$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: Lw4NhEY37CFACIw2dZIVFtI2XJWnZliiPF6u/ul/9WI= Subject key identifier: 38:E8:F5:91:FC:78:7D:F1:54:9B:E9:FF:7A:5A:BB:81:02:BB:1D:D1 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 4D6C357FFBDC3ECCD3517705A053BCBC76ED4686 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Mon 26 May 2025 15:00:03 +0000 ROA not before: Mon 26 May 2025 15:00:03 +0000 ROA not after: Mon 30 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:6c:35:7f:fb:dc:3e:cc:d3:51:77:05:a0:53:bc:bc:76:ed:46:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: May 26 15:00:03 2025 GMT Not After : Jun 30 23:59:59 2025 GMT Subject: serialNumber=e9e25d1bc25e891119362163209dcf4ea323e98ad8a63c1cea3f9c34440219eb, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:33:cb:d6:7c:ac:10:ab:8d:ac:cd:9c:87:c8: 89:17:e4:ce:a1:40:6a:3b:00:8d:9c:f6:83:90:8f: b3:04:a4:f8:22:74:1d:95:30:f2:22:e7:e6:68:2f: 99:4a:3e:59:a9:e5:7a:0d:95:13:26:fc:25:5b:4a: 26:58:43:fc:54:d9:bd:e1:79:52:3b:45:99:96:17: 05:0f:93:b3:62:c3:43:8c:58:87:d2:51:13:d1:41: 16:28:e2:1f:8e:64:20:1e:9e:3e:6a:7a:1a:41:a2: 28:5f:a4:8d:32:27:4e:dc:13:6e:7a:d0:f1:fe:58: 5e:7f:e2:32:7d:df:2d:d7:68:c2:0d:e0:a0:49:b0: 3c:3a:55:b4:0f:9d:ae:24:84:23:fc:52:17:a8:a0: 92:d6:99:c4:db:88:4c:2a:a8:c2:fc:29:dc:a6:85: 2a:98:3a:a0:d9:9b:f2:7f:c0:f2:7f:84:9f:8f:e9: d5:98:4b:01:c8:ed:ac:aa:f4:da:3d:c8:a8:e4:74: ef:00:79:ec:53:7b:d1:c8:a0:33:0e:fa:05:00:a6: a1:3e:22:f8:ab:9d:3b:03:26:78:78:28:63:c0:ad: 8f:58:fa:b2:11:41:57:d3:e6:cd:29:f1:d3:b6:a8: a5:2b:10:b8:58:73:33:31:73:0d:1f:16:89:95:27: 64:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:E8:F5:91:FC:78:7D:F1:54:9B:E9:FF:7A:5A:BB:81:02:BB:1D:D1 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 15:9f:1c:99:ac:71:bf:8b:a6:59:86:61:e3:bb:64:11:ce:2e: b5:07:73:d3:e9:d8:04:10:1b:aa:1e:d1:25:8b:0f:fb:1d:f7: 9c:c7:6f:ac:bc:7f:8b:56:4f:71:6a:13:8d:5e:74:81:1e:b6: 66:4a:1f:fa:9c:25:d9:7a:0c:22:b6:bc:36:3f:5d:8a:ad:43: 3c:38:c9:0c:74:f0:c4:a7:2e:de:42:53:27:d0:f9:4f:2d:1d: ec:d7:1f:e6:54:e7:fa:2b:87:2f:af:e7:bf:df:de:d3:de:0f: 72:cf:fd:e0:9b:8f:5e:35:10:e6:7c:72:4c:b6:df:eb:d1:b5: 6a:60:53:b3:79:e8:ef:ba:96:d8:b0:95:e1:17:86:6d:56:95: 68:d1:26:3c:f0:81:2d:cb:21:32:a5:a2:a0:fb:a2:87:78:ec: 51:0c:42:7b:e1:dd:bf:8d:ce:1a:93:a2:30:1a:9f:56:a1:84: 43:90:1a:55:f9:c2:50:91:87:ef:54:c8:0c:da:e3:a3:95:98: 13:1f:6e:29:e4:38:77:37:4c:b0:7f:e1:5f:10:a6:ac:c2:ce: 7e:93:70:c2:12:a4:2f:67:8b:06:6f:5c:a9:70:7d:94:f3:92: 95:bd:b6:27:60:87:73:74:2c:c2:a1:2b:a0:a4:bc:bc:81:2c: 13:bc:38:eb -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTWw1f/vcPszTUXcFoFO8vHbtRoYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDUyNjE1MDAwM1oX DTI1MDYzMDIzNTk1OVowejFJMEcGA1UEBRNAZTllMjVkMWJjMjVlODkxMTE5MzYy MTYzMjA5ZGNmNGVhMzIzZTk4YWQ4YTYzYzFjZWEzZjljMzQ0NDAyMTllYjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7zPL1nysEKuNrM2ch8iJF+TOoUBq OwCNnPaDkI+zBKT4InQdlTDyIufmaC+ZSj5ZqeV6DZUTJvwlW0omWEP8VNm94XlS O0WZlhcFD5OzYsNDjFiH0lET0UEWKOIfjmQgHp4+anoaQaIoX6SNMidO3BNuetDx /lhef+Iyfd8t12jCDeCgSbA8OlW0D52uJIQj/FIXqKCS1pnE24hMKqjC/CncpoUq mDqg2Zvyf8Dyf4Sfj+nVmEsByO2sqvTaPcio5HTvAHnsU3vRyKAzDvoFAKahPiL4 q507AyZ4eChjwK2PWPqyEUFX0+bNKfHTtqilKxC4WHMzMXMNHxaJlSdkewIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDjo9ZH8eH3xVJvp/3pau4ECux3RMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQAVnxyZrHG/i6ZZhmHju2QR zi61B3PT6dgEEBuqHtEliw/7Hfecx2+svH+LVk9xahONXnSBHrZmSh/6nCXZegwi trw2P12KrUM8OMkMdPDEpy7eQlMn0PlPLR3s1x/mVOf6K4cvr+e/397T3g9yz/3g m49eNRDmfHJMtt/r0bVqYFOzeejvupbYsJXhF4ZtVpVo0SY88IEtyyEypaKg+6KH eOxRDEJ74d2/jc4ak6IwGp9WoYRDkBpV+cJQkYfvVMgM2uOjlZgTH24p5Dh3N0yw f+FfEKasws5+k3DCEqQvZ4sGb1ypcH2U85KVvbYnYIdzdCzCoSugpLy8gSwTvDjr -----END CERTIFICATE-----Generated at Tue Jun 3 23:34:34 2025 by rpki-client