$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa File: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (raw, json) Hash identifier: xthRMTgaJty+OIosYTfkHKttTrNfVnZL3POEE8TPxZQ= Subject key identifier: C5:E8:98:35:B0:10:FC:5B:C6:DD:93:5F:45:B3:09:67:BA:5F:75:03 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 3E08C0A056D014AB639A884636CF7AA7C5573608 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa Signing time: Tue 20 May 2025 00:00:42 +0000 ROA not before: Tue 20 May 2025 00:00:42 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:08:c0:a0:56:d0:14:ab:63:9a:88:46:36:cf:7a:a7:c5:57:36:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 20 00:00:42 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=771639ed92fec0ce17b530f65428ef378d78a3dd4124a50c97a6454248c14249, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:7f:c0:77:8f:e8:a1:80:ad:48:f5:db:0f:b2: 52:58:23:5b:c7:c4:ad:d2:95:5c:f4:d8:d6:2c:ae: 79:2b:77:66:51:36:ca:6e:87:46:fa:26:41:1d:5c: 23:67:b6:4b:2b:40:8a:26:92:bf:4c:8e:fa:c2:49: cf:16:af:fe:cb:67:ec:80:8e:db:8f:81:88:7a:d4: 7a:9a:3c:41:75:bc:3b:8b:79:07:ad:d8:7a:db:b8: ef:1c:88:dd:67:a0:d4:ed:ed:6b:c2:bc:e4:e5:7e: 62:0d:47:5c:3d:84:1c:86:57:78:b8:ba:a9:4d:39: 1e:ab:ff:54:c7:21:38:ff:22:3e:67:04:11:40:1e: 7f:26:ee:7a:92:fd:80:13:31:c2:6c:09:58:cc:81: 94:ce:f1:cb:db:93:99:cf:00:85:cc:d5:9e:45:71: 88:62:dd:2b:e0:db:0b:48:1c:ef:22:ba:a3:31:e3: 3f:60:89:b7:a2:d0:22:e7:1c:eb:be:4d:2b:61:a6: 50:2e:50:98:e6:5a:7a:1d:c6:3b:b0:e6:71:10:b9: c4:53:a5:44:3e:0d:f5:a2:7e:ec:b1:a8:08:4e:e6: b6:a8:88:b2:52:85:61:f9:79:26:88:df:72:85:5e: fd:00:f0:97:a0:b8:55:dd:e6:15:e2:07:5c:91:82: 20:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:E8:98:35:B0:10:FC:5B:C6:DD:93:5F:45:B3:09:67:BA:5F:75:03 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 50:5c:7e:38:e8:55:d0:71:fc:00:7b:ae:13:be:ef:19:63:d5: e7:a8:ae:71:bf:53:15:b3:e9:c6:80:9f:a1:33:f5:91:19:bc: 57:f6:73:68:06:4f:02:1a:ba:6a:fd:a6:d3:81:0f:62:ab:d5: 73:a4:d2:e9:6f:7c:54:fe:a2:6f:50:ad:5d:2e:84:ae:b8:2e: 6e:6b:f5:a5:07:9e:fa:10:d1:f4:85:b4:a6:de:cd:b5:bd:4b: 91:13:ab:c4:c2:08:20:39:ae:05:13:65:c3:22:b8:67:2e:2d: 9e:93:eb:7b:71:20:79:76:1c:56:ed:68:41:3d:0f:2a:06:05: 64:15:6c:10:e5:70:49:4c:26:22:5f:d8:4a:37:21:b4:f0:a0: b4:0f:06:7f:38:aa:63:0e:4b:4d:92:20:9c:8c:9e:56:b4:7d: 07:fc:ff:e7:f8:c6:a2:cd:1c:41:cb:57:25:b2:bd:f2:3c:a7: 60:9e:99:44:88:e0:d1:fd:1e:26:60:68:5d:3b:43:15:e1:ba: 92:31:07:d9:25:99:c5:97:05:5f:ee:37:49:39:c4:2b:7a:f7: b8:2e:e1:86:2d:91:f0:04:9d:03:0c:a2:bb:40:90:1d:cf:86: 28:d4:d7:3d:0e:95:f3:ae:8a:0b:fe:a2:89:5d:98:1d:11:86: b4:ac:e0:31 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUPgjAoFbQFKtjmohGNs96p8VXNggwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUyMDAwMDA0MloX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNANzcxNjM5ZWQ5MmZlYzBjZTE3YjUz MGY2NTQyOGVmMzc4ZDc4YTNkZDQxMjRhNTBjOTdhNjQ1NDI0OGMxNDI0OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH/Ad4/ooYCtSPXbD7JSWCNbx8St 0pVc9NjWLK55K3dmUTbKbodG+iZBHVwjZ7ZLK0CKJpK/TI76wknPFq/+y2fsgI7b j4GIetR6mjxBdbw7i3kHrdh627jvHIjdZ6DU7e1rwrzk5X5iDUdcPYQchld4uLqp TTkeq/9UxyE4/yI+ZwQRQB5/Ju56kv2AEzHCbAlYzIGUzvHL25OZzwCFzNWeRXGI Yt0r4NsLSBzvIrqjMeM/YIm3otAi5xzrvk0rYaZQLlCY5lp6HcY7sOZxELnEU6VE Pg31on7ssagITua2qIiyUoVh+XkmiN9yhV79APCXoLhV3eYV4gdckYIgxQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMXomDWwEPxbxt2TX0WzCWe6X3UDMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1ZDZjYmFlLThiN2YtNDVhOS04ZDliLTQ1OGQxMGE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQBQXH446FXQcfwAe64Tvu8Z Y9XnqK5xv1MVs+nGgJ+hM/WRGbxX9nNoBk8CGrpq/abTgQ9iq9VzpNLpb3xU/qJv UK1dLoSuuC5ua/WlB576ENH0hbSm3s21vUuRE6vEwgggOa4FE2XDIrhnLi2ek+t7 cSB5dhxW7WhBPQ8qBgVkFWwQ5XBJTCYiX9hKNyG08KC0DwZ/OKpjDktNkiCcjJ5W tH0H/P/n+MaizRxBy1clsr3yPKdgnplEiODR/R4mYGhdO0MV4bqSMQfZJZnFlwVf 7jdJOcQreve4LuGGLZHwBJ0DDKK7QJAdz4Yo1Nc9DpXzrooL/qKJXZgdEYa0rOAx -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:24 2025 by rpki-client