$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54aae532-b814-42d3-9243-59dc4c838eb1.roa File: 54aae532-b814-42d3-9243-59dc4c838eb1.roa (raw, json) Hash identifier: f8qdV5FldK7+KNLQfrQZpbiZdRsGDryZz0OJYhdfEPE= Subject key identifier: 20:8A:11:AD:6C:F7:2D:03:74:A6:26:CB:A0:F1:C3:BE:52:4C:59:B2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 50870E0D8D541FF3C08D69A487CFE604308A06E2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54aae532-b814-42d3-9243-59dc4c838eb1.roa Signing time: Mon 13 Jan 2025 00:00:00 +0000 ROA not before: Mon 13 Jan 2025 00:00:00 +0000 ROA not after: Mon 17 Feb 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.160.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:87:0e:0d:8d:54:1f:f3:c0:8d:69:a4:87:cf:e6:04:30:8a:06:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 13 00:00:00 2025 GMT Not After : Feb 17 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:b4:c4:0a:ec:31:19:63:1b:0a:25:82:3b:62: b5:1b:7b:db:62:8e:4c:3c:a8:9b:10:12:20:f8:3f: b9:ee:59:4e:90:95:a3:29:2a:fe:1e:8b:6f:1b:15: 2b:ee:a3:de:09:bb:21:81:6a:1d:5c:0e:cc:ad:0f: b1:6e:00:7d:3b:b5:53:93:13:3a:32:20:47:8e:17: 9f:73:47:b5:4d:df:cc:da:52:52:87:56:5f:c8:98: ca:06:89:8a:57:9e:41:ac:42:84:a6:98:b1:4e:a7: 37:5f:fd:2a:67:ee:7d:99:10:6e:22:37:d2:2b:f1: 9d:e0:84:a4:19:a6:15:85:86:08:03:71:8f:af:7f: 5e:6c:5a:3b:14:ec:61:96:49:e9:99:d4:26:60:ac: eb:72:96:25:ba:13:27:66:8a:67:92:5c:b6:69:b3: 49:96:7b:08:f7:1a:be:3a:52:1f:97:f1:bc:76:3a: c9:1d:ee:c2:a4:7d:df:13:a8:ec:23:2b:c9:2c:6b: 6e:10:ab:80:68:2b:44:89:66:b4:db:9d:0c:78:5f: 30:e0:17:5c:d6:32:5b:1a:1f:69:64:c8:6b:a0:15: 6e:85:14:75:b5:c6:73:38:4e:f5:6d:24:13:04:38: 29:0e:38:49:2e:5f:d4:5d:0d:30:c9:53:0f:4e:75: f0:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:8A:11:AD:6C:F7:2D:03:74:A6:26:CB:A0:F1:C3:BE:52:4C:59:B2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54aae532-b814-42d3-9243-59dc4c838eb1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.160.0/22 Signature Algorithm: sha256WithRSAEncryption 04:37:38:db:4f:b4:ea:ad:d5:cc:ab:4e:73:00:33:81:7b:ce: 68:65:ab:7d:32:02:16:db:7e:92:1c:48:8d:63:30:13:fd:f6: 38:bd:43:33:5c:35:b5:a7:c5:9d:a5:98:eb:ee:4a:e7:2e:ab: 2e:b8:02:e0:6d:44:45:ea:8b:51:55:86:34:7e:5b:ca:95:8e: a7:01:72:a4:c1:0b:e1:9f:b4:e4:cb:5f:6f:5d:7e:a4:27:2a: 36:c4:83:5e:6d:c9:4d:da:2d:44:ed:ea:ac:ec:42:3b:85:e3: 28:18:89:bf:a6:2c:72:3d:d6:97:75:5d:12:7a:cf:4b:6f:6e: af:8d:4e:58:c8:ed:7a:22:16:5a:4a:7e:85:bb:46:ff:17:b9: 2b:68:ae:86:da:2c:e0:f8:fa:d7:e4:a1:ed:ed:d0:5c:c2:7b: a7:36:f3:a0:13:b1:08:f4:30:72:0c:15:ca:b8:30:5a:46:5b: 27:54:7a:00:1e:3a:9f:5d:6d:b0:bc:e4:f3:e7:09:4f:21:66: fb:56:c0:42:77:73:a7:cf:c2:47:22:90:84:77:ea:4a:e4:d8: db:33:93:41:ca:e7:8f:f5:ef:d5:bb:0f:b9:ce:fa:27:e5:a6: 3e:4e:c0:4a:6a:88:4f:51:7c:82:d9:f6:21:a5:9a:24:a8:b2: be:cb:61:66 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUIcODY1UH/PAjWmkh8/mBDCKBuIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMzAwMDAwMFoX DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAZjQyOGZiYmUxZWY2YTFhYzUyMmQx OGJiOTA3OTc4NzBmY2Y4YzU2ODMyYTg2YmRjMzI5NjM2ZWVlNWM3NTg5MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrTECuwxGWMbCiWCO2K1G3vbYo5M PKibEBIg+D+57llOkJWjKSr+HotvGxUr7qPeCbshgWodXA7MrQ+xbgB9O7VTkxM6 MiBHjhefc0e1Td/M2lJSh1ZfyJjKBomKV55BrEKEppixTqc3X/0qZ+59mRBuIjfS K/Gd4ISkGaYVhYYIA3GPr39ebFo7FOxhlknpmdQmYKzrcpYluhMnZopnkly2abNJ lnsI9xq+OlIfl/G8djrJHe7CpH3fE6jsIyvJLGtuEKuAaCtEiWa0250MeF8w4Bdc 1jJbGh9pZMhroBVuhRR1tcZzOE71bSQTBDgpDjhJLl/UXQ0wyVMPTnXwVQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCCKEa1s9y0DdKYmy6Dxw75STFmyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0YWFlNTMyLWI4MTQtNDJkMy05MjQzLTU5ZGM0YzgzOGViMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK9qgMA0GCSqGSIb3DQEBCwUAA4IBAQAENzjbT7TqrdXMq05zADOB e85oZat9MgIW236SHEiNYzAT/fY4vUMzXDW1p8WdpZjr7krnLqsuuALgbURF6otR VYY0flvKlY6nAXKkwQvhn7Tky19vXX6kJyo2xINebclN2i1E7eqs7EI7heMoGIm/ pixyPdaXdV0Ses9Lb26vjU5YyO16IhZaSn6Fu0b/F7kraK6G2izg+PrX5KHt7dBc wnunNvOgE7EI9DByDBXKuDBaRlsnVHoAHjqfXW2wvOTz5wlPIWb7VsBCd3Onz8JH IpCEd+pK5NjbM5NByueP9e/Vuw+5zvon5aY+TsBKaohPUXyC2fYhpZokqLK+y2Fm -----END CERTIFICATE-----Generated at Wed Feb 5 03:52:07 2025 by rpki-client