$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54aae532-b814-42d3-9243-59dc4c838eb1.roa File: 54aae532-b814-42d3-9243-59dc4c838eb1.roa (raw, json) Hash identifier: Qs3eR/xRrx7P3ZnwbzIUaRmromDgPZu3pviCSBbIInA= Subject key identifier: E7:83:C8:92:2E:04:4B:D0:9B:60:D3:47:B0:50:2D:2B:55:F3:BD:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0FA655A7D4329898B77B03A66C700086720B3E95 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54aae532-b814-42d3-9243-59dc4c838eb1.roa Signing time: Mon 19 May 2025 15:01:03 +0000 ROA not before: Mon 19 May 2025 15:01:03 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.160.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:a6:55:a7:d4:32:98:98:b7:7b:03:a6:6c:70:00:86:72:0b:3e:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 15:01:03 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=5f7ec86190ed163e0ab48892dbba068174060080c84bf223f6963a87eda90ea2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:9c:c7:0a:e3:f1:73:8f:9b:1f:6f:05:5b:24: b1:60:35:86:79:c3:d7:d9:f2:f5:18:98:d2:26:39: a3:aa:0a:a3:a5:ed:95:4a:2e:d1:f7:96:33:2a:bd: 65:0e:af:aa:45:05:4d:d5:38:e8:89:8d:76:57:60: aa:bb:5a:75:ba:47:a8:0c:8c:37:8e:b8:f8:35:6e: be:41:40:f2:df:69:7c:a5:02:d6:e4:33:44:34:ba: 07:5b:25:82:9b:f1:e5:e1:50:97:c8:7c:d3:ad:a1: 45:72:cc:4d:68:c7:60:51:7f:99:fd:77:b8:a0:5a: de:8d:64:56:8d:96:76:72:7e:14:7d:e8:db:e5:35: 79:2b:c0:15:04:66:ef:55:3e:e4:fa:b0:6f:11:ab: 76:bb:3a:2c:0d:38:f5:62:b0:6d:65:72:a8:f7:a7: c0:02:eb:fd:01:42:5b:9e:26:c0:09:ec:0f:0a:39: 7f:64:94:56:31:b4:05:a5:30:b2:5f:4e:dd:ba:13: 84:a9:14:5a:c2:44:b8:9e:67:38:6b:70:96:70:2e: a4:bd:1d:25:7a:59:f9:4f:43:c7:1c:a3:fd:4e:6d: b1:a9:ae:51:da:75:8f:6b:76:6e:2f:2e:33:40:e9: ef:71:26:98:af:59:71:bd:1a:3c:74:f5:0b:b1:eb: e7:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:83:C8:92:2E:04:4B:D0:9B:60:D3:47:B0:50:2D:2B:55:F3:BD:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54aae532-b814-42d3-9243-59dc4c838eb1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.160.0/22 Signature Algorithm: sha256WithRSAEncryption 2b:fc:c4:94:89:d2:0c:3d:74:f4:42:05:b1:e5:82:fc:33:d6: 69:a2:e5:a9:24:96:3e:70:2d:c0:40:ce:01:4c:95:fe:11:ce: 06:e4:69:3f:05:7a:37:a8:10:a8:70:0e:91:cd:83:75:c4:18: 0e:d8:22:01:04:be:ed:5d:83:df:1c:a3:28:64:a2:0d:2b:b3: 27:99:9a:72:4f:09:21:0c:3a:34:ec:f5:12:bc:d8:7a:7e:0c: 42:e5:9b:26:60:e6:b8:72:b5:2c:a6:9f:01:94:0b:4a:ee:55: d7:90:7e:94:4e:81:a1:72:c9:63:af:a2:dd:0c:29:ef:aa:4b: 92:40:8b:75:0f:93:e2:92:6f:48:ec:a0:6a:2f:b0:f0:95:69: eb:cd:6a:a7:f1:c8:4e:e5:b7:a8:98:b1:b8:87:c2:8f:d7:21: 1c:6d:5e:1d:be:5f:2c:fe:81:af:35:da:47:a5:e4:a0:1a:df: ec:9a:9c:bb:53:1e:68:74:8e:69:a5:15:a4:24:a3:da:be:95: c8:3b:5b:7c:b1:13:c5:2c:63:95:6a:4d:c1:97:e7:2d:a9:f4: e6:d6:ac:72:0b:17:2c:82:d5:e9:e6:a4:3d:d5:4f:d6:2c:da: 21:fc:9b:de:aa:f0:a7:60:0a:a0:67:c5:f2:54:b2:c3:35:cf: 6f:9d:09:45 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUD6ZVp9QymJi3ewOmbHAAhnILPpUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxOTE1MDEwM1oX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNANWY3ZWM4NjE5MGVkMTYzZTBhYjQ4 ODkyZGJiYTA2ODE3NDA2MDA4MGM4NGJmMjIzZjY5NjNhODdlZGE5MGVhMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpzHCuPxc4+bH28FWySxYDWGecPX 2fL1GJjSJjmjqgqjpe2VSi7R95YzKr1lDq+qRQVN1TjoiY12V2Cqu1p1ukeoDIw3 jrj4NW6+QUDy32l8pQLW5DNENLoHWyWCm/Hl4VCXyHzTraFFcsxNaMdgUX+Z/Xe4 oFrejWRWjZZ2cn4Ufejb5TV5K8AVBGbvVT7k+rBvEat2uzosDTj1YrBtZXKo96fA Auv9AUJbnibACewPCjl/ZJRWMbQFpTCyX07duhOEqRRawkS4nmc4a3CWcC6kvR0l eln5T0PHHKP9Tm2xqa5R2nWPa3ZuLy4zQOnvcSaYr1lxvRo8dPULsevnbwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOeDyJIuBEvQm2DTR7BQLStV871YMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0YWFlNTMyLWI4MTQtNDJkMy05MjQzLTU5ZGM0YzgzOGViMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK9qgMA0GCSqGSIb3DQEBCwUAA4IBAQAr/MSUidIMPXT0QgWx5YL8 M9ZpouWpJJY+cC3AQM4BTJX+Ec4G5Gk/BXo3qBCocA6RzYN1xBgO2CIBBL7tXYPf HKMoZKINK7MnmZpyTwkhDDo07PUSvNh6fgxC5ZsmYOa4crUspp8BlAtK7lXXkH6U ToGhcsljr6LdDCnvqkuSQIt1D5Pikm9I7KBqL7DwlWnrzWqn8chO5beomLG4h8KP 1yEcbV4dvl8s/oGvNdpHpeSgGt/smpy7Ux5odI5ppRWkJKPavpXIO1t8sRPFLGOV ak3Bl+ctqfTm1qxyCxcsgtXp5qQ91U/WLNoh/JveqvCnYAqgZ8XyVLLDNc9vnQlF -----END CERTIFICATE-----Generated at Tue Jun 3 23:37:28 2025 by rpki-client