$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: 3vhM7T+8VWGgGetFW+2LlPyL6eqpUX2fRVje9u7sEnE= Subject key identifier: BA:E5:FB:06:BE:4B:25:FC:60:7A:1F:A3:26:BE:29:E8:9E:ED:87:2D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5F0E50B7E1B5AB7DD5BDC81C2E8F311AE43A61B2 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Wed 05 Feb 2025 00:00:00 +0000 ROA not before: Wed 05 Feb 2025 00:00:00 +0000 ROA not after: Wed 12 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:0e:50:b7:e1:b5:ab:7d:d5:bd:c8:1c:2e:8f:31:1a:e4:3a:61:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Feb 5 00:00:00 2025 GMT Not After : Mar 12 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:06:b6:6c:c6:7c:4d:ca:63:14:e8:29:57:dd: 3a:bf:d3:93:68:c7:0f:bb:10:da:41:3e:70:a5:05: 40:16:35:cd:17:b5:e3:56:e1:f4:8c:b6:a5:3c:98: 4e:9c:96:96:82:a2:21:85:4d:83:20:c8:4d:74:1e: 95:93:d1:6a:89:33:66:80:66:6b:a8:e2:35:0c:1e: a9:2e:d3:d3:f8:e0:22:26:76:13:22:b6:1f:51:29: 09:c9:a1:56:c5:e3:2d:04:4d:c5:41:3c:a3:52:e0: 7c:2f:5f:fa:6e:68:f6:1e:14:b5:06:97:5c:68:2e: 2e:aa:23:14:a2:9b:df:12:f0:f5:5a:11:01:b3:24: 69:23:86:b3:a4:a4:bf:6d:a4:d9:f2:c1:76:a3:d5: f0:de:0e:4f:a0:aa:d0:08:11:0f:1a:7b:63:17:d4: 7c:07:ed:44:0e:30:04:9c:5c:84:53:35:4c:71:6a: b2:0a:52:00:a9:5d:1e:be:2a:e3:f3:7f:d6:60:71: 69:e3:4f:e9:65:c2:b3:71:3b:08:14:14:4c:98:27: 11:b2:19:3a:12:1d:37:d5:65:4f:5e:2a:65:fe:67: a9:3a:52:3e:ff:90:dd:4d:8a:d3:1f:e0:66:37:d3: fc:9c:cf:80:26:17:3f:e7:f2:6f:c9:a5:27:18:af: 28:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:E5:FB:06:BE:4B:25:FC:60:7A:1F:A3:26:BE:29:E8:9E:ED:87:2D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 68:97:1c:a9:01:d6:e6:bf:7c:14:c0:14:31:0d:30:75:d5:2f: d3:02:77:96:47:38:ae:1f:1f:4a:54:1e:8a:5f:7e:54:0d:4f: 81:6f:24:bf:55:db:79:ce:07:9e:a9:14:9d:35:a0:45:cf:78: 0f:9d:a2:df:84:66:1d:ab:39:de:94:3e:11:cd:0b:ac:bc:df: b4:75:e5:87:99:60:92:06:44:ce:02:2b:5f:0c:07:9f:86:bf: a5:6f:be:da:25:6b:0a:c4:1c:0b:fb:f0:7d:71:6e:89:42:2f: 4a:93:01:5e:23:40:65:d9:59:6d:03:6d:2a:ec:3c:19:0e:2a: be:b6:34:88:0e:00:94:66:e5:26:45:8a:3f:56:83:97:46:2a: 1a:c0:ed:bf:31:0d:e3:b1:f5:db:bd:b0:5a:64:a6:a1:bb:8a: 02:e1:d6:c1:ff:1f:61:7c:04:6c:6d:6c:f9:71:21:26:aa:1e: 3a:a2:cc:44:65:e7:4a:52:10:12:0c:3b:bd:d0:3a:aa:46:45: 0b:d1:5c:38:40:3f:c0:48:21:b3:bd:6d:64:39:9f:ed:25:71: c7:42:73:26:55:4b:3d:0c:09:9b:79:51:46:9b:38:8e:4c:f5: 6b:50:92:23:36:3c:40:28:a9:b0:7a:76:97:79:dd:f7:ed:dd: 8f:62:c6:95 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXw5Qt+G1q33VvcgcLo8xGuQ6YbIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDIwNTAwMDAwMFoX DTI1MDMxMjIzNTk1OVowejFJMEcGA1UEBRNANDQ1MmNkZmZkNTFiYjFjOTU2YzI0 NmI2Mzg2ZTg0MTc5NjYwYWEwN2E2MTQ3N2NkZDdiMDBiMzZjODkzY2Q0YTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQa2bMZ8TcpjFOgpV906v9OTaMcP uxDaQT5wpQVAFjXNF7XjVuH0jLalPJhOnJaWgqIhhU2DIMhNdB6Vk9FqiTNmgGZr qOI1DB6pLtPT+OAiJnYTIrYfUSkJyaFWxeMtBE3FQTyjUuB8L1/6bmj2HhS1Bpdc aC4uqiMUopvfEvD1WhEBsyRpI4azpKS/baTZ8sF2o9Xw3g5PoKrQCBEPGntjF9R8 B+1EDjAEnFyEUzVMcWqyClIAqV0evirj83/WYHFp40/pZcKzcTsIFBRMmCcRshk6 Eh031WVPXipl/mepOlI+/5DdTYrTH+BmN9P8nM+AJhc/5/JvyaUnGK8oRQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLrl+wa+SyX8YHofoya+Keie7YctMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQBolxypAdbmv3wUwBQxDTB1 1S/TAneWRziuHx9KVB6KX35UDU+BbyS/Vdt5zgeeqRSdNaBFz3gPnaLfhGYdqzne lD4RzQusvN+0deWHmWCSBkTOAitfDAefhr+lb77aJWsKxBwL+/B9cW6JQi9KkwFe I0Bl2VltA20q7DwZDiq+tjSIDgCUZuUmRYo/VoOXRioawO2/MQ3jsfXbvbBaZKah u4oC4dbB/x9hfARsbWz5cSEmqh46osxEZedKUhASDDu90DqqRkUL0Vw4QD/ASCGz vW1kOZ/tJXHHQnMmVUs9DAmbeVFGmziOTPVrUJIjNjxAKKmwenaXed337d2PYsaV -----END CERTIFICATE-----Generated at Sun Feb 16 15:50:55 2025 by rpki-client