$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: qXXEdeNpJnbmALkEwpslGjOpbxtjS7x0JpvBJQCUBmM= Subject key identifier: 8F:22:04:A8:B0:C1:CC:2B:65:A1:F5:EB:E8:8F:EF:70:C8:34:92:0C Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 3BE0AA4890F0624655C3ACC1E2D8C9E76BE29E47 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Mon 26 May 2025 15:00:05 +0000 ROA not before: Mon 26 May 2025 15:00:05 +0000 ROA not after: Mon 30 Jun 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:e0:aa:48:90:f0:62:46:55:c3:ac:c1:e2:d8:c9:e7:6b:e2:9e:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: May 26 15:00:05 2025 GMT Not After : Jun 30 23:59:59 2025 GMT Subject: serialNumber=63244a6dcfea61bd5f1843186b1ea9478bd5c48238a2778e2403cdeaef2b22a7, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f3:ca:f5:4c:e1:04:13:1e:11:ff:68:6d:f8: bb:b4:73:e3:eb:d5:63:c0:16:7e:36:c2:93:72:69: 56:52:0a:17:73:91:11:29:55:ae:97:80:34:c9:17: c0:f2:e2:07:33:78:76:ed:7e:24:bc:1a:b0:8d:2e: 7e:8a:9c:fc:0c:68:07:10:f9:c1:0e:61:c8:b2:fc: 43:82:b7:c7:23:fd:0e:69:ed:0b:76:63:4b:2f:f4: 87:56:64:50:d8:08:0a:a9:83:72:14:7c:28:9f:1f: 72:6c:57:8f:7a:a6:9a:35:02:bf:59:93:d3:12:53: 17:f4:ca:ad:95:4a:fc:30:bf:01:97:36:6f:8d:e4: 5a:07:d4:58:3c:48:7f:6a:88:31:6d:fe:62:61:18: 47:ab:39:9a:8d:72:dd:4f:f1:50:fc:05:7d:7d:ee: 6d:f5:78:a8:fe:2d:88:e8:2b:42:5d:6e:29:48:24: 59:b4:bc:54:cc:02:bd:0b:07:f7:b8:db:02:38:7b: a0:e0:83:50:e0:02:bf:6e:bf:2b:12:05:58:f1:67: 8c:88:f0:a6:7d:b2:00:78:00:fd:2d:bc:05:0b:53: 96:84:78:c2:db:8e:d9:cf:8c:73:b3:bf:e9:53:b9: 44:99:4c:ad:52:14:c0:1d:b0:6e:d4:2d:8f:9b:14: e8:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:22:04:A8:B0:C1:CC:2B:65:A1:F5:EB:E8:8F:EF:70:C8:34:92:0C X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 23:33:24:5d:89:f3:d6:75:48:d0:18:ab:f5:86:b5:df:23:90: 1f:d3:85:5b:86:2d:80:94:30:f0:44:a0:6a:46:b7:46:07:6d: c5:db:c7:fb:46:a1:17:7a:e2:be:7c:4e:6b:4c:fc:73:f0:23: 71:99:5b:37:34:3d:b1:74:be:56:7f:cd:73:cd:5b:30:2c:45: 25:b8:dc:a2:d6:cd:3f:45:3f:72:43:3c:92:9a:6a:80:48:a8: 50:79:a6:7a:d6:ef:7d:9a:b7:89:7f:cb:49:42:2c:6f:37:af: 7d:ee:71:2e:e3:48:b5:62:07:0b:07:d4:85:44:d4:0f:2b:99: 1e:38:f4:d0:d5:93:1c:71:7c:e9:f3:37:51:59:9d:d7:3f:0f: 63:93:4e:53:62:2b:c5:f6:ac:c1:7c:04:d8:a6:4f:b6:9d:47: 38:42:a1:74:9b:8b:40:69:3b:1a:66:fe:ce:91:52:e2:f7:57: 5f:76:a2:9e:ef:fc:4d:90:66:92:22:f2:d2:19:5e:e3:8e:12: 3b:28:23:c6:b3:e8:cc:9c:e7:55:2d:41:8e:6e:71:0c:a7:78: 75:b8:7f:7b:76:54:e1:00:0b:71:3e:71:46:6e:82:cb:a2:79: fb:69:5f:5e:39:d0:23:00:f5:8e:32:62:4c:f4:1e:bb:e2:63: c0:6d:39:c7 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUO+CqSJDwYkZVw6zB4tjJ52vinkcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDUyNjE1MDAwNVoX DTI1MDYzMDIzNTk1OVowejFJMEcGA1UEBRNANjMyNDRhNmRjZmVhNjFiZDVmMTg0 MzE4NmIxZWE5NDc4YmQ1YzQ4MjM4YTI3NzhlMjQwM2NkZWFlZjJiMjJhNzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPPK9UzhBBMeEf9obfi7tHPj69Vj wBZ+NsKTcmlWUgoXc5ERKVWul4A0yRfA8uIHM3h27X4kvBqwjS5+ipz8DGgHEPnB DmHIsvxDgrfHI/0Oae0LdmNLL/SHVmRQ2AgKqYNyFHwonx9ybFePeqaaNQK/WZPT ElMX9MqtlUr8ML8BlzZvjeRaB9RYPEh/aogxbf5iYRhHqzmajXLdT/FQ/AV9fe5t 9Xio/i2I6CtCXW4pSCRZtLxUzAK9Cwf3uNsCOHug4INQ4AK/br8rEgVY8WeMiPCm fbIAeAD9LbwFC1OWhHjC247Zz4xzs7/pU7lEmUytUhTAHbBu1C2PmxToawIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFI8iBKiwwcwrZaH16+iP73DINJIMMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQAjMyRdifPWdUjQGKv1hrXf I5Af04Vbhi2AlDDwRKBqRrdGB23F28f7RqEXeuK+fE5rTPxz8CNxmVs3ND2xdL5W f81zzVswLEUluNyi1s0/RT9yQzySmmqASKhQeaZ61u99mreJf8tJQixvN6997nEu 40i1YgcLB9SFRNQPK5keOPTQ1ZMccXzp8zdRWZ3XPw9jk05TYivF9qzBfATYpk+2 nUc4QqF0m4tAaTsaZv7OkVLi91dfdqKe7/xNkGaSIvLSGV7jjhI7KCPGs+jMnOdV LUGObnEMp3h1uH97dlThAAtxPnFGboLLonn7aV9eOdAjAPWOMmJM9B674mPAbTnH -----END CERTIFICATE-----Generated at Mon Jun 2 06:19:55 2025 by rpki-client