$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: +FOBi/z2I7VBVf7AMNc4UhpJtSv9/MspRRMAA2EL5Go= Subject key identifier: 44:D9:8D:A0:89:F9:75:F1:DC:5C:BE:05:75:23:1E:2D:EC:37:30:DA Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 079020A5CC349AE4761E285CB9E202DBCF7935F6 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Wed 02 Jul 2025 00:00:40 +0000 ROA not before: Wed 02 Jul 2025 00:00:40 +0000 ROA not after: Wed 06 Aug 2025 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Jul 2025 00:02:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:90:20:a5:cc:34:9a:e4:76:1e:28:5c:b9:e2:02:db:cf:79:35:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jul 2 00:00:40 2025 GMT Not After : Aug 6 23:59:59 2025 GMT Subject: serialNumber=51d3aec25a9a94434f2ff981b0eddc7eb7f29211c762e55fd14a7d55567482af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:4e:91:fd:4a:b7:fd:02:8f:06:eb:71:32:c9: fd:19:fe:d6:90:8b:f6:c0:03:0e:02:ba:ad:b4:a6: de:08:0f:61:6b:41:26:6f:98:b0:cf:55:27:a7:e1: a2:c3:9d:e3:04:e1:5d:c6:58:cb:68:b3:b2:2f:d0: 43:57:88:36:da:b4:17:9c:a9:9e:c8:83:dc:10:da: 6b:65:16:2e:dd:bd:e7:31:bf:75:2a:32:08:85:f7: 0e:76:b7:35:77:d2:40:f0:64:4f:30:01:d0:66:a9: 07:fc:47:30:ca:ac:95:f0:f2:5a:82:a8:a5:a1:5b: 96:53:83:0e:36:67:08:4a:37:b2:4c:11:92:25:0d: 23:af:0a:4a:67:fc:e6:db:bc:df:d3:8d:6b:18:9c: be:a1:c9:b9:1f:84:2f:16:bf:58:b5:be:c8:1f:12: a8:37:f0:ee:89:05:74:0f:39:04:99:60:da:a7:70: d2:94:de:9b:f6:0f:0e:7d:e0:19:a7:2c:03:b1:18: fc:f8:5f:4d:8b:99:fc:2b:6f:d1:f8:d8:60:93:89: 74:11:23:5d:51:27:c1:fb:4f:5d:04:2b:0f:36:30: f3:dc:b7:f3:de:be:b1:89:b1:8f:4d:da:35:a0:80: 48:d8:df:68:61:34:be:df:76:04:ab:2b:42:d2:e8: e4:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:D9:8D:A0:89:F9:75:F1:DC:5C:BE:05:75:23:1E:2D:EC:37:30:DA X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 08:f9:ec:9e:85:f9:09:0a:93:f0:c5:fe:7d:6f:ef:90:33:9b: d6:3e:c0:c2:e9:02:cf:58:11:aa:80:bc:84:49:f5:cd:c3:23: b4:48:ab:98:d9:c4:89:b6:43:23:8f:3f:8e:d8:26:cc:48:40: b3:ea:8e:d2:56:6a:73:ea:86:3a:6c:03:aa:f1:c3:d5:17:46: 52:8a:b4:70:b4:18:7a:eb:dc:06:61:39:ae:93:01:28:04:ea: cb:c0:02:76:01:e1:36:18:dd:b7:aa:01:a1:82:98:09:ca:a5: 5b:f4:d9:df:d2:9a:c8:42:a3:cd:b7:f5:d3:17:c7:1e:b6:73: 04:45:2e:66:9d:2e:4e:47:c5:1e:a4:77:d4:ce:b7:72:1a:54: a9:6f:f6:8d:b1:41:a1:88:6c:75:71:52:ac:02:73:45:25:03: 79:61:67:8e:d1:16:ef:f5:46:90:42:09:16:78:06:4c:30:1f: 0e:76:3b:bf:03:71:44:80:d9:79:2d:70:2b:75:0d:35:6d:f3: 36:c6:7f:5f:92:7f:b0:0f:78:00:ec:f5:9c:81:62:21:27:59: b4:0c:35:8c:bc:bc:4a:d1:0e:db:ad:6c:30:cb:ff:c9:f5:bb: a7:77:6b:0b:88:ba:d2:2b:8b:f8:21:ad:ea:0d:84:ba:02:ed: e9:4a:a1:db -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUB5Agpcw0muR2HihcueIC2895NfYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDcwMjAwMDA0MFoX DTI1MDgwNjIzNTk1OVowejFJMEcGA1UEBRNANTFkM2FlYzI1YTlhOTQ0MzRmMmZm OTgxYjBlZGRjN2ViN2YyOTIxMWM3NjJlNTVmZDE0YTdkNTU1Njc0ODJhZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E6R/Uq3/QKPButxMsn9Gf7WkIv2 wAMOArqttKbeCA9ha0Emb5iwz1Unp+Giw53jBOFdxljLaLOyL9BDV4g22rQXnKme yIPcENprZRYu3b3nMb91KjIIhfcOdrc1d9JA8GRPMAHQZqkH/EcwyqyV8PJagqil oVuWU4MONmcISjeyTBGSJQ0jrwpKZ/zm27zf041rGJy+ocm5H4QvFr9Ytb7IHxKo N/DuiQV0DzkEmWDap3DSlN6b9g8OfeAZpywDsRj8+F9Ni5n8K2/R+Nhgk4l0ESNd USfB+09dBCsPNjDz3Lfz3r6xibGPTdo1oIBI2N9oYTS+33YEqytC0ujkUwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFETZjaCJ+XXx3Fy+BXUjHi3sNzDaMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQAI+eyehfkJCpPwxf59b++Q M5vWPsDC6QLPWBGqgLyESfXNwyO0SKuY2cSJtkMjjz+O2CbMSECz6o7SVmpz6oY6 bAOq8cPVF0ZSirRwtBh669wGYTmukwEoBOrLwAJ2AeE2GN23qgGhgpgJyqVb9Nnf 0prIQqPNt/XTF8cetnMERS5mnS5OR8UepHfUzrdyGlSpb/aNsUGhiGx1cVKsAnNF JQN5YWeO0Rbv9UaQQgkWeAZMMB8Odju/A3FEgNl5LXArdQ01bfM2xn9fkn+wD3gA 7PWcgWIhJ1m0DDWMvLxK0Q7brWwwy//J9bund2sLiLrSK4v4Ia3qDYS6Au3pSqHb -----END CERTIFICATE-----Generated at Tue Jul 8 12:15:46 2025 by rpki-client