$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa File: 92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa (raw, json) Hash identifier: 3Dz0EEadYhkOZO2qgFgnQ4yv1Hy/AbdE+eTlKn6Mz2o= Subject key identifier: 1B:C0:0E:35:FF:C6:BE:E9:C8:35:98:9E:B0:1E:5C:7C:5D:4A:4E:C1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 50A3DD703E1276A3C650D28C258AFFB771ED18C1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa Signing time: Fri 16 May 2025 16:00:49 +0000 ROA not before: Fri 16 May 2025 16:00:49 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:a3:dd:70:3e:12:76:a3:c6:50:d2:8c:25:8a:ff:b7:71:ed:18:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 16:00:49 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=2a234cd22edfc6d6eb9ad11c255cdc95fadd071a2054f8b3a5f31fdfb49efea3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:2b:79:11:31:5c:ac:76:f5:2a:a9:d3:e7:a8: cc:a4:3d:1a:ae:af:43:1a:b2:8a:12:00:92:e1:bc: 35:23:66:b0:7b:5a:85:a4:fd:9f:f4:cb:27:02:35: ca:57:f9:6d:c3:2c:6e:df:26:fa:4b:d8:36:cd:ec: 6c:03:0f:c6:87:d0:db:34:5d:39:d4:02:d8:69:41: 27:88:0b:58:f9:ff:e3:36:fe:5c:d4:8d:1f:3b:8c: a7:ad:cf:3e:ac:1e:c6:58:5a:40:e2:42:c6:82:8e: 37:f1:10:0f:f0:7c:0c:72:d2:3a:f5:59:37:1a:a0: a8:78:ea:97:aa:f9:a4:5e:4e:9d:f6:f4:7e:a4:ae: 8c:8a:56:9c:4b:53:e4:90:33:a8:d5:15:cd:2b:6a: 11:99:1e:68:c1:da:87:f7:59:33:ca:61:36:fe:53: b3:62:3c:08:ee:cb:1c:8e:ee:79:64:f0:32:b9:b0: 8f:1a:7a:f1:01:af:25:4d:65:61:b7:63:2c:b6:79: 6b:8b:14:4a:78:db:43:02:51:e7:d1:96:90:9c:69: 81:1f:45:98:38:b4:d0:07:8e:66:4c:2a:3d:c3:92: 0e:13:9c:25:b7:2c:eb:2f:3b:51:6a:fe:77:5c:94: a3:9e:98:d8:a7:0c:00:bf:81:bf:64:22:db:65:77: 13:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:C0:0E:35:FF:C6:BE:E9:C8:35:98:9E:B0:1E:5C:7C:5D:4A:4E:C1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption b4:e1:49:a9:7c:ab:ca:c5:6c:a2:06:30:1e:6a:cd:14:24:44: 7c:84:1d:6d:1f:44:d3:82:ba:72:39:77:f2:89:95:60:39:d9: 3d:cd:8a:34:05:0c:46:3d:8f:52:53:5f:39:2b:d4:4f:c1:b8: 79:34:dc:23:51:2f:1b:62:1b:60:93:88:9e:b9:b2:d7:01:d2: e7:86:05:8b:c8:9e:65:95:6e:94:af:c9:5f:83:b4:d1:97:6b: c4:74:61:51:5c:28:b8:c0:4c:be:a0:dc:f8:a7:84:b5:2a:69: cf:8a:a7:7a:bc:d0:99:37:38:b2:57:50:15:78:97:5f:bc:c1: 33:ee:84:02:ac:9c:6b:d5:74:81:f7:a7:e0:0c:08:cf:9a:4c: 17:78:38:c3:85:cc:9a:4f:b1:ab:29:e9:80:e7:1d:ef:90:a8: d5:b5:a1:5a:da:21:da:04:43:51:30:67:2e:49:b2:e2:c9:79: f4:9b:09:27:dc:4b:4a:c6:22:1c:e2:bb:3c:52:2e:86:4f:6b: 4a:5c:36:74:36:d1:29:d0:15:cb:8e:c8:b5:2b:9d:db:4d:3d: 35:7f:8d:d2:1f:7d:d4:d9:88:47:07:a2:5a:56:ad:7a:a6:54: 22:26:a8:3b:31:e0:66:d1:0b:0c:7d:10:b7:a9:38:ae:c4:94: a3:92:96:85 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUUKPdcD4SdqPGUNKMJYr/t3HtGMEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE2MDA0OVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMmEyMzRjZDIyZWRmYzZkNmViOWFk MTFjMjU1Y2RjOTVmYWRkMDcxYTIwNTRmOGIzYTVmMzFmZGZiNDllZmVhMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ct5ETFcrHb1KqnT56jMpD0arq9D GrKKEgCS4bw1I2awe1qFpP2f9MsnAjXKV/ltwyxu3yb6S9g2zexsAw/Gh9DbNF05 1ALYaUEniAtY+f/jNv5c1I0fO4ynrc8+rB7GWFpA4kLGgo438RAP8HwMctI69Vk3 GqCoeOqXqvmkXk6d9vR+pK6MilacS1PkkDOo1RXNK2oRmR5owdqH91kzymE2/lOz YjwI7sscju55ZPAyubCPGnrxAa8lTWVht2MstnlrixRKeNtDAlHn0ZaQnGmBH0WY OLTQB45mTCo9w5IOE5wltyzrLztRav53XJSjnpjYpwwAv4G/ZCLbZXcTxwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFBvADjX/xr7pyDWYnrAeXHxdSk7BMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkyZGMxYTY0LWU3OTEtNDllMS05ZjFmLWJkYmIzNzRhZGZhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBALThSal8q8rFbKIGMB5qzRQk RHyEHW0fRNOCunI5d/KJlWA52T3NijQFDEY9j1JTXzkr1E/BuHk03CNRLxtiG2CT iJ65stcB0ueGBYvInmWVbpSvyV+DtNGXa8R0YVFcKLjATL6g3PinhLUqac+Kp3q8 0Jk3OLJXUBV4l1+8wTPuhAKsnGvVdIH3p+AMCM+aTBd4OMOFzJpPsasp6YDnHe+Q qNW1oVraIdoEQ1EwZy5JsuLJefSbCSfcS0rGIhziuzxSLoZPa0pcNnQ20SnQFcuO yLUrndtNPTV/jdIffdTZiEcHolpWrXqmVCImqDsx4GbRCwx9ELepOK7ElKOSloU= -----END CERTIFICATE-----Generated at Tue Jun 3 23:17:58 2025 by rpki-client