$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa File: fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa (raw, json) Hash identifier: 9sw8x3UO2JW1A79jzKXoPFh4Pyu4TKgnH4jlCyXPBNc= Subject key identifier: AD:2F:5B:FD:9D:21:97:77:2E:45:EF:AD:F5:A6:F1:C2:32:B9:F7:CA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49D39890169AE486CE0AFE6C1FFA759B0CBA5EE6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa Signing time: Fri 16 May 2025 16:00:06 +0000 ROA not before: Fri 16 May 2025 16:00:06 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.221.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:d3:98:90:16:9a:e4:86:ce:0a:fe:6c:1f:fa:75:9b:0c:ba:5e:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 16:00:06 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=6b2e30b2654ebdc3417731dc6f461f246b54c6332f691e460a4da9dc5722b5d3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a3:32:b9:e1:a3:3e:a1:bf:bc:6f:e8:1b:ef: 00:a1:96:72:b7:96:21:c3:95:85:38:f7:29:3c:40: 44:b2:d4:0c:2f:5f:61:51:6c:39:f6:f7:c7:2b:d6: 84:c9:6a:02:d0:f4:d5:a9:51:10:90:46:8b:52:a6: a6:ef:f9:a3:e4:0c:2d:5e:16:c5:7a:a8:1b:4f:b7: 15:c0:15:69:c4:e6:87:29:13:f3:8d:62:05:3c:e8: 9c:6d:04:db:bc:16:a8:b0:db:49:a2:06:04:09:5f: 1e:ac:2e:0b:16:14:bd:bb:37:fc:39:97:b7:b1:1e: e0:84:46:b7:a7:64:b4:61:25:23:3f:f8:53:f0:18: 36:1b:7a:95:68:61:14:60:cd:cd:ca:d4:02:f1:cf: da:29:cd:be:02:99:7d:73:a7:ed:fc:00:67:19:16: ee:a3:03:12:b4:5e:71:21:3d:d2:56:31:07:d3:8c: 45:7c:3e:5b:85:23:ea:aa:38:6a:51:62:47:9f:f2: 05:b9:76:59:03:0c:f3:be:ee:3b:51:4b:51:c6:3b: 14:52:da:cd:a5:8d:bd:90:27:e8:ee:4b:3e:e9:37: b8:10:db:3b:59:83:88:af:c8:16:60:88:1f:ff:25: 0e:9a:da:1b:10:3b:34:46:58:23:aa:ba:82:37:1f: 10:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:2F:5B:FD:9D:21:97:77:2E:45:EF:AD:F5:A6:F1:C2:32:B9:F7:CA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.221.0.0/16 Signature Algorithm: sha256WithRSAEncryption c7:82:de:e1:de:5f:99:c9:19:94:a8:7b:83:e5:df:ba:c4:5a: 89:eb:bc:c7:57:12:e3:e9:3b:66:7d:da:ea:30:5a:81:3b:01: 59:5a:c3:19:22:c8:e7:bd:e5:3a:31:37:93:6d:ba:8b:65:8d: 70:0f:ea:a4:b2:a6:8c:b9:9a:7e:27:fb:5d:f1:77:29:69:61: f6:5a:35:32:86:af:e8:26:ed:45:68:a8:26:1e:60:d6:ad:c4: b9:07:e4:40:99:48:55:46:29:79:e1:ed:e4:77:86:fc:24:84: 9d:ec:17:04:46:49:c5:97:e7:bb:0f:d0:85:20:87:47:14:53: 08:75:95:cd:0a:de:de:33:da:a4:87:db:05:2a:86:0c:35:bb: 1b:7c:e9:a2:7c:ca:68:03:7a:fc:f8:39:20:5c:66:5f:7e:49: 98:05:1f:a5:16:68:63:89:4d:24:d5:0e:c0:99:de:7f:c2:62: 58:d4:2a:82:04:a9:86:0b:e0:ac:b0:73:ae:b1:0a:0f:c4:01: 37:1a:58:25:be:e3:1b:3d:41:7d:cf:a7:64:82:d0:5a:f8:52: f9:96:3b:32:ec:c8:8f:2f:d3:16:b4:28:f8:6b:c0:6b:0f:7f: 47:b0:7e:f1:2e:3f:41:e8:50:2c:0a:f9:d7:9b:fa:83:38:d6: ff:55:d0:ad -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUSdOYkBaa5IbOCv5sH/p1mwy6XuYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE2MDAwNloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANmIyZTMwYjI2NTRlYmRjMzQxNzcz MWRjNmY0NjFmMjQ2YjU0YzYzMzJmNjkxZTQ2MGE0ZGE5ZGM1NzIyYjVkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqMyueGjPqG/vG/oG+8AoZZyt5Yh w5WFOPcpPEBEstQML19hUWw59vfHK9aEyWoC0PTVqVEQkEaLUqam7/mj5AwtXhbF eqgbT7cVwBVpxOaHKRPzjWIFPOicbQTbvBaosNtJogYECV8erC4LFhS9uzf8OZe3 sR7ghEa3p2S0YSUjP/hT8Bg2G3qVaGEUYM3NytQC8c/aKc2+Apl9c6ft/ABnGRbu owMStF5xIT3SVjEH04xFfD5bhSPqqjhqUWJHn/IFuXZZAwzzvu47UUtRxjsUUtrN pY29kCfo7ks+6Te4ENs7WYOIr8gWYIgf/yUOmtobEDs0RlgjqrqCNx8QjwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFK0vW/2dIZd3LkXvrfWm8cIyuffKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiZDNiYzQxLTY0MWItNDM0MS1hMTM4LWNkYjM3ZGJlNWIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAK90wDQYJKoZIhvcNAQELBQADggEBAMeC3uHeX5nJGZSoe4Pl37rE WonrvMdXEuPpO2Z92uowWoE7AVlawxkiyOe95ToxN5NtuotljXAP6qSypoy5mn4n +13xdylpYfZaNTKGr+gm7UVoqCYeYNatxLkH5ECZSFVGKXnh7eR3hvwkhJ3sFwRG ScWX57sP0IUgh0cUUwh1lc0K3t4z2qSH2wUqhgw1uxt86aJ8ymgDevz4OSBcZl9+ SZgFH6UWaGOJTSTVDsCZ3n/CYljUKoIEqYYL4Kywc66xCg/EATcaWCW+4xs9QX3P p2SC0Fr4UvmWOzLsyI8v0xa0KPhrwGsPf0ewfvEuP0HoUCwK+deb+oM41v9V0K0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:33 2025 by rpki-client