$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: JZVnOGPutuWnbbdl5SdDl+DOnPMfzq4rXoMPg35NaEI= Subject key identifier: E6:26:EA:CB:64:06:63:E1:DA:4E:DA:5F:E6:BA:06:6C:25:1A:DA:F7 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4215D31B9E0A64C0C268CF99F32E79CC4D9D360F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Tue 27 May 2025 00:00:06 +0000 ROA not before: Tue 27 May 2025 00:00:06 +0000 ROA not after: Tue 01 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:15:d3:1b:9e:0a:64:c0:c2:68:cf:99:f3:2e:79:cc:4d:9d:36:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 27 00:00:06 2025 GMT Not After : Jul 1 23:59:59 2025 GMT Subject: serialNumber=ab3de7284e25786ccd103e50ce2a4bf3ac05b663f78088c2860d8bbe6cb8756d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:8d:72:41:59:e8:1e:b0:b6:7d:87:05:3b:1d: b1:82:c8:04:5b:88:f3:64:24:ac:76:b0:f4:85:c0: 99:60:d3:5e:4d:a2:96:fb:50:22:81:7f:ce:06:9e: 01:43:cc:6c:cd:f0:61:58:1f:d7:20:87:84:af:5b: e1:b1:e2:ed:35:6a:27:db:19:48:50:8d:15:e0:f4: 17:7e:4e:82:e2:06:2d:e4:ec:1f:99:c4:af:66:2e: 40:11:ac:52:fd:66:cc:bd:db:f4:34:d6:47:88:d7: 64:3c:df:bb:74:ac:6b:2b:08:36:a1:6c:92:74:53: c4:35:d1:f6:7c:f1:4d:49:a0:05:c9:25:6e:e7:a8: 94:ea:9e:be:26:27:41:cc:4d:1f:85:d7:7f:b3:88: df:b6:5a:96:9d:88:de:7b:7c:7d:59:e7:68:17:bd: 6c:18:5a:11:4b:fd:52:a6:98:64:27:e7:a9:e5:53: 6e:ae:2e:38:3c:43:59:5c:c3:a0:69:07:54:b9:cb: 6c:be:98:ad:dc:c3:09:89:76:26:d1:99:d0:fd:10: e3:82:9e:4c:3d:4f:1f:f9:f9:55:81:e4:04:f7:c0: da:f9:04:ef:c5:6b:f9:2c:08:b8:49:c2:fb:b4:87: 1b:f3:11:9e:c3:e5:3c:26:aa:b0:c1:78:97:81:bd: d4:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:26:EA:CB:64:06:63:E1:DA:4E:DA:5F:E6:BA:06:6C:25:1A:DA:F7 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 25:73:ea:53:da:75:0c:3c:1e:c6:0d:88:1b:c7:0a:96:24:a7: 28:d9:10:84:64:85:27:70:8e:ac:26:09:de:85:d0:f7:06:de: d4:07:50:59:c6:34:97:e3:25:35:3e:ae:1f:6c:17:7a:89:51: 8e:64:8e:73:ca:d7:af:e5:ce:c1:82:16:e1:18:54:98:6a:66: 98:b7:f7:c9:5f:81:b4:dc:da:ae:7b:8a:14:36:a1:18:54:85: 50:ad:e7:90:6a:6f:27:02:67:f9:e6:a9:59:90:5e:fb:18:9f: a9:e3:be:2d:10:fc:67:41:68:90:a6:21:c6:8b:a1:9b:d4:99: 5c:8e:7a:b3:8a:fb:44:f2:d7:00:4d:d9:5a:a6:b5:be:73:cc: b0:c1:cf:09:93:7b:ce:44:3c:89:99:57:15:54:22:36:75:fd: d7:af:4e:3d:d6:ce:d0:00:c3:e4:ff:d2:9c:3e:2a:f6:cc:83: 98:ca:8c:87:64:77:32:0b:4e:bb:b5:1e:6b:ff:84:55:e5:ba: 77:08:1e:2d:0f:88:da:24:14:73:c9:1e:5c:36:a9:ac:b4:8d: c3:89:de:75:83:a2:f9:1b:eb:56:02:66:a2:3e:1a:ff:11:0f: a0:14:31:30:60:24:56:72:14:ef:71:44:96:eb:07:63:d6:d8: 13:8d:5a:7c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQhXTG54KZMDCaM+Z8y55zE2dNg8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyNzAwMDAwNloX DTI1MDcwMTIzNTk1OVowejFJMEcGA1UEBRNAYWIzZGU3Mjg0ZTI1Nzg2Y2NkMTAz ZTUwY2UyYTRiZjNhYzA1YjY2M2Y3ODA4OGMyODYwZDhiYmU2Y2I4NzU2ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI1yQVnoHrC2fYcFOx2xgsgEW4jz ZCSsdrD0hcCZYNNeTaKW+1AigX/OBp4BQ8xszfBhWB/XIIeEr1vhseLtNWon2xlI UI0V4PQXfk6C4gYt5OwfmcSvZi5AEaxS/WbMvdv0NNZHiNdkPN+7dKxrKwg2oWyS dFPENdH2fPFNSaAFySVu56iU6p6+JidBzE0fhdd/s4jftlqWnYjee3x9WedoF71s GFoRS/1SpphkJ+ep5VNuri44PENZXMOgaQdUuctsvpit3MMJiXYm0ZnQ/RDjgp5M PU8f+flVgeQE98Da+QTvxWv5LAi4ScL7tIcb8xGew+U8JqqwwXiXgb3U3QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOYm6stkBmPh2k7aX+a6BmwlGtr3MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQAlc+pT2nUMPB7GDYgbxwqW JKco2RCEZIUncI6sJgnehdD3Bt7UB1BZxjSX4yU1Pq4fbBd6iVGOZI5zytev5c7B ghbhGFSYamaYt/fJX4G03Nque4oUNqEYVIVQreeQam8nAmf55qlZkF77GJ+p474t EPxnQWiQpiHGi6Gb1JlcjnqzivtE8tcATdlaprW+c8ywwc8Jk3vORDyJmVcVVCI2 df3Xr0491s7QAMPk/9KcPir2zIOYyoyHZHcyC067tR5r/4RV5bp3CB4tD4jaJBRz yR5cNqmstI3Did51g6L5G+tWAmaiPhr/EQ+gFDEwYCRWchTvcUSW6wdj1tgTjVp8 -----END CERTIFICATE-----Generated at Mon Jun 2 04:42:55 2025 by rpki-client