$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa File: e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa (raw, json) Hash identifier: JFzN8gG1qadSQAo2jqcFOQbJ+0Ma89go9LI3E8iUU3k= Subject key identifier: 88:5C:5F:6A:20:C2:79:B1:69:3F:2C:01:29:C2:2E:08:7B:75:BF:85 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4C0873863A3D699E0E41466BFEB61C0F226A919F Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa Signing time: Mon 19 May 2025 15:00:00 +0000 ROA not before: Mon 19 May 2025 15:00:00 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:08:73:86:3a:3d:69:9e:0e:41:46:6b:fe:b6:1c:0f:22:6a:91:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 19 15:00:00 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=6af4552e2ca213b4289e7019afc5649b8cde0d90ab93686ac12ec75458b2ecd2, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:78:0d:cb:20:94:09:01:73:93:8c:fb:5c:bf: 67:f4:17:3c:89:a0:9a:ff:aa:1d:5d:6b:fb:49:ce: 58:07:d7:ba:7e:cf:f0:b0:7b:a5:0c:58:74:8f:58: fe:37:d5:3f:e8:cb:01:97:41:e7:f3:50:82:72:bd: 3e:71:e3:a5:89:8b:83:22:63:85:87:6e:91:6b:79: 8f:e8:5a:86:4c:88:31:14:85:0f:6e:4f:96:41:12: c0:ed:bd:93:34:29:7d:ab:e9:aa:a3:17:51:ce:66: 74:0c:65:b1:5a:e3:a8:62:cf:19:a7:16:72:4f:0e: d4:06:57:e8:ce:2a:29:a4:1c:f2:05:fe:2d:0d:c1: cb:7f:2c:2a:1c:d1:ad:9d:ed:13:7a:d6:5e:88:94: 99:91:4b:f2:16:26:b7:aa:4a:62:96:8f:a8:1a:62: 0d:14:9b:d0:0d:78:fb:3c:43:93:0f:b1:cb:c4:eb: c7:94:1a:df:41:f6:79:dc:0b:d1:5a:80:e6:00:82: 1a:2c:22:7b:1e:db:90:e5:26:4d:5d:46:32:17:90: 22:61:6c:5a:f3:60:9b:e5:38:d8:e2:2b:2a:83:78: 85:39:99:b7:01:de:a5:56:58:67:d9:ab:07:dd:0e: bf:77:b5:82:b8:b4:39:bc:74:f0:f6:76:15:b5:96: 7e:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:5C:5F:6A:20:C2:79:B1:69:3F:2C:01:29:C2:2E:08:7B:75:BF:85 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 9d:92:09:2c:31:2c:32:f2:1b:8a:b2:d7:06:91:d8:c2:5b:fb: 7a:81:ce:ac:db:7b:f0:4a:57:cc:f7:1f:7b:d6:bf:c9:87:fa: a3:43:0d:53:95:9e:79:f8:80:0d:d0:8f:83:e9:8a:16:de:8f: 4e:db:00:86:c4:56:bc:83:c2:7a:6f:03:8e:27:44:15:ea:3e: f3:0d:69:ad:5c:ab:42:85:53:a1:78:99:cb:67:89:f0:f5:58: 6e:a4:76:c1:43:d2:ac:0c:d3:3d:e3:02:90:0a:7a:05:65:f9: b9:90:7c:2f:8e:20:61:e8:5a:40:6d:27:ff:40:63:14:bd:d6: bb:8b:95:78:c0:ae:e2:1a:f4:96:69:a1:a6:aa:a9:50:3f:f0: a0:20:5d:ff:28:73:0c:17:4f:28:a1:a2:bc:f2:96:40:53:b4: 38:f0:e4:10:34:e6:24:70:d5:46:c2:e5:72:c2:e7:af:3f:52: d6:75:0a:18:96:06:02:fd:1d:bc:73:a6:7f:1d:dd:9a:c6:cd: cb:a0:09:d9:5b:cc:c5:ef:6f:12:62:17:bb:6d:0e:9e:e1:12: 6c:51:11:2d:30:d1:80:94:d5:a8:93:09:3c:c4:d9:1d:a0:04: 1c:32:14:7f:35:b2:cc:8b:46:bd:67:c2:5b:67:97:31:6d:ba: 03:53:05:38 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTAhzhjo9aZ4OQUZr/rYcDyJqkZ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDUxOTE1MDAwMFoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNANmFmNDU1MmUyY2EyMTNiNDI4OWU3 MDE5YWZjNTY0OWI4Y2RlMGQ5MGFiOTM2ODZhYzEyZWM3NTQ1OGIyZWNkMjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3gNyyCUCQFzk4z7XL9n9Bc8iaCa /6odXWv7Sc5YB9e6fs/wsHulDFh0j1j+N9U/6MsBl0Hn81CCcr0+ceOliYuDImOF h26Ra3mP6FqGTIgxFIUPbk+WQRLA7b2TNCl9q+mqoxdRzmZ0DGWxWuOoYs8ZpxZy Tw7UBlfozioppBzyBf4tDcHLfywqHNGtne0TetZeiJSZkUvyFia3qkpilo+oGmIN FJvQDXj7PEOTD7HLxOvHlBrfQfZ53AvRWoDmAIIaLCJ7HtuQ5SZNXUYyF5AiYWxa 82Cb5TjY4isqg3iFOZm3Ad6lVlhn2asH3Q6/d7WCuLQ5vHTw9nYVtZZ+LwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIhcX2ogwnmxaT8sASnCLgh7db+FMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2UzMmM5Y2JkLWEyNDEtNGRmNi05OWJiLWU3ZDE1YWJlNGIzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjoMA0GCSqGSIb3DQEBCwUAA4IBAQCdkgksMSwy8huKstcGkdjC W/t6gc6s23vwSlfM9x971r/Jh/qjQw1TlZ55+IAN0I+D6YoW3o9O2wCGxFa8g8J6 bwOOJ0QV6j7zDWmtXKtChVOheJnLZ4nw9VhupHbBQ9KsDNM94wKQCnoFZfm5kHwv jiBh6FpAbSf/QGMUvda7i5V4wK7iGvSWaaGmqqlQP/CgIF3/KHMMF08ooaK88pZA U7Q48OQQNOYkcNVGwuVywuevP1LWdQoYlgYC/R28c6Z/Hd2axs3LoAnZW8zF728S Yhe7bQ6e4RJsUREtMNGAlNWokwk8xNkdoAQcMhR/NbLMi0a9Z8JbZ5cxbboDUwU4 -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:21 2025 by rpki-client