$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json) Hash identifier: ITMg21s1EZe2YRBR9vISQXAg2we2vB+e3mzCkNHMAD4= Subject key identifier: 08:1A:C0:47:77:DC:9F:25:A7:9F:64:B4:C0:F8:AE:B9:A0:F2:74:8D Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 699F44D9CCCD59D1E3234B7D53528E9175B2AFC7 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa Signing time: Mon 19 May 2025 15:00:02 +0000 ROA not before: Mon 19 May 2025 15:00:02 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:9f:44:d9:cc:cd:59:d1:e3:23:4b:7d:53:52:8e:91:75:b2:af:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:02 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=cb551e7539dfbab23f71f2af26c1a5827013e753e8648993c512994c27623098, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:e3:36:00:a3:62:94:38:ca:59:4f:ad:25:40: 99:2f:1c:70:f2:10:a1:e7:cc:36:50:17:e1:58:14: 72:a8:b9:51:92:62:c5:a6:7b:c6:85:cb:b1:14:4e: 60:64:c7:8e:9a:48:6d:21:46:8f:29:46:c5:e8:7d: d0:46:d7:46:e8:52:6c:b5:16:34:da:88:42:1b:d1: 92:d8:45:f6:0c:62:21:96:e0:c9:4e:63:13:58:7a: 27:cc:39:0b:79:0b:3d:ac:2b:bf:3b:86:0b:0e:31: 12:1e:74:79:b1:49:0d:60:be:2e:4c:b6:6f:9f:93: 18:ea:f1:d5:72:a3:b9:f7:56:b1:11:ee:93:51:d1: 67:e9:bc:1a:d9:ec:2d:f1:65:3d:c6:76:60:80:95: 71:61:81:b4:5e:91:c2:a9:9f:a4:c8:8d:f7:5a:7e: e2:be:e3:89:fd:6e:59:d1:49:f8:bc:7a:3b:2a:3b: 64:89:0c:88:2d:e5:68:7d:ca:f2:3b:b2:31:9c:b0: fe:be:e9:80:17:8a:a1:58:b0:94:52:86:d9:3f:3c: 7d:2c:21:70:c1:41:dd:b5:34:3c:d0:e3:b3:2d:52: e2:c2:80:ee:d3:85:cc:78:dd:59:c4:b7:ea:40:99: a7:ec:51:56:41:64:e3:80:13:25:b0:4e:0d:24:ea: 0a:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:1A:C0:47:77:DC:9F:25:A7:9F:64:B4:C0:F8:AE:B9:A0:F2:74:8D X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 0f:d1:77:c9:6c:17:3d:03:1a:17:af:ba:51:e7:30:fa:fa:af: 1b:4f:f3:83:91:ed:64:eb:03:57:8a:a5:63:66:5a:98:2f:69: 40:5d:ce:cf:4f:69:3e:5a:60:be:92:05:ac:0e:f9:62:e9:a0: 0f:19:49:0f:87:b8:ea:c8:0e:69:54:c9:dd:21:a3:dc:92:43: 75:e2:8c:10:40:af:2f:43:de:c6:9c:4b:bc:aa:fb:7f:78:42: 73:ff:ed:d9:38:bf:67:ff:43:e1:72:10:72:0f:6c:dc:68:b3: 8c:29:57:ff:b2:98:83:c9:ce:9d:67:60:32:5c:a6:7d:b0:c5: 85:54:10:9a:c2:b7:c0:cd:5d:9b:49:7c:16:58:7b:3f:65:3a: 42:60:7d:38:d5:f6:60:e9:7c:9e:e2:38:85:c8:aa:c3:96:85: e4:99:44:73:97:d4:14:0b:17:da:55:39:59:3b:dd:cf:9a:54: 0e:6d:bf:32:7b:b6:a0:47:9b:d9:10:7a:83:7e:3c:af:14:21: 3e:43:7d:1e:f2:5b:73:46:77:70:20:0f:f7:f4:02:3c:e4:68: f6:cd:1e:8a:0b:43:f6:8b:fa:d8:dc:30:56:92:64:3e:d3:6f: 0b:4d:74:4f:43:42:8f:a9:46:e0:1c:2f:e5:e3:dc:ce:1d:4a: 8f:02:5a:23 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUaZ9E2czNWdHjI0t9U1KOkXWyr8cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAwMloX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAY2I1NTFlNzUzOWRmYmFiMjNmNzFm MmFmMjZjMWE1ODI3MDEzZTc1M2U4NjQ4OTkzYzUxMjk5NGMyNzYyMzA5ODEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+M2AKNilDjKWU+tJUCZLxxw8hCh 58w2UBfhWBRyqLlRkmLFpnvGhcuxFE5gZMeOmkhtIUaPKUbF6H3QRtdG6FJstRY0 2ohCG9GS2EX2DGIhluDJTmMTWHonzDkLeQs9rCu/O4YLDjESHnR5sUkNYL4uTLZv n5MY6vHVcqO591axEe6TUdFn6bwa2ewt8WU9xnZggJVxYYG0XpHCqZ+kyI33Wn7i vuOJ/W5Z0Un4vHo7KjtkiQyILeVofcryO7IxnLD+vumAF4qhWLCUUobZPzx9LCFw wUHdtTQ80OOzLVLiwoDu04XMeN1ZxLfqQJmn7FFWQWTjgBMlsE4NJOoKYQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAgawEd33J8lp59ktMD4rrmg8nSNMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQAP0XfJbBc9AxoXr7pR5zD6 +q8bT/ODke1k6wNXiqVjZlqYL2lAXc7PT2k+WmC+kgWsDvli6aAPGUkPh7jqyA5p VMndIaPckkN14owQQK8vQ97GnEu8qvt/eEJz/+3ZOL9n/0PhchByD2zcaLOMKVf/ spiDyc6dZ2AyXKZ9sMWFVBCawrfAzV2bSXwWWHs/ZTpCYH041fZg6Xye4jiFyKrD loXkmURzl9QUCxfaVTlZO93PmlQObb8ye7agR5vZEHqDfjyvFCE+Q30e8ltzRndw IA/39AI85Gj2zR6KC0P2i/rY3DBWkmQ+028LTXRPQ0KPqUbgHC/l49zOHUqPAloj -----END CERTIFICATE-----Generated at Tue Jun 3 23:16:05 2025 by rpki-client