$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa File: 35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa (raw, json) Hash identifier: ONKpEhnJR5csrG1ZfLqqbcfMdR8mLQ4QC8thZDsyg1k= Subject key identifier: 9D:24:39:97:43:E7:D6:7D:4A:D5:D6:D2:98:70:E6:A4:8B:36:42:66 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5550D783CA31C01E75E03B85DDB5964B1B8B2749 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa Signing time: Fri 16 May 2025 16:00:52 +0000 ROA not before: Fri 16 May 2025 16:00:52 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.200.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:50:d7:83:ca:31:c0:1e:75:e0:3b:85:dd:b5:96:4b:1b:8b:27:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 16:00:52 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=5d6216475f889f035076bc24ad5cc536017288946cc735229f6696d809aa0a8c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:6e:7b:8a:cf:46:5f:10:07:8f:42:d5:80:87: 02:00:bc:6d:ea:ac:e6:c2:72:71:4c:17:7f:46:98: 01:3b:ab:2b:86:5a:8e:06:fa:e2:7c:8d:73:2b:14: c2:00:eb:c8:4d:ab:e6:31:69:0c:49:c3:f4:0d:26: 1e:f5:5d:46:d1:64:6a:e8:28:34:b7:ed:14:92:69: 01:ec:a2:c7:da:2b:2e:07:06:11:71:ea:2c:f7:70: a0:e7:57:39:f0:f6:18:f0:55:a5:f3:6a:c8:3f:62: 53:7b:cb:5d:8c:8b:ca:be:40:62:66:45:9a:5e:0c: 6e:40:79:11:f8:57:3f:c8:6f:6c:ff:18:42:eb:c2: 36:59:42:96:ed:dc:96:c6:b8:b0:b9:06:a5:7d:ae: c0:86:1f:67:b6:8d:3b:50:15:64:62:23:80:8c:af: fc:43:56:e9:81:b6:9e:44:34:f2:dc:20:20:ae:c9: d5:9f:a0:f7:a3:3a:ec:1e:01:ad:a9:4b:99:17:bd: 76:d1:70:ed:8f:e8:91:cf:aa:9b:67:b0:b6:44:a9: 74:58:3b:02:1b:db:13:e8:39:2d:71:59:20:a5:7b: bf:1d:0a:fd:87:2a:bb:2b:66:76:9f:4e:6a:95:f3: 23:6f:a8:96:dd:3d:6d:13:2e:6e:4c:83:59:02:22: ce:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:24:39:97:43:E7:D6:7D:4A:D5:D6:D2:98:70:E6:A4:8B:36:42:66 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.200.0.0/13 Signature Algorithm: sha256WithRSAEncryption 82:64:69:57:71:ee:aa:8c:da:fc:87:26:25:07:7b:fe:71:4d: a2:30:f5:8c:9f:8d:c0:a1:b3:3e:8a:9d:18:c1:29:92:c2:f2: a0:86:9d:95:ab:30:7b:6d:0f:76:7b:b6:b1:3f:ae:f8:ae:0f: fa:5f:68:6b:01:24:72:5e:8e:28:f9:a2:dc:71:b9:f1:c5:83: 3c:41:6b:86:62:7b:92:f1:67:c6:b9:f8:cd:9c:81:42:76:c9: 68:0a:9e:12:1d:00:f9:61:66:52:65:dd:31:2a:08:cd:f3:d7: 84:52:b9:23:bb:69:ec:16:ea:42:af:f4:fd:7b:ec:81:61:5e: 53:35:e4:98:87:24:7f:0b:ff:fd:27:52:f0:66:88:72:e4:f0: f3:74:45:0d:70:7a:56:61:69:4e:a6:cb:55:90:cb:9c:70:d1: 34:8d:98:c3:ad:9c:fd:1a:01:c5:13:c1:ea:2e:26:3f:2e:06: fc:24:1c:bf:1f:0d:91:74:68:b5:1a:71:ad:fe:08:68:8e:bc: f0:7c:b1:b7:e5:1d:bd:e5:60:4e:ec:5d:e7:96:96:1b:b2:36: 29:51:e1:1b:a1:d7:ca:45:14:30:ee:8c:65:8b:36:f0:c8:ed: 48:e6:5c:a7:60:e2:04:75:9d:c7:7e:4a:67:1b:45:ea:a6:cc: 2b:8d:c1:94 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUVVDXg8oxwB514DuF3bWWSxuLJ0kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE2MDA1MloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANWQ2MjE2NDc1Zjg4OWYwMzUwNzZi YzI0YWQ1Y2M1MzYwMTcyODg5NDZjYzczNTIyOWY2Njk2ZDgwOWFhMGE4YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0257is9GXxAHj0LVgIcCALxt6qzm wnJxTBd/RpgBO6srhlqOBvrifI1zKxTCAOvITavmMWkMScP0DSYe9V1G0WRq6Cg0 t+0UkmkB7KLH2isuBwYRceos93Cg51c58PYY8FWl82rIP2JTe8tdjIvKvkBiZkWa XgxuQHkR+Fc/yG9s/xhC68I2WUKW7dyWxriwuQalfa7Ahh9nto07UBVkYiOAjK/8 Q1bpgbaeRDTy3CAgrsnVn6D3ozrsHgGtqUuZF7120XDtj+iRz6qbZ7C2RKl0WDsC G9sT6DktcVkgpXu/HQr9hyq7K2Z2n05qlfMjb6iW3T1tEy5uTINZAiLOowIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFJ0kOZdD59Z9StXW0phw5qSLNkJmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1ZGZiMzNmLWI3YjktNDAyOC1hZjViLWMzNmJmNTRhNDllOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK8gwDQYJKoZIhvcNAQELBQADggEBAIJkaVdx7qqM2vyHJiUHe/5x TaIw9YyfjcChsz6KnRjBKZLC8qCGnZWrMHttD3Z7trE/rviuD/pfaGsBJHJejij5 otxxufHFgzxBa4Zie5LxZ8a5+M2cgUJ2yWgKnhIdAPlhZlJl3TEqCM3z14RSuSO7 aewW6kKv9P177IFhXlM15JiHJH8L//0nUvBmiHLk8PN0RQ1welZhaU6my1WQy5xw 0TSNmMOtnP0aAcUTweouJj8uBvwkHL8fDZF0aLUaca3+CGiOvPB8sbflHb3lYE7s XeeWlhuyNilR4Ruh18pFFDDujGWLNvDI7UjmXKdg4gR1ncd+SmcbReqmzCuNwZQ= -----END CERTIFICATE-----Generated at Mon Jun 2 06:13:12 2025 by rpki-client