$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa File: efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa (raw, json) Hash identifier: AinIPaoYn0m0V2MR+t3H5FCRtUZxwCNBPxGDmA/9WYY= Subject key identifier: FF:FF:A4:81:85:6F:73:AF:26:20:28:97:92:B4:D7:EF:3D:FD:BB:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 47DEAA8093D6DB4D34B738A28FEC9798D1006325 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa Signing time: Fri 16 May 2025 00:01:32 +0000 ROA not before: Fri 16 May 2025 00:01:32 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:de:aa:80:93:d6:db:4d:34:b7:38:a2:8f:ec:97:98:d1:00:63:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:01:32 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=dc4a938a27296b117d5aa79df865aee9981328562adb3830e2796c2508baa287, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:92:b5:c4:89:2b:79:8b:4d:09:90:49:04:fe: 7f:aa:ac:22:5a:90:d8:52:01:2e:84:aa:6b:a8:53: 68:43:7b:8c:c3:5b:23:05:29:3a:60:18:92:5d:18: d8:24:e9:83:65:56:2c:be:3d:bc:98:98:78:df:00: b9:fd:c8:76:ff:61:62:89:00:63:23:40:cd:0a:1e: b9:83:62:d0:7a:ab:1e:c3:63:f3:0f:56:ef:f8:66: 9e:44:80:04:b9:80:25:67:1e:31:75:5a:b3:39:8e: d3:66:ab:92:d9:cf:1d:c5:ab:29:c8:52:58:99:d8: 12:00:78:1e:49:7d:a6:35:13:34:c8:af:35:b2:ea: 51:7b:74:00:ff:06:b5:0e:46:9a:24:eb:be:61:f4: 17:92:24:5f:5f:b1:07:95:9b:d8:0c:ed:c3:74:38: 4c:66:30:16:c6:62:5e:79:f0:d1:67:9f:d7:59:5f: 61:fa:9e:0e:c6:1d:d1:03:e0:8a:1f:50:72:52:20: 89:b7:46:15:89:18:30:3c:b0:65:a2:9c:93:ce:df: 86:71:75:1f:ef:24:f3:60:bb:21:cd:a6:c2:41:ee: 50:d4:af:72:e4:d2:5f:16:f9:a1:93:ce:44:bc:c3: ef:4f:39:8a:09:bd:6c:22:06:b7:c7:51:e5:eb:16: c8:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:FF:A4:81:85:6F:73:AF:26:20:28:97:92:B4:D7:EF:3D:FD:BB:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption 2e:37:31:80:42:df:61:7f:7d:18:ed:ed:8b:d8:e3:bb:37:cc: bd:18:09:f9:64:d4:67:5a:1d:08:62:a1:2f:66:e5:9b:99:ff: 4b:c8:a1:c0:7e:60:6b:c8:79:02:b0:27:8b:22:ec:18:41:76: d5:00:c0:c0:de:94:28:8c:96:67:76:57:8d:93:15:6b:34:da: 0b:25:43:95:11:3d:3b:b0:b1:5a:b4:51:fc:72:dc:41:73:f9: 07:7d:f1:2c:fc:4f:40:f6:60:0d:6e:71:0d:7f:55:62:d6:9f: 5a:d9:3a:46:4a:04:86:c4:e1:cb:bd:dd:ba:54:58:96:35:9f: f2:38:93:c3:68:c7:e1:ab:fe:32:4d:44:67:32:bd:ea:45:07: 0d:2a:3d:aa:ac:d6:6e:89:06:25:78:ea:a9:ca:92:ab:0d:94: 07:01:1c:e7:c9:fe:4d:7f:a6:57:ac:37:2d:c5:bc:58:1f:c5: 04:e8:49:c6:f8:b1:08:36:db:63:23:84:8f:74:27:8e:50:65: 7c:9f:d4:76:04:40:6f:4f:e1:dd:a3:7c:0d:58:5e:a3:d0:1b: f8:30:48:9d:0a:5b:73:4f:58:45:08:ab:b3:f9:15:e2:78:c1: 51:a8:34:ea:7f:f4:c3:ab:81:f2:bf:48:1a:b7:0f:e9:18:19: df:17:f0:3b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUR96qgJPW2000tziij+yXmNEAYyUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMDEzMloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZGM0YTkzOGEyNzI5NmIxMTdkNWFh NzlkZjg2NWFlZTk5ODEzMjg1NjJhZGIzODMwZTI3OTZjMjUwOGJhYTI4NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZK1xIkreYtNCZBJBP5/qqwiWpDY UgEuhKprqFNoQ3uMw1sjBSk6YBiSXRjYJOmDZVYsvj28mJh43wC5/ch2/2FiiQBj I0DNCh65g2LQeqsew2PzD1bv+GaeRIAEuYAlZx4xdVqzOY7TZquS2c8dxaspyFJY mdgSAHgeSX2mNRM0yK81supRe3QA/wa1DkaaJOu+YfQXkiRfX7EHlZvYDO3DdDhM ZjAWxmJeefDRZ5/XWV9h+p4Oxh3RA+CKH1ByUiCJt0YViRgwPLBlopyTzt+GcXUf 7yTzYLshzabCQe5Q1K9y5NJfFvmhk85EvMPvTzmKCb1sIga3x1Hl6xbIIwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFP//pIGFb3OvJiAol5K01+89/btBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VmZDJhYzNkLWRjMzgtNGQ5My1hYWFjLTRjYmQ2Y2M5MTFjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQAuNzGAQt9hf30Y7e2L2OO7 N8y9GAn5ZNRnWh0IYqEvZuWbmf9LyKHAfmBryHkCsCeLIuwYQXbVAMDA3pQojJZn dleNkxVrNNoLJUOVET07sLFatFH8ctxBc/kHffEs/E9A9mANbnENf1Vi1p9a2TpG SgSGxOHLvd26VFiWNZ/yOJPDaMfhq/4yTURnMr3qRQcNKj2qrNZuiQYleOqpypKr DZQHARznyf5Nf6ZXrDctxbxYH8UE6EnG+LEINttjI4SPdCeOUGV8n9R2BEBvT+Hd o3wNWF6j0Bv4MEidCltzT1hFCKuz+RXieMFRqDTqf/TDq4Hyv0gatw/pGBnfF/A7 -----END CERTIFICATE-----Generated at Tue Jun 3 23:34:51 2025 by rpki-client