$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa File: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (raw, json) Hash identifier: VYgbcz/c1v2CBvYkg1M5Y4g84u52XU8NwnL29sNomMY= Subject key identifier: B4:94:17:CD:A4:E4:64:CB:3E:EA:2F:A4:75:46:BF:A7:0E:3D:47:95 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 01838F8072C65807E25F18F04DCE68D94280185A Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa Signing time: Wed 09 Jul 2025 00:00:09 +0000 ROA not before: Wed 09 Jul 2025 00:00:09 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:83:8f:80:72:c6:58:07:e2:5f:18:f0:4d:ce:68:d9:42:80:18:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jul 9 00:00:09 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=7c69543acdafb0b170aaefbabc306118e712b2212e39509da91363df6c3548fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:d9:66:ac:ab:51:aa:a4:35:e7:9a:45:0a:6f: ce:24:d9:13:34:52:db:78:94:ac:ee:5d:2c:97:59: 01:16:35:7b:c9:93:cf:30:a7:21:f4:e5:45:6c:17: b9:e6:47:78:7d:d6:7c:42:8f:96:60:d3:1b:93:05: 35:83:f1:3f:c2:1d:81:3b:38:93:f8:c8:9f:68:8f: 47:dd:e7:a9:3a:e5:47:f6:64:ed:aa:1b:37:ac:50: b1:c1:4e:40:55:49:38:5f:1a:a3:fc:8a:79:0e:3c: 76:2f:16:27:24:65:98:22:63:8e:9e:60:44:95:60: c1:44:8c:65:73:9d:8c:de:1a:cf:e3:13:01:0e:75: 72:9f:a2:88:84:9c:39:e3:32:78:10:e4:cb:3b:99: da:3c:21:ea:c1:dd:5e:1f:0a:5b:d2:bb:5c:eb:f6: af:38:77:45:b2:28:89:87:bb:33:98:9f:cd:f2:d5: 72:e4:03:50:1d:55:f9:2f:4c:9d:ba:f8:56:70:a8: f8:78:55:27:b2:58:3e:a4:a2:c6:01:4a:9c:95:24: 44:43:b7:d2:23:8d:1f:c0:cf:72:8e:f7:12:51:0d: 4a:ee:31:24:5a:f5:47:19:bf:45:23:ec:24:ed:d2: fa:40:31:22:d2:08:c0:34:41:33:80:f1:63:c8:75: b8:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:94:17:CD:A4:E4:64:CB:3E:EA:2F:A4:75:46:BF:A7:0E:3D:47:95 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 61:5c:0b:19:be:39:c3:99:56:09:fc:71:77:26:a8:46:bf:29: 1d:ba:be:be:4b:ec:ad:61:df:33:63:2d:ba:e0:fe:c8:a8:74: 49:56:da:cc:68:9f:b6:c7:1f:52:82:75:27:e3:86:f1:e1:79: e5:cb:bb:81:2e:44:1f:2e:70:4f:d0:07:dd:fd:20:4e:d5:4d: 3b:6b:bd:3f:cc:2f:33:f7:33:cf:c5:90:cc:68:0b:3d:bf:68: 4b:21:27:a8:61:0b:a7:15:ca:d9:f3:92:2c:2e:72:5e:33:56: 32:cb:ba:20:4f:16:35:df:a3:08:e0:e3:49:6d:86:a1:2d:85: 40:56:2d:3d:86:25:e1:14:ae:66:34:a6:c3:22:0a:67:74:1e: aa:52:fe:4e:ad:0c:0b:d0:a0:dc:18:e6:4f:9c:93:99:cc:c4: dc:22:e6:90:76:ad:01:e8:ac:a2:bf:48:9a:15:6a:bf:fe:0e: 1d:30:c1:8a:aa:8c:e0:ac:48:92:73:7d:46:e9:38:18:88:03: ab:bd:92:1b:f2:2b:f0:89:b3:09:d3:10:4b:e6:43:46:4f:24: 70:e6:9f:5a:07:4d:f9:d6:bf:65:25:00:2b:ed:93:86:c2:1a: 70:ab:dc:a3:cc:78:00:5a:e6:cb:e6:1c:5d:89:0b:bd:2d:6d: d1:a8:4c:04 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAYOPgHLGWAfiXxjwTc5o2UKAGFowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDcwOTAwMDAwOVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAN2M2OTU0M2FjZGFmYjBiMTcwYWFl ZmJhYmMzMDYxMThlNzEyYjIyMTJlMzk1MDlkYTkxMzYzZGY2YzM1NDhmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndlmrKtRqqQ155pFCm/OJNkTNFLb eJSs7l0sl1kBFjV7yZPPMKch9OVFbBe55kd4fdZ8Qo+WYNMbkwU1g/E/wh2BOziT +MifaI9H3eepOuVH9mTtqhs3rFCxwU5AVUk4Xxqj/Ip5Djx2LxYnJGWYImOOnmBE lWDBRIxlc52M3hrP4xMBDnVyn6KIhJw54zJ4EOTLO5naPCHqwd1eHwpb0rtc6/av OHdFsiiJh7szmJ/N8tVy5ANQHVX5L0yduvhWcKj4eFUnslg+pKLGAUqclSREQ7fS I40fwM9yjvcSUQ1K7jEkWvVHGb9FI+wk7dL6QDEi0gjANEEzgPFjyHW4EwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLSUF82k5GTLPuovpHVGv6cOPUeVMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjYjNlOWY5LTQ2YTItNDFlYi1hNGI3LTc1YjUzZDc5MWYzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQBhXAsZvjnDmVYJ/HF3JqhG vykdur6+S+ytYd8zYy264P7IqHRJVtrMaJ+2xx9SgnUn44bx4Xnly7uBLkQfLnBP 0Afd/SBO1U07a70/zC8z9zPPxZDMaAs9v2hLISeoYQunFcrZ85IsLnJeM1Yyy7og TxY136MI4ONJbYahLYVAVi09hiXhFK5mNKbDIgpndB6qUv5OrQwL0KDcGOZPnJOZ zMTcIuaQdq0B6Kyiv0iaFWq//g4dMMGKqozgrEiSc31G6TgYiAOrvZIb8ivwibMJ 0xBL5kNGTyRw5p9aB0351r9lJQAr7ZOGwhpwq9yjzHgAWubL5hxdiQu9LW3RqEwE -----END CERTIFICATE-----Generated at Mon Jul 21 00:00:34 2025 by rpki-client