$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: 5yz3N7sgeYJlNaFRAGvPVLT0gFB4h1QEaVzjqKBBdAE= Subject key identifier: BE:59:C8:DD:70:5A:E0:03:DC:57:48:9F:6E:08:24:8E:5B:72:8D:1A Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1B54176EBD2947339290F62941E9824E8A93D1DE Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Tue 22 Apr 2025 00:00:03 +0000 ROA not before: Tue 22 Apr 2025 00:00:03 +0000 ROA not after: Tue 27 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 00:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:54:17:6e:bd:29:47:33:92:90:f6:29:41:e9:82:4e:8a:93:d1:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 22 00:00:03 2025 GMT Not After : May 27 23:59:59 2025 GMT Subject: serialNumber=fdf54e31f7fed3b0a45735c459188ba88297cd475edcfa24793760cbb6654e59, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:e1:69:02:86:59:05:da:6f:ca:b5:90:74:63: ca:2d:41:79:d1:a7:27:fc:4d:9a:f8:48:c0:f4:a2: 9d:2c:16:0f:34:ad:76:96:c5:9d:bd:a7:b1:25:59: 3a:10:b0:c5:83:05:18:31:de:f3:00:47:2e:90:68: eb:15:8f:0e:3f:ea:c6:68:23:7d:79:a8:0a:ea:41: 58:ae:39:96:d8:12:ce:b2:7f:76:4d:08:e6:e0:e0: 6c:f8:2f:f9:be:56:ff:ab:51:dd:54:9f:dd:4f:6f: 03:7b:94:f9:09:6f:dd:15:77:92:b4:ba:ee:45:08: 2f:31:01:fd:11:53:c0:01:ab:e4:fb:e5:53:f4:ba: 18:71:e5:5b:f9:1d:0e:c1:f1:b0:bd:24:17:49:f3: f1:82:05:f0:42:60:f3:13:e3:71:53:3b:e0:a3:20: 80:08:69:54:b1:a2:59:7c:57:41:da:4d:75:98:1c: 25:55:85:4a:c1:9e:f3:53:c9:15:47:20:63:59:e2: d2:9e:b8:cb:d4:df:15:d8:af:5d:f9:2f:1e:cb:46: 97:f7:42:21:32:ab:0d:b0:f8:f2:72:7d:b7:5c:e3: 7d:2a:5b:f5:0b:82:1c:06:0c:38:ed:13:65:ff:58: 8c:e5:c9:b2:7e:1f:69:a6:af:80:b2:90:4c:d1:1e: 3f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:59:C8:DD:70:5A:E0:03:DC:57:48:9F:6E:08:24:8E:5B:72:8D:1A X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 9d:55:d2:00:d5:1b:17:59:7c:55:6e:e8:7d:21:b2:73:d4:8d: 75:0a:31:64:02:ad:ba:88:ac:8d:1e:8f:76:4d:08:ff:64:85: c0:2a:63:0b:a4:e7:08:ae:1d:7c:c4:74:56:c2:e7:76:1e:6a: b4:49:89:d3:ab:f1:9f:0c:a3:1a:43:ac:1d:ee:f7:64:61:16: b7:f0:96:e6:f9:df:e4:59:e8:df:02:b9:cb:71:3e:c8:d4:e6: 5b:c7:ea:73:e0:6c:6c:a0:1b:03:2a:09:7d:61:0e:41:63:f2: d6:0f:ef:19:34:e6:34:be:7c:7f:87:53:25:b5:1b:7f:8b:17: 4a:f3:4d:73:04:ba:84:54:51:4e:9e:bb:84:24:1d:5a:fb:71: 30:14:16:50:60:8d:25:18:2c:15:1f:6f:2e:86:2f:7f:5c:20: 81:8d:66:24:a6:51:c8:f7:ec:79:9b:d3:89:d8:93:5f:e8:49: 34:85:6c:12:c0:ec:84:44:fd:7e:b9:e6:c3:33:ab:61:b8:f2: 6c:7a:ce:b6:6b:d7:5f:23:00:71:f7:1e:4e:24:66:b4:68:8f: 4d:b8:16:59:24:e9:57:86:9e:35:6a:77:5e:11:12:b2:aa:53: 00:fe:ab:05:7c:b5:f4:7d:f4:5a:3e:eb:1e:7a:08:c2:7b:4d: 07:fa:96:fe -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUG1QXbr0pRzOSkPYpQemCToqT0d4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyMjAwMDAwM1oX DTI1MDUyNzIzNTk1OVowejFJMEcGA1UEBRNAZmRmNTRlMzFmN2ZlZDNiMGE0NTcz NWM0NTkxODhiYTg4Mjk3Y2Q0NzVlZGNmYTI0NzkzNzYwY2JiNjY1NGU1OTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+FpAoZZBdpvyrWQdGPKLUF50acn /E2a+EjA9KKdLBYPNK12lsWdvaexJVk6ELDFgwUYMd7zAEcukGjrFY8OP+rGaCN9 eagK6kFYrjmW2BLOsn92TQjm4OBs+C/5vlb/q1HdVJ/dT28De5T5CW/dFXeStLru RQgvMQH9EVPAAavk++VT9LoYceVb+R0OwfGwvSQXSfPxggXwQmDzE+NxUzvgoyCA CGlUsaJZfFdB2k11mBwlVYVKwZ7zU8kVRyBjWeLSnrjL1N8V2K9d+S8ey0aX90Ih MqsNsPjycn23XON9Klv1C4IcBgw47RNl/1iM5cmyfh9ppq+AspBM0R4/OwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFL5ZyN1wWuAD3FdIn24IJI5bco0aMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQCdVdIA1RsXWXxVbuh9IbJz 1I11CjFkAq26iKyNHo92TQj/ZIXAKmMLpOcIrh18xHRWwud2Hmq0SYnTq/GfDKMa Q6wd7vdkYRa38Jbm+d/kWejfArnLcT7I1OZbx+pz4GxsoBsDKgl9YQ5BY/LWD+8Z NOY0vnx/h1MltRt/ixdK801zBLqEVFFOnruEJB1a+3EwFBZQYI0lGCwVH28uhi9/ XCCBjWYkplHI9+x5m9OJ2JNf6Ek0hWwSwOyERP1+uebDM6thuPJses62a9dfIwBx 9x5OJGa0aI9NuBZZJOlXhp41andeERKyqlMA/qsFfLX0ffRaPuseegjCe00H+pb+ -----END CERTIFICATE-----Generated at Fri May 9 07:30:57 2025 by rpki-client