$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa File: 245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa (raw, json) Hash identifier: CE/d6nVwg1CXDHRx89MXVdbFSnEkYXvZKJGqAafbnWM= Subject key identifier: 85:F1:6E:57:4C:BA:ED:26:04:05:C8:35:E7:C1:91:35:2E:D2:2C:9D Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 1F89265D5219D7B62A03CB60319018622E8ED851 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa Signing time: Mon 19 May 2025 15:00:03 +0000 ROA not before: Mon 19 May 2025 15:00:03 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:89:26:5d:52:19:d7:b6:2a:03:cb:60:31:90:18:62:2e:8e:d8:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:03 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=24ed6119daa6ad125260fe1de769027b88488e7369db20e33d2fc91c232b149c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:09:ee:ca:3d:17:8c:89:bc:1d:af:4c:d9:fc: d1:cc:24:8f:a8:60:3d:96:cc:68:b1:37:53:9c:cf: 0a:e6:3f:1f:62:6b:f6:b6:4a:15:0b:dd:42:f0:c4: e9:43:35:0e:38:8a:3e:57:63:93:6d:a7:6f:0b:03: 4e:7a:e4:8d:5b:a9:be:87:e5:f8:e2:d2:9f:6c:94: 49:83:69:6a:6a:6e:9d:95:42:a8:14:96:40:d8:e0: 07:9c:b0:82:df:ed:b6:39:14:98:bf:9b:74:cc:30: 6c:5c:48:7c:97:0d:6e:a9:b8:28:9c:3d:a3:be:0a: c9:4c:38:ed:1f:11:f4:41:18:5b:a7:85:b8:25:e0: 9c:b5:77:ec:76:5d:7e:8f:39:75:3a:a1:0a:bd:1f: d4:6b:dd:37:10:d9:23:44:01:82:72:91:2f:68:f0: ce:46:a1:b5:7b:17:55:31:68:00:68:e7:03:a6:48: 3f:75:62:d1:b5:e5:0c:13:5e:09:68:82:02:6a:ae: 0d:de:8a:54:88:d2:fa:7a:02:f0:d5:0f:08:a5:7e: 5e:5d:0e:78:c1:cc:e7:18:42:cf:92:28:43:1a:87: 59:49:24:37:20:cf:71:4e:ff:e5:aa:dd:5f:68:87: 90:2f:e3:c4:c9:15:57:89:25:76:49:ec:0d:cd:74: 05:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:F1:6E:57:4C:BA:ED:26:04:05:C8:35:E7:C1:91:35:2E:D2:2C:9D X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/19 Signature Algorithm: sha256WithRSAEncryption a3:49:ab:3e:bf:99:2e:ef:1b:f6:4f:d8:53:54:4a:e4:d6:c8: 82:ea:f2:8f:b4:88:ca:68:d7:12:c5:91:18:7a:03:55:85:ab: 72:c3:80:08:5e:83:a4:c8:36:9a:71:1e:98:44:c5:cb:a1:f5: 74:8c:27:f8:9b:4d:ce:98:dc:8f:18:08:b1:04:7f:dd:01:b0: 19:3c:88:d0:35:ef:e9:f5:8e:95:1f:e0:d3:ef:91:4e:6b:38: aa:9d:de:0b:f6:af:18:61:e1:a8:8a:c8:b2:98:9d:40:13:94: 73:2e:c1:f1:c9:78:fa:06:37:1c:03:fe:41:74:68:d9:61:18: df:89:39:e7:d5:57:56:e2:34:7b:86:35:7f:6c:f4:86:b6:65: a5:49:ae:c1:5a:35:dc:a8:87:d5:44:b9:69:ea:09:85:f5:c9: 6f:1b:89:cb:d6:5b:5c:6b:37:97:41:a9:33:ff:d6:e9:55:71: a5:dc:e8:c7:cc:35:0f:13:83:05:ef:97:40:08:c2:69:9d:a5: 85:4f:d6:da:4b:6f:02:b8:92:f8:75:f1:9c:d0:b3:07:2a:0a: 53:88:5a:d5:07:4f:ca:b9:20:17:fc:3d:eb:2b:36:db:fd:d3: 7b:91:9f:77:fe:0b:ca:5a:45:95:89:b3:85:ee:4c:98:22:73: af:a4:11:db -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUH4kmXVIZ17YqA8tgMZAYYi6O2FEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAwM1oX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAMjRlZDYxMTlkYWE2YWQxMjUyNjBm ZTFkZTc2OTAyN2I4ODQ4OGU3MzY5ZGIyMGUzM2QyZmM5MWMyMzJiMTQ5YzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Anuyj0XjIm8Ha9M2fzRzCSPqGA9 lsxosTdTnM8K5j8fYmv2tkoVC91C8MTpQzUOOIo+V2OTbadvCwNOeuSNW6m+h+X4 4tKfbJRJg2lqam6dlUKoFJZA2OAHnLCC3+22ORSYv5t0zDBsXEh8lw1uqbgonD2j vgrJTDjtHxH0QRhbp4W4JeCctXfsdl1+jzl1OqEKvR/Ua903ENkjRAGCcpEvaPDO RqG1exdVMWgAaOcDpkg/dWLRteUME14JaIICaq4N3opUiNL6egLw1Q8IpX5eXQ54 wcznGELPkihDGodZSSQ3IM9xTv/lqt1faIeQL+PEyRVXiSV2SewNzXQFOwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIXxbldMuu0mBAXINefBkTUu0iydMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzI0NWZhNGViLTZkMGQtNGRmNy05ZTJkLTI5YTdkMzlhZGNiOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQFevjAMA0GCSqGSIb3DQEBCwUAA4IBAQCjSas+v5ku7xv2T9hTVErk 1siC6vKPtIjKaNcSxZEYegNVhatyw4AIXoOkyDaacR6YRMXLofV0jCf4m03OmNyP GAixBH/dAbAZPIjQNe/p9Y6VH+DT75FOaziqnd4L9q8YYeGoisiymJ1AE5RzLsHx yXj6BjccA/5BdGjZYRjfiTnn1VdW4jR7hjV/bPSGtmWlSa7BWjXcqIfVRLlp6gmF 9clvG4nL1ltcazeXQakz/9bpVXGl3OjHzDUPE4MF75dACMJpnaWFT9baS28CuJL4 dfGc0LMHKgpTiFrVB0/KuSAX/D3rKzbb/dN7kZ93/gvKWkWVibOF7kyYInOvpBHb -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:39 2025 by rpki-client