$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa File: 565f9740-389f-45ac-956e-b96e19889315.roa (raw, json) Hash identifier: L72PNQDj+dbD8I1YKZ/eFCM/XzMScNXvz5qRjI7nF3o= Subject key identifier: 61:24:47:B3:54:4E:6D:C6:48:BB:D0:BB:A6:2F:CC:B5:81:6B:81:7F Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 45C3BC28E77C3FDFEDD878692DD73CA0CC5C1F12 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa Signing time: Tue 20 May 2025 00:00:44 +0000 ROA not before: Tue 20 May 2025 00:00:44 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:c3:bc:28:e7:7c:3f:df:ed:d8:78:69:2d:d7:3c:a0:cc:5c:1f:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 20 00:00:44 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=417224e7b236bd47c33743aef83a5ac59005a1fc295452c4d68664d6e9d23e89, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:e8:f0:15:50:24:4c:4d:00:97:58:24:ff:e4: 0e:45:eb:3e:85:4b:e6:3c:7d:b4:dd:31:66:ab:c1: b1:6d:03:d4:85:29:46:85:57:da:ad:83:0b:7d:c3: 29:c8:be:ea:94:fd:26:3f:75:b7:0e:bc:99:df:f2: b8:ad:95:26:3f:39:85:bd:d2:fd:d5:8d:b7:f8:dd: 59:dc:33:e8:14:ac:03:f0:6e:2e:79:e8:88:a6:ae: be:b5:22:b4:49:91:49:02:bd:ad:ff:d0:30:d1:09: 01:41:a6:71:03:8f:ba:00:b2:92:5f:e0:fe:db:0e: 23:f0:71:cb:2e:34:19:eb:82:7e:05:25:c2:54:3c: 76:7d:78:f5:6e:02:4c:fc:6e:51:75:98:4e:c5:65: 62:80:b0:61:91:30:6b:7b:78:10:70:6b:eb:74:f1: 8f:46:a1:07:01:06:36:42:a1:75:81:77:0e:9f:ab: 79:e0:ab:85:f8:db:44:c7:35:a3:29:7b:b0:10:0d: 96:b6:c1:ce:7d:19:55:0f:40:8a:3b:e0:e3:49:02: e8:1f:2c:b7:88:d3:ed:58:9f:2a:6d:c7:de:c9:e1: 79:c0:5f:6c:8d:32:64:6f:ac:e8:3e:5d:ae:3e:e5: a3:9c:cc:8a:8a:71:99:f5:b7:47:a3:b0:7f:2c:47: c7:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:24:47:B3:54:4E:6D:C6:48:BB:D0:BB:A6:2F:CC:B5:81:6B:81:7F X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 43:b6:15:33:29:ba:0b:64:30:af:8c:35:df:54:e5:c3:c2:c9: ee:16:de:92:29:63:02:3c:35:a9:65:a7:17:0f:a7:bc:96:d8: 68:03:4b:38:06:6f:8d:5d:d3:cf:7d:80:6c:94:6a:74:c6:c7: a4:3d:93:6c:0f:d8:c6:62:b1:cf:e3:ab:7f:f3:5b:9a:8e:d3: 69:82:6a:9e:e1:e6:14:9f:11:ae:24:1d:a1:69:5a:35:30:c7: ea:59:5b:db:db:d6:75:a5:34:a7:5b:71:ad:bc:8c:78:7a:58: c0:7a:6c:56:da:d3:37:7d:6d:fd:33:14:11:95:77:8c:be:fe: 51:07:ea:7f:7b:72:7b:4e:a1:3a:81:5a:fa:ed:b2:db:9a:02: 1f:8f:f7:46:3e:d1:00:a3:60:8f:93:42:49:1e:b4:f5:ca:77: 0c:fb:fa:fc:85:4d:d0:01:8b:7b:7b:15:cf:5b:34:3b:20:4e: f7:5a:ec:40:2b:be:86:2e:ca:87:47:4a:2c:04:44:4d:0f:0a: e5:45:da:6b:ab:c0:9a:ef:17:9b:e0:ca:ab:d7:b5:b3:37:11: 5e:5f:21:a6:bb:d2:5e:53:54:ce:84:51:2a:d9:9c:57:df:22: ae:07:6d:8e:13:12:e4:7a:3d:08:9b:c5:53:15:74:31:26:82: ab:b9:5f:18 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIURcO8KOd8P9/t2HhpLdc8oMxcHxIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUyMDAwMDA0NFoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNANDE3MjI0ZTdiMjM2YmQ0N2MzMzc0 M2FlZjgzYTVhYzU5MDA1YTFmYzI5NTQ1MmM0ZDY4NjY0ZDZlOWQyM2U4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ujwFVAkTE0Al1gk/+QORes+hUvm PH203TFmq8GxbQPUhSlGhVfarYMLfcMpyL7qlP0mP3W3DryZ3/K4rZUmPzmFvdL9 1Y23+N1Z3DPoFKwD8G4ueeiIpq6+tSK0SZFJAr2t/9Aw0QkBQaZxA4+6ALKSX+D+ 2w4j8HHLLjQZ64J+BSXCVDx2fXj1bgJM/G5RdZhOxWVigLBhkTBre3gQcGvrdPGP RqEHAQY2QqF1gXcOn6t54KuF+NtExzWjKXuwEA2WtsHOfRlVD0CKO+DjSQLoHyy3 iNPtWJ8qbcfeyeF5wF9sjTJkb6zoPl2uPuWjnMyKinGZ9bdHo7B/LEfH5QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGEkR7NUTm3GSLvQu6YvzLWBa4F/MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2NWY5NzQwLTM4OWYtNDVhYy05NTZlLWI5NmUxOTg4OTMxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jgMA0GCSqGSIb3DQEBCwUAA4IBAQBDthUzKboLZDCvjDXfVOXD wsnuFt6SKWMCPDWpZacXD6e8lthoA0s4Bm+NXdPPfYBslGp0xsekPZNsD9jGYrHP 46t/81uajtNpgmqe4eYUnxGuJB2haVo1MMfqWVvb29Z1pTSnW3GtvIx4eljAemxW 2tM3fW39MxQRlXeMvv5RB+p/e3J7TqE6gVr67bLbmgIfj/dGPtEAo2CPk0JJHrT1 yncM+/r8hU3QAYt7exXPWzQ7IE73WuxAK76GLsqHR0osBERNDwrlRdprq8Ca7xeb 4Mqr17WzNxFeXyGmu9JeU1TOhFEq2ZxX3yKuB22OExLkej0Im8VTFXQxJoKruV8Y -----END CERTIFICATE-----Generated at Tue Jun 3 23:46:15 2025 by rpki-client