$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa File: 92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa (raw, json) Hash identifier: QvHZr2EZEQO44xR++IFGX10+fs+FQTJuM4Q+HAvQy9Y= Subject key identifier: 8C:91:4C:0B:BA:B5:AD:7A:53:2E:8F:CA:73:EB:74:67:68:6A:C2:E7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3F6BD511B92252189742E596C1B6FD82203B02D5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa Signing time: Wed 26 Mar 2025 00:10:10 +0000 ROA not before: Wed 26 Mar 2025 00:10:10 +0000 ROA not after: Wed 30 Apr 2025 23:59:59 +0000 asID: 14618 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 00:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:6b:d5:11:b9:22:52:18:97:42:e5:96:c1:b6:fd:82:20:3b:02:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Mar 26 00:10:10 2025 GMT Not After : Apr 30 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:48:5b:3e:db:05:57:74:47:67:24:4d:5e:4e: 04:9f:cc:49:ac:71:8a:d2:6a:68:fe:6a:a6:6e:21: 45:80:eb:7a:c2:d8:ce:ff:9f:60:08:3a:24:4f:58: 87:41:0e:b9:69:43:39:81:cb:01:b4:ea:df:93:5b: a0:05:0b:d4:63:34:af:ad:1c:68:18:18:f5:b9:00: 9a:e6:6a:3a:60:40:32:31:52:45:e2:91:fe:d0:8a: ad:15:c8:fe:67:41:ad:0b:13:d2:d4:58:aa:64:ef: 03:3e:65:19:be:6c:50:34:9e:b5:de:ba:d4:fa:52: 69:6c:be:e7:e6:20:b1:fd:d9:6b:aa:df:4f:3d:03: ff:f4:3f:8a:72:16:bd:08:e8:57:1d:cd:85:09:99: a4:67:6d:e4:f6:3d:46:41:7c:15:72:01:91:c1:e2: e8:a5:ef:53:41:97:67:d9:8c:02:6e:e2:f8:7a:fd: 02:12:80:4f:0c:c7:ce:f7:4b:f6:cc:eb:d6:bd:0c: 6b:49:51:39:a9:5f:48:a9:ea:c9:d4:7f:12:54:0a: 8a:38:33:e7:3a:40:e1:e5:91:4c:44:49:45:fb:95: f5:74:bf:19:4b:a9:f3:22:df:eb:08:fa:e4:3e:4a: b5:eb:72:8f:62:7a:7e:7d:6b:dd:d2:86:77:71:86: bf:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:91:4C:0B:BA:B5:AD:7A:53:2E:8F:CA:73:EB:74:67:68:6A:C2:E7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 6c:5d:83:ae:57:d7:8a:f9:d5:33:4a:2e:70:94:68:93:ef:23: ac:7e:17:fe:d5:9b:af:57:03:e4:83:ef:a1:ec:e6:30:a0:ee: fc:01:51:df:3a:fa:9c:56:47:a1:60:87:f9:b4:9e:3e:d2:61: 50:ef:70:5f:55:e0:2c:b6:64:c9:68:d2:2f:74:ec:07:69:a8: 95:8d:02:c3:a6:ae:a1:9e:65:cb:de:85:3f:a3:ef:21:03:22: 0b:df:c8:5b:22:8c:82:5a:91:06:2e:17:e8:d0:ed:04:66:35: f8:4c:a1:c4:4d:f1:2b:ee:c4:3f:65:9d:f1:eb:f2:6b:b9:48: 84:e2:07:e1:58:72:20:a8:79:10:5b:57:cf:b5:32:a2:1a:f8: a2:8e:38:06:60:9e:d9:f9:b1:b0:7a:60:3e:4f:bb:63:98:b7: d3:6e:f4:56:c9:95:78:b7:cf:5a:5e:77:d0:ac:2b:13:d1:52: 3e:4c:53:08:07:53:69:26:b3:15:a5:8a:86:a3:b7:64:c8:07: 28:3d:6f:72:6f:d8:1d:d5:69:eb:c0:87:4f:13:65:d6:3f:8f: 04:fc:58:35:a0:52:0a:46:ea:4f:6b:d2:ad:37:7d:af:5a:c1: f4:22:d4:a5:c2:ff:67:9c:b2:72:c6:cf:9a:19:f2:9d:d1:8c: 0c:b7:17:b1 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUP2vVEbkiUhiXQuWWwbb9giA7AtUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMTAxMFoX DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNAYmU0MjhkMzc0MzJkZTllOGMzYzQ4 ODEwNjQ5NjVmN2NjYTYxMDYxOTQxYTdiYmM5ZTNlYTVmOWM1YmNhZDFhYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EhbPtsFV3RHZyRNXk4En8xJrHGK 0mpo/mqmbiFFgOt6wtjO/59gCDokT1iHQQ65aUM5gcsBtOrfk1ugBQvUYzSvrRxo GBj1uQCa5mo6YEAyMVJF4pH+0IqtFcj+Z0GtCxPS1FiqZO8DPmUZvmxQNJ613rrU +lJpbL7n5iCx/dlrqt9PPQP/9D+Kcha9COhXHc2FCZmkZ23k9j1GQXwVcgGRweLo pe9TQZdn2YwCbuL4ev0CEoBPDMfO90v2zOvWvQxrSVE5qV9IqerJ1H8SVAqKODPn OkDh5ZFMRElF+5X1dL8ZS6nzIt/rCPrkPkq163KPYnp+fWvd0oZ3cYa/OQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFIyRTAu6ta16Uy6PynPrdGdoasLnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkyZGMxYTY0LWU3OTEtNDllMS05ZjFmLWJkYmIzNzRhZGZhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAGxdg65X14r51TNKLnCUaJPv I6x+F/7Vm69XA+SD76Hs5jCg7vwBUd86+pxWR6Fgh/m0nj7SYVDvcF9V4Cy2ZMlo 0i907AdpqJWNAsOmrqGeZcvehT+j7yEDIgvfyFsijIJakQYuF+jQ7QRmNfhMocRN 8SvuxD9lnfHr8mu5SITiB+FYciCoeRBbV8+1MqIa+KKOOAZgntn5sbB6YD5Pu2OY t9Nu9FbJlXi3z1ped9CsKxPRUj5MUwgHU2kmsxWlioajt2TIByg9b3Jv2B3VaevA h08TZdY/jwT8WDWgUgpG6k9r0q03fa9awfQi1KXC/2ecsnLGz5oZ8p3RjAy3F7E= -----END CERTIFICATE-----Generated at Fri Apr 4 23:31:22 2025 by rpki-client