$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa File: c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa (raw, json) Hash identifier: d9sWacJcs4LBhrmmeWhTcUwNyS06mdOy4KrXOJMy9yE= Subject key identifier: 24:79:C8:7B:3D:55:CE:2C:97:E8:1E:35:53:DB:89:A9:B1:2A:FD:BA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1056C616F58BB29BB47DE3883FE5F040AC35FE18 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa Signing time: Mon 19 May 2025 15:01:03 +0000 ROA not before: Mon 19 May 2025 15:01:03 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:56:c6:16:f5:8b:b2:9b:b4:7d:e3:88:3f:e5:f0:40:ac:35:fe:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 15:01:03 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=7c58900f09bec711be48287b637c3a7f512213a05543aa96ca7be117ed150f52, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:ab:09:10:55:51:2a:85:13:8a:cc:9d:b3:a3: 13:39:52:7c:af:05:bc:d0:ac:7b:85:e9:b5:aa:32: c5:29:1c:73:7e:e6:ed:ed:13:e2:96:aa:c9:18:76: 81:7e:ee:71:e6:cc:26:34:a2:c9:09:43:c8:0e:de: fb:11:47:92:a3:1e:35:2c:08:7b:79:5d:46:60:78: 62:87:48:c1:cc:03:2e:06:2a:4f:bf:ac:80:e9:d8: 69:1c:fb:f3:e8:34:9c:71:fd:d4:77:b5:44:96:8e: 00:4b:aa:aa:0d:3d:7d:4d:cf:d6:f2:3c:93:6c:11: ca:aa:87:c6:69:72:fd:98:b4:0e:1c:25:a1:0d:36: 61:5b:93:b8:08:8d:6d:eb:aa:e1:4b:cb:cb:e9:d7: f3:9f:d2:b9:ff:95:a2:90:d2:9d:9b:71:46:00:f2: 96:60:c5:1e:a2:64:e7:63:de:d0:17:12:1b:97:62: c4:aa:b2:d7:85:8f:1a:f4:e9:8b:97:ee:eb:fe:bb: be:7d:ce:bc:91:16:10:57:dd:79:dc:3a:f2:1b:df: 2d:e1:22:5b:39:0d:20:90:9d:61:05:74:a1:41:dc: 47:d3:c6:b2:9b:0e:4c:7b:76:91:d5:f4:84:d7:a8: fe:00:78:39:ce:00:57:0a:f2:3b:26:12:04:a2:cd: d7:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:79:C8:7B:3D:55:CE:2C:97:E8:1E:35:53:DB:89:A9:B1:2A:FD:BA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.158.0/23 Signature Algorithm: sha256WithRSAEncryption 0a:48:55:a3:67:ed:f5:98:6b:19:5e:76:38:8d:5a:7f:ff:ea: eb:17:ab:f3:9e:6f:ea:9a:a8:89:ae:aa:19:82:84:af:dc:7c: b8:9b:b3:76:c7:ed:66:4d:08:e4:41:0d:f1:49:52:e3:42:0b: a6:e5:32:bb:9b:03:94:ee:21:5b:02:2b:f7:6e:ad:f4:f4:8a: 6c:4d:85:3a:37:0c:19:7a:e0:3e:1a:e9:45:b4:5e:40:b3:cf: 31:89:a8:d8:43:92:d2:c1:fe:4e:58:79:44:66:d3:9d:af:ad: 7f:d6:69:6b:82:b9:f4:4f:36:45:2b:5d:d4:bc:ff:01:f9:39: fc:cb:2b:9f:aa:d0:d9:b5:f3:5b:f5:84:74:c2:d9:f6:f5:d7: 7b:e0:ba:12:3a:a8:6a:e2:c4:de:98:0f:6f:b4:d7:52:72:dc: 12:67:ee:77:ed:38:64:d0:07:c6:e4:a4:fc:a4:9a:23:33:a6: 20:9e:86:77:6b:47:97:d8:50:97:44:ba:c8:8d:db:fa:67:35: 0a:5d:1a:e9:ed:2b:96:f5:25:45:96:3f:e2:d6:27:06:b4:03: a4:61:90:bf:1b:6f:15:90:36:8c:c2:d5:46:ed:31:79:f7:41: c2:07:4b:19:29:68:61:d4:62:da:83:03:e7:b5:f7:8a:5a:b5: 17:d7:13:cd -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEFbGFvWLspu0feOIP+XwQKw1/hgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxOTE1MDEwM1oX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAN2M1ODkwMGYwOWJlYzcxMWJlNDgy ODdiNjM3YzNhN2Y1MTIyMTNhMDU1NDNhYTk2Y2E3YmUxMTdlZDE1MGY1MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66sJEFVRKoUTisyds6MTOVJ8rwW8 0Kx7hem1qjLFKRxzfubt7RPilqrJGHaBfu5x5swmNKLJCUPIDt77EUeSox41LAh7 eV1GYHhih0jBzAMuBipPv6yA6dhpHPvz6DSccf3Ud7VElo4AS6qqDT19Tc/W8jyT bBHKqofGaXL9mLQOHCWhDTZhW5O4CI1t66rhS8vL6dfzn9K5/5WikNKdm3FGAPKW YMUeomTnY97QFxIbl2LEqrLXhY8a9OmLl+7r/ru+fc68kRYQV9153DryG98t4SJb OQ0gkJ1hBXShQdxH08aymw5Me3aR1fSE16j+AHg5zgBXCvI7JhIEos3XBQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCR5yHs9Vc4sl+geNVPbiamxKv26MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZTA3MzVkLWE5MWUtNDc4ZC04MmQyLWEzZjA0ZWU0MzVkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9qeMA0GCSqGSIb3DQEBCwUAA4IBAQAKSFWjZ+31mGsZXnY4jVp/ /+rrF6vznm/qmqiJrqoZgoSv3Hy4m7N2x+1mTQjkQQ3xSVLjQgum5TK7mwOU7iFb Aiv3bq309IpsTYU6NwwZeuA+GulFtF5As88xiajYQ5LSwf5OWHlEZtOdr61/1mlr grn0TzZFK13UvP8B+Tn8yyufqtDZtfNb9YR0wtn29dd74LoSOqhq4sTemA9vtNdS ctwSZ+537Thk0AfG5KT8pJojM6YgnoZ3a0eX2FCXRLrIjdv6ZzUKXRrp7SuW9SVF lj/i1icGtAOkYZC/G28VkDaMwtVG7TF590HCB0sZKWhh1GLagwPntfeKWrUX1xPN -----END CERTIFICATE-----Generated at Tue Jun 3 23:09:37 2025 by rpki-client