$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: rf2v4RBHbUfcVUvEvyhS8F1dzbdfvmk/PiOmuEUEFPM= Subject key identifier: 67:35:8A:9C:A3:85:52:29:EB:44:1F:73:88:80:E4:8A:CB:77:F9:F3 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 66805FFC2375F957BAF09534D1D1DB9A19BF12EC Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Tue 13 May 2025 00:00:02 +0000 ROA not before: Tue 13 May 2025 00:00:02 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:80:5f:fc:23:75:f9:57:ba:f0:95:34:d1:d1:db:9a:19:bf:12:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 13 00:00:02 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=783195535d4127d937b2620f18c629b92a972a4a717ab1a5b7f0ab7089f2e4d4, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:24:79:6d:1a:4d:be:2e:3f:35:df:95:06:d9: 21:d7:7a:fc:39:97:26:6a:4f:81:69:fa:62:0b:57: e8:be:96:46:55:4f:ea:9f:bb:5d:48:fb:7e:58:27: d0:1c:4c:d1:69:94:5d:b8:2b:7d:08:19:45:0a:e0: 48:94:30:81:50:5e:f3:b1:ac:8b:0b:c5:ed:17:bf: 56:69:a5:31:84:76:bb:a0:d4:7c:b9:7a:87:b3:bf: cc:c9:26:cf:49:8b:f1:ac:03:47:66:5c:c3:7d:2a: b2:39:95:1f:e3:c5:e4:7d:a3:af:ff:31:f1:4a:ce: 3d:95:d7:c0:b5:53:94:27:6e:23:0f:d5:e6:ab:df: 17:8e:6f:91:24:ea:90:7e:9f:c7:98:cc:27:e4:41: 01:c1:de:3b:f3:f2:36:b5:6a:4d:01:ee:b0:98:f7: 7c:23:ad:71:75:06:dc:45:0d:ef:4a:a6:16:ff:a4: cd:28:7d:3c:2f:4a:b2:4c:49:57:ae:5f:66:44:d3: aa:6a:2f:94:84:5f:9b:42:1d:80:22:eb:63:fd:05: c2:17:b3:91:bf:fb:a8:25:6d:67:43:1a:53:19:f9: c5:a1:cc:af:89:b7:29:d8:a1:79:e6:ad:df:6d:36: b3:e8:77:ee:45:50:af:88:b4:20:b8:bc:e8:4d:19: f4:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:35:8A:9C:A3:85:52:29:EB:44:1F:73:88:80:E4:8A:CB:77:F9:F3 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 94:17:f1:19:19:a3:8c:dc:42:a8:d4:79:d6:51:fc:d2:19:90: 6a:79:17:fe:a0:3d:ef:e6:9c:6f:b1:b6:5c:92:45:0e:b6:52: 2e:59:59:76:b5:07:b8:62:03:b5:30:04:8c:09:68:47:80:07: f4:b5:2f:90:6e:3a:4b:4c:93:56:86:ee:c3:a3:a4:7f:40:7e: e2:49:67:d9:4b:eb:74:93:e2:d5:e8:e6:3a:02:3b:5b:6c:f8: ec:a8:a6:7a:8f:47:36:61:be:04:e1:36:3f:86:f7:93:fa:05: 11:a9:d9:b2:e7:71:c8:2f:a8:d7:77:6a:b4:5e:fc:d4:65:20: 27:be:8d:f2:2c:2c:7c:22:e5:04:23:df:9a:f5:6d:d6:0a:c3: 7d:99:b0:81:7c:5c:1b:c7:81:8a:04:fe:fd:31:7f:ef:2e:c8: 2e:bd:ee:1b:a1:d4:9f:18:6e:e0:e6:00:4a:b5:c8:49:37:ff: 7a:07:38:d3:07:08:37:1c:57:e3:84:48:0f:88:6d:ad:97:e6: 5c:ec:1b:58:74:5a:65:0b:84:cd:a4:4d:fa:bc:31:20:01:4e: f7:21:8a:84:16:f8:96:ab:ce:35:6d:44:6f:57:e9:a0:0e:6a: d1:69:80:f6:80:81:3d:32:b5:43:6c:25:7f:a9:ca:39:c7:ad: 26:97:d6:ac -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZoBf/CN1+Ve68JU00dHbmhm/EuwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxMzAwMDAwMloX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNANzgzMTk1NTM1ZDQxMjdkOTM3YjI2 MjBmMThjNjI5YjkyYTk3MmE0YTcxN2FiMWE1YjdmMGFiNzA4OWYyZTRkNDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyR5bRpNvi4/Nd+VBtkh13r8OZcm ak+BafpiC1fovpZGVU/qn7tdSPt+WCfQHEzRaZRduCt9CBlFCuBIlDCBUF7zsayL C8XtF79WaaUxhHa7oNR8uXqHs7/MySbPSYvxrANHZlzDfSqyOZUf48XkfaOv/zHx Ss49ldfAtVOUJ24jD9Xmq98Xjm+RJOqQfp/HmMwn5EEBwd478/I2tWpNAe6wmPd8 I61xdQbcRQ3vSqYW/6TNKH08L0qyTElXrl9mRNOqai+UhF+bQh2AIutj/QXCF7OR v/uoJW1nQxpTGfnFocyvibcp2KF55q3fbTaz6HfuRVCviLQguLzoTRn0qQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGc1ipyjhVIp60Qfc4iA5IrLd/nzMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQCUF/EZGaOM3EKo1HnWUfzS GZBqeRf+oD3v5pxvsbZckkUOtlIuWVl2tQe4YgO1MASMCWhHgAf0tS+QbjpLTJNW hu7Do6R/QH7iSWfZS+t0k+LV6OY6AjtbbPjsqKZ6j0c2Yb4E4TY/hveT+gURqdmy 53HIL6jXd2q0XvzUZSAnvo3yLCx8IuUEI9+a9W3WCsN9mbCBfFwbx4GKBP79MX/v Lsguve4bodSfGG7g5gBKtchJN/96BzjTBwg3HFfjhEgPiG2tl+Zc7BtYdFplC4TN pE36vDEgAU73IYqEFviWq841bURvV+mgDmrRaYD2gIE9MrVDbCV/qco5x60ml9as -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:35 2025 by rpki-client