$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa File: 72c1271b-5ed8-4478-ba43-6741904af7c8.roa (raw, json) Hash identifier: PMhYSh4GOpjm9AZyz+mUE5IVu+zZmSBOJvzVDTLvMlI= Subject key identifier: 91:21:E4:DB:D7:6D:03:DE:80:28:C1:D3:C1:A7:E4:42:24:E3:70:8B Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 1DF341FE1DBD281AF1EF4C4EF442E83BE1D72830 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa Signing time: Tue 20 May 2025 00:00:45 +0000 ROA not before: Tue 20 May 2025 00:00:45 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:f3:41:fe:1d:bd:28:1a:f1:ef:4c:4e:f4:42:e8:3b:e1:d7:28:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 20 00:00:45 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=19e00430131a54d671d46127dbac9057bec560ae05846ff7a4c9bb4b558e4422, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:3a:5e:7e:19:d4:9d:2a:57:38:9b:89:d1:92: 25:0c:0e:08:50:43:f5:16:59:6b:3f:e1:10:f3:8c: 3c:f5:43:42:59:31:0d:f6:4d:57:00:d2:b7:57:a3: c8:26:81:1c:b8:63:3c:b4:a2:37:fb:65:e5:98:a6: 56:49:97:59:fa:d9:17:18:54:27:b5:00:11:b6:f2: 97:57:37:a9:46:cc:7e:0d:87:d1:45:6b:09:95:d7: b3:7e:34:50:c3:1a:12:e1:14:ea:e5:2c:4f:21:b2: 56:c4:df:05:f3:07:8c:8e:2e:49:31:10:b1:87:b4: a4:5f:76:85:84:0c:f8:21:72:88:36:88:2f:dd:fc: 9f:46:be:82:9a:f2:23:ef:b9:47:17:18:81:33:25: 99:f5:97:73:17:c4:47:4f:d3:4b:17:ae:ad:28:6b: c5:48:2e:12:2e:1f:c1:a1:94:3d:04:11:1f:a9:b0: 05:c0:bf:7e:cd:a1:d0:f9:6c:82:72:2a:be:a3:c2: e9:40:50:9d:fd:84:e6:59:00:1b:0e:48:20:fc:84: 2d:63:54:0f:c8:92:33:a7:58:1d:a8:f9:a9:a5:05: 46:25:04:d4:49:b6:c4:5a:12:3d:24:95:77:43:a9: 95:94:b7:d7:e2:0a:81:f9:59:10:8a:ea:d1:2b:87: 95:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:21:E4:DB:D7:6D:03:DE:80:28:C1:D3:C1:A7:E4:42:24:E3:70:8B X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.0.0/17 Signature Algorithm: sha256WithRSAEncryption 53:27:e9:0c:ca:18:73:91:73:99:95:0b:ca:96:b0:bd:85:5b: c6:88:b0:81:4f:9f:4d:1b:60:e5:e3:33:ee:1f:fa:96:1c:c9: 36:54:86:9a:2e:bb:2e:a7:96:3d:d2:4d:f4:be:94:cc:27:8a: 74:51:48:50:c7:a2:b8:ea:00:46:23:37:b0:32:2f:ea:57:ff: e2:88:ea:51:77:c9:57:bb:d0:fd:d1:3f:c9:fe:ac:d6:e9:71: ec:ab:9d:d7:34:6b:fe:f6:79:c5:85:32:31:6f:61:d5:54:f1: 8f:80:6e:4e:c0:f1:88:ac:83:bb:f3:0c:ff:4c:0e:e8:77:30: 3f:ce:14:2b:56:12:07:9e:9e:ec:2e:4a:50:9f:7b:5d:49:fd: f9:ed:63:63:b8:05:90:12:04:5e:ac:9f:31:13:5c:1e:87:a8: df:0a:48:c6:e9:21:06:a9:47:13:f8:a6:8b:b9:4e:a7:79:77: ba:a3:cc:c3:1e:d2:c1:b8:48:fe:c2:bf:f4:17:72:ce:72:f8: c7:23:a2:6e:1c:8a:4c:1a:b9:ac:09:b2:56:43:6d:33:5b:89: eb:c0:67:92:0d:8d:1c:5b:fe:5e:2a:21:21:ad:e1:bf:06:ab: 24:59:31:f9:7f:b0:d9:4d:35:ea:2b:4a:d8:5f:97:a2:0d:61: ac:95:58:89 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUHfNB/h29KBrx70xO9ELoO+HXKDAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUyMDAwMDA0NVoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAMTllMDA0MzAxMzFhNTRkNjcxZDQ2 MTI3ZGJhYzkwNTdiZWM1NjBhZTA1ODQ2ZmY3YTRjOWJiNGI1NThlNDQyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDpefhnUnSpXOJuJ0ZIlDA4IUEP1 FllrP+EQ84w89UNCWTEN9k1XANK3V6PIJoEcuGM8tKI3+2XlmKZWSZdZ+tkXGFQn tQARtvKXVzepRsx+DYfRRWsJldezfjRQwxoS4RTq5SxPIbJWxN8F8weMji5JMRCx h7SkX3aFhAz4IXKINogv3fyfRr6CmvIj77lHFxiBMyWZ9ZdzF8RHT9NLF66tKGvF SC4SLh/BoZQ9BBEfqbAFwL9+zaHQ+WyCciq+o8LpQFCd/YTmWQAbDkgg/IQtY1QP yJIzp1gdqPmppQVGJQTUSbbEWhI9JJV3Q6mVlLfX4gqB+VkQiurRK4eV9wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJEh5NvXbQPegCjB08Gn5EIk43CLMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcyYzEyNzFiLTVlZDgtNDQ3OC1iYTQzLTY3NDE5MDRhZjdjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQHn/gAMA0GCSqGSIb3DQEBCwUAA4IBAQBTJ+kMyhhzkXOZlQvKlrC9 hVvGiLCBT59NG2Dl4zPuH/qWHMk2VIaaLrsup5Y90k30vpTMJ4p0UUhQx6K46gBG IzewMi/qV//iiOpRd8lXu9D90T/J/qzW6XHsq53XNGv+9nnFhTIxb2HVVPGPgG5O wPGIrIO78wz/TA7odzA/zhQrVhIHnp7sLkpQn3tdSf357WNjuAWQEgRerJ8xE1we h6jfCkjG6SEGqUcT+KaLuU6neXe6o8zDHtLBuEj+wr/0F3LOcvjHI6JuHIpMGrms CbJWQ20zW4nrwGeSDY0cW/5eKiEhreG/BqskWTH5f7DZTTXqK0rYX5eiDWGslViJ -----END CERTIFICATE-----Generated at Mon Jun 2 06:33:46 2025 by rpki-client