$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json) Hash identifier: LFytUjqtp/eYN17Xzda6BpJ1gpiqAA0rUosvQbGpvs4= Subject key identifier: 21:C0:AF:DE:22:8B:AB:A7:95:37:23:F3:B6:7C:00:03:BA:63:8A:D4 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 42D9A110A7BB4D1E6837AD3D6581B72A432C942E Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa Signing time: Mon 19 May 2025 15:00:09 +0000 ROA not before: Mon 19 May 2025 15:00:09 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:d9:a1:10:a7:bb:4d:1e:68:37:ad:3d:65:81:b7:2a:43:2c:94:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 19 15:00:09 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=f0d32bc9020f58391aabdcf3fefb4f438ca6c8a9e8bf6ff0e08ad09639c69263, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:e9:30:f9:41:91:d3:fb:b9:8b:9e:72:2d:a6: 8c:9b:78:db:f4:92:97:ee:a4:82:20:f4:ce:f3:1f: c2:e3:4c:24:a7:56:94:9f:3a:fa:eb:94:96:c2:cb: 76:7a:a6:4b:de:32:e0:11:69:19:a9:a3:7d:a3:22: e9:be:16:aa:97:0d:d6:3a:2a:2f:07:7d:63:8c:01: bb:bf:79:01:f5:43:f7:c7:84:fb:d9:8a:f4:e9:bb: d7:78:d7:c9:ae:f8:f2:83:79:c6:25:80:a4:2f:c8: f0:af:e6:24:12:3e:de:78:ff:91:0c:98:b4:42:57: 75:95:bc:9b:3d:db:09:f5:39:d8:1b:8c:23:e5:6c: 52:77:3c:32:a6:d4:bf:b0:c9:11:ef:81:e3:e8:24: d0:aa:9d:85:23:ee:4a:af:aa:8b:72:92:e5:7f:0a: 80:7e:29:f1:ea:8d:cd:61:d0:d6:86:b7:c9:42:4c: c5:63:35:22:d2:bc:3a:97:c7:74:80:b9:6a:15:29: c3:b0:43:e6:ee:b2:49:f2:2c:5c:7d:e7:b3:96:3c: 94:1d:e5:36:c3:0a:6d:0e:98:6d:fa:0e:5d:94:53: 67:a3:a6:b2:64:52:03:0a:b2:15:af:de:20:49:d2: 6b:0d:15:1e:5c:4c:5a:b9:a0:04:a6:2f:f9:98:ce: 8a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:C0:AF:DE:22:8B:AB:A7:95:37:23:F3:B6:7C:00:03:BA:63:8A:D4 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.224.0/21 Signature Algorithm: sha256WithRSAEncryption 7d:9b:eb:61:99:c9:da:6f:5d:7a:6c:71:58:16:d4:d9:67:61: b7:f8:7c:1b:44:f4:a1:c0:7a:05:8e:1c:0d:d2:b0:27:1e:93: 9e:29:0d:52:90:4f:a9:72:ee:87:79:9c:81:e4:62:bc:d3:69: f8:1b:f7:07:5b:b0:94:fc:90:5e:25:73:74:2e:33:3b:2b:dc: d5:a7:5a:90:8a:44:37:b7:22:b3:62:c8:b9:cf:16:c3:a4:30: dd:53:c0:9b:37:ed:df:59:51:ab:ae:59:2f:7d:ed:e8:c0:74: 06:21:03:f8:83:66:c7:b4:3a:4c:24:f4:31:28:c3:93:0a:09: c4:40:87:94:7a:a4:e2:99:ed:ac:27:bf:e8:f0:9c:dc:6e:7b: 9d:0a:96:cf:90:f4:64:a2:2b:06:c9:29:3a:a5:e1:be:57:de: ee:e0:72:3e:0f:39:2d:7a:5c:6b:ba:2c:54:b9:a7:62:44:43: 74:c6:f0:bf:93:e7:02:46:02:2f:d6:4f:76:d0:b2:7c:c9:19: 8f:8f:47:01:b6:21:d7:8c:92:a3:da:c6:c3:ef:40:5d:4d:80: dd:98:16:fe:6a:9a:dd:06:d5:69:9d:ac:50:a0:1c:9b:1a:1b: 24:6a:a1:b1:c1:99:85:8b:37:8c:99:86:41:c7:34:20:e3:3f: d0:88:1c:56 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQtmhEKe7TR5oN609ZYG3KkMslC4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUxOTE1MDAwOVoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAZjBkMzJiYzkwMjBmNTgzOTFhYWJk Y2YzZmVmYjRmNDM4Y2E2YzhhOWU4YmY2ZmYwZTA4YWQwOTYzOWM2OTI2MzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Okw+UGR0/u5i55yLaaMm3jb9JKX 7qSCIPTO8x/C40wkp1aUnzr665SWwst2eqZL3jLgEWkZqaN9oyLpvhaqlw3WOiov B31jjAG7v3kB9UP3x4T72Yr06bvXeNfJrvjyg3nGJYCkL8jwr+YkEj7eeP+RDJi0 Qld1lbybPdsJ9TnYG4wj5WxSdzwyptS/sMkR74Hj6CTQqp2FI+5Kr6qLcpLlfwqA finx6o3NYdDWhrfJQkzFYzUi0rw6l8d0gLlqFSnDsEPm7rJJ8ixcfeezljyUHeU2 wwptDpht+g5dlFNno6ayZFIDCrIVr94gSdJrDRUeXExauaAEpi/5mM6KCwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCHAr94ii6unlTcj87Z8AAO6Y4rUMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQB9m+thmcnab116bHFYFtTZ Z2G3+HwbRPShwHoFjhwN0rAnHpOeKQ1SkE+pcu6HeZyB5GK802n4G/cHW7CU/JBe JXN0LjM7K9zVp1qQikQ3tyKzYsi5zxbDpDDdU8CbN+3fWVGrrlkvfe3owHQGIQP4 g2bHtDpMJPQxKMOTCgnEQIeUeqTime2sJ7/o8JzcbnudCpbPkPRkoisGySk6peG+ V97u4HI+DzktelxruixUuadiREN0xvC/k+cCRgIv1k920LJ8yRmPj0cBtiHXjJKj 2sbD70BdTYDdmBb+aprdBtVpnaxQoBybGhskaqGxwZmFizeMmYZBxzQg4z/QiBxW -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:15 2025 by rpki-client