d1:4c:ba:75:ba:2b:49:e6:a1:70: b5:16:2e:bb:88:2c:d0:b9:b9:f5:f8:d5:20:a4:85:93:8e:b4: 9f:40:b6:c1:a2:ce:24:43:45:2a:38:d7:61:63:93:98:0f:2d: 5e:f8:77:87:b3:2b:cd:a1:d0:48:8a:a1:29:bb:c7:8a:ff:fa: a7:57:e1:cd:08:27:16:3f:5a:a5:39:b9:0e:15:72:fd:04:6b: 3f:77:e8:68:e6:6b:06:d5:56:59:fb:38:35:9d:bd:fb:42:90: 22:51:a0:64:71:59:bf:a1:4b:2b:cc:a6:6d:fa:90:ae:5e:9a: 8d:c4:1e:a5:86:21:07:33:29:aa:b9:14:8a:b3:90:19:02:a1: 3d:df:66:c5:95:2a:86:ff:76:52:e6:b9:05:b1:b8:0a:ea:77: 2c:f7:f6:95:5b:3a:41:5f:cb:bc:c3:8b:52:a0:19:03:23:72: 88:e2:3f:1b:05:db:15:50:71:87:e2:88:57:32:3f:ad:56:4a: c9:83:c6:2f:39:f7:b6:4d:6b:bd:db:25:d6:ce:83:d0:a7:ce: 2f:7a:6d:89:19:8a:58:fe:7f:47:ff:51:e9:2f:91:86:ab:8f: 81:8a:3b:80 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUdrbE7v7iDg3Wou60+ExrSn2UcFgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUxMzAwMDA0MFoX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAN2Q0YjFiODc2NTBiN2Y5NWYyNDJh YWFkMTEzNTlhODM1MTY4ZWY5ZTgxYWJiOGUyNWU4YzYwNjNkNWE5OWI1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxq4C9mAiz3Cw40NM0MfoHqKruwJQ tRVKdP6uicpdKBE4BopFrjydH3seIqhmtx73MhFzVxXZKjwFiGZPi650NckMepts MINvAp2dY3HqQhtzkZmmkEhD3Kcp7GCMuqzngR8Lnka5Snyd/XCbkKmr1ZROYw3G ck5xgCDIeG2uTXQsNUI1TVrCypnUmDgDIBtrB9ITpVMPmoUbLrMJ6vCz4Q3pJOc3 olpyGFloheTIMQxOnrWtofOFojzq73UkJRtNZ1tXuSTsJrE9FUPTqnSbBs9Ax1kk Fdbpizi42eLpsbdheY59lK0gEwYdjv4WTMWRGHczc2ROZ+r84T8ljJfoswIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFF4QeKnJ9rqWFBPiBP5LK2iI/vF7MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQAWgN9wgJYw8wU+ptSlAW68 i0B6dQWuR0HlmdFMunW6K0nmoXC1Fi67iCzQubn1+NUgpIWTjrSfQLbBos4kQ0Uq ONdhY5OYDy1e+HeHsyvNodBIiqEpu8eK//qnV+HNCCcWP1qlObkOFXL9BGs/d+ho 5msG1VZZ+zg1nb37QpAiUaBkcVm/oUsrzKZt+pCuXpqNxB6lhiEHMymquRSKs5AZ AqE932bFlSqG/3ZS5rkFsbgK6ncs9/aVWzpBX8u8w4tSoBkDI3KI4j8bBdsVUHGH 4ohXMj+tVkrJg8YvOfe2TWu92yXWzoPQp84vem2JGYpY/n9H/1HpL5GGq4+BijuA -----END CERTIFICATE-----Generated at Tue Jun 3 23:39:36 2025 by rpki-client