$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa File: d953b731-7921-47dd-abf3-b7b8cc367900.roa (raw, json) Hash identifier: 1sKs0FEfN/gW+sHEd/vMA+KF+9tRYD6UJhZCGK87WtM= Subject key identifier: 49:E1:41:A7:B9:5C:82:6D:43:0D:1D:08:22:4D:F8:13:57:70:8F:DC Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 1842A8DECD8702522AC1DA2903F6EDC8543C1F45 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa Signing time: Mon 19 May 2025 15:00:01 +0000 ROA not before: Mon 19 May 2025 15:00:01 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:42:a8:de:cd:87:02:52:2a:c1:da:29:03:f6:ed:c8:54:3c:1f:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:01 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=ddb59c5c1f70f2d59dc9c2c654acd19e7ffdf66abac4029d16e1edeccc14ee17, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f0:09:70:08:fe:1f:6a:c6:55:b9:cc:be:68: d7:7b:bf:a2:80:48:3a:9b:d7:ed:ac:bf:26:f6:d4: ac:e3:13:c4:f8:03:53:ce:26:b0:11:58:0c:55:1c: ac:87:f0:a0:c9:b4:0e:11:91:66:1a:b1:02:71:1d: 9b:f6:4f:16:78:5a:f0:60:a2:1a:ed:5a:ce:e1:1b: e8:55:4c:db:33:ab:65:42:ea:f2:8a:62:40:97:45: ec:93:c4:e5:8f:7c:85:4a:6a:8b:f2:dd:8a:40:37: 79:d4:6e:2d:c5:a4:14:c7:bd:af:b0:87:f5:09:d1: f9:e5:11:5e:2c:66:9e:af:77:22:26:cb:b7:a0:fc: 68:54:d7:82:aa:6d:7b:5f:b9:01:57:88:07:d9:63: 5b:57:03:e6:42:76:f7:57:a9:77:e6:7f:32:6f:41: 74:ba:52:f2:0b:78:e3:4e:3e:0a:c9:0f:0d:c2:40: f4:8d:c4:8d:2e:46:1f:a4:51:02:b4:30:c8:a8:88: 0d:c2:c6:fe:78:97:89:f8:96:c9:bd:18:db:7a:68: a2:ae:6c:07:01:88:c3:0b:a6:a4:ae:7f:69:b0:11: 0e:bd:14:54:d8:87:68:96:83:f0:6c:9e:d2:14:b8: 07:b3:04:ff:a4:50:da:f3:41:cf:b5:10:7d:2b:12: 29:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:E1:41:A7:B9:5C:82:6D:43:0D:1D:08:22:4D:F8:13:57:70:8F:DC X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/18 Signature Algorithm: sha256WithRSAEncryption 9d:f2:30:12:5f:9a:b5:a2:86:38:91:de:f0:71:98:1e:1e:19: 9e:93:7c:8e:72:d9:a9:7c:69:99:f7:b8:fe:3b:13:42:34:f5: a9:68:93:4c:f2:b7:d2:94:3d:91:4a:5f:d1:94:5d:a1:fb:6d: 54:e6:84:5d:14:b8:b5:2f:5b:6b:9f:13:66:f6:70:56:fd:cf: 9c:2b:99:cb:7e:e9:9c:54:05:38:ed:5b:b1:1b:7e:c3:8b:6f: 3b:af:08:ee:6a:08:00:59:1a:4d:77:0a:12:8b:be:a2:20:3d: a4:e4:2e:39:55:9d:fd:62:2d:1b:e7:e0:a1:7c:22:99:54:0c: 0a:d5:49:74:01:62:a8:ad:5d:07:2a:aa:91:1d:ee:24:77:05: fb:cc:89:fa:b7:47:e5:2e:92:4f:ff:e7:03:d4:7e:f3:00:27: 90:4e:d3:f0:1e:ad:ec:01:51:7f:44:af:a7:6e:8c:b3:d9:69: d9:54:97:f9:86:66:43:42:4a:9c:64:4f:a9:9b:8b:44:2e:4f: d0:31:30:e9:07:85:0d:5d:e4:06:cc:63:96:3a:6f:e2:de:4c: 4b:b4:ea:79:00:a2:3b:2e:a7:52:1e:63:f0:e3:c6:e1:d8:30: 50:d1:c0:11:97:f7:a9:25:26:13:8f:55:39:36:9c:30:e0:5b: cc:07:b4:52 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGEKo3s2HAlIqwdopA/btyFQ8H0UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAwMVoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAZGRiNTljNWMxZjcwZjJkNTlkYzlj MmM2NTRhY2QxOWU3ZmZkZjY2YWJhYzQwMjlkMTZlMWVkZWNjYzE0ZWUxNzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvAJcAj+H2rGVbnMvmjXe7+igEg6 m9ftrL8m9tSs4xPE+ANTziawEVgMVRysh/CgybQOEZFmGrECcR2b9k8WeFrwYKIa 7VrO4RvoVUzbM6tlQuryimJAl0Xsk8Tlj3yFSmqL8t2KQDd51G4txaQUx72vsIf1 CdH55RFeLGaer3ciJsu3oPxoVNeCqm17X7kBV4gH2WNbVwPmQnb3V6l35n8yb0F0 ulLyC3jjTj4KyQ8NwkD0jcSNLkYfpFECtDDIqIgNwsb+eJeJ+JbJvRjbemiirmwH AYjDC6akrn9psBEOvRRU2IdoloPwbJ7SFLgHswT/pFDa80HPtRB9KxIpbwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEnhQae5XIJtQw0dCCJN+BNXcI/cMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2Q5NTNiNzMxLTc5MjEtNDdkZC1hYmYzLWI3YjhjYzM2NzkwMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQCd8jASX5q1ooY4kd7wcZge Hhmek3yOctmpfGmZ97j+OxNCNPWpaJNM8rfSlD2RSl/RlF2h+21U5oRdFLi1L1tr nxNm9nBW/c+cK5nLfumcVAU47VuxG37Di287rwjuaggAWRpNdwoSi76iID2k5C45 VZ39Yi0b5+ChfCKZVAwK1Ul0AWKorV0HKqqRHe4kdwX7zIn6t0flLpJP/+cD1H7z ACeQTtPwHq3sAVF/RK+nboyz2WnZVJf5hmZDQkqcZE+pm4tELk/QMTDpB4UNXeQG zGOWOm/i3kxLtOp5AKI7LqdSHmPw48bh2DBQ0cARl/epJSYTj1U5Npww4FvMB7RS -----END CERTIFICATE-----Generated at Tue Jun 3 23:36:28 2025 by rpki-client