$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/74efe8b3-d39c-4a8b-9b7b-5994aa4c8d82.roa File: 74efe8b3-d39c-4a8b-9b7b-5994aa4c8d82.roa (raw, json) Hash identifier: 3NuGWOh4jKoQsWCnRhmyJP4MJZ/9sIy6VqWvv+4QnK0= Subject key identifier: D1:8B:FD:28:91:F7:40:69:6F:B4:B0:86:28:DA:46:78:51:80:EF:B4 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 72E71885A6F63F985E946BF2A2707A3A39C08D3D Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/74efe8b3-d39c-4a8b-9b7b-5994aa4c8d82.roa Signing time: Mon 19 May 2025 15:00:10 +0000 ROA not before: Mon 19 May 2025 15:00:10 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:e7:18:85:a6:f6:3f:98:5e:94:6b:f2:a2:70:7a:3a:39:c0:8d:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 19 15:00:10 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=c7afa048ec84f8094e6a20a03ea52ffaa2bdd748ebaa07cc47c977e3a4584927, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:66:7a:98:f4:15:f4:76:ab:92:2d:f5:b4:a6: d2:52:25:10:b6:34:1a:b8:59:42:6d:4e:44:e5:f4: 17:b2:ec:de:41:c6:b9:4a:77:da:12:01:88:34:5f: 6d:d9:cd:8f:19:49:96:13:ba:d2:b9:44:a2:41:67: ab:ba:2d:7f:88:2a:76:21:56:31:ac:0f:8a:e5:e9: df:2c:c4:5a:ef:87:00:3a:41:33:8b:74:17:67:2b: 2a:a9:18:9f:c1:e7:15:5d:30:42:28:0f:ad:54:a3: 56:3e:36:07:44:12:b3:9a:85:63:8d:e4:4e:35:44: 50:72:ae:7d:c1:3d:f3:b4:67:16:12:7c:67:58:22: b5:3c:83:83:40:a1:c3:ed:6a:8c:ff:59:6d:76:f1: 1b:53:73:49:5e:90:c1:58:02:3c:f7:9e:b1:79:fa: 9c:37:12:3b:00:2b:05:e7:29:f8:3b:7e:3b:85:8f: 53:81:60:6a:a3:6c:f8:86:aa:c9:48:2f:61:c1:32: e0:e5:9d:00:4e:87:bf:e0:c5:03:93:37:f2:f9:3b: cc:a0:f6:60:e1:2e:90:93:c3:54:a9:1d:06:ab:b2: 23:6b:74:6f:9c:e7:0f:09:ec:b9:6f:2a:cb:48:e9: 3e:8e:31:85:c6:6d:20:80:aa:76:16:41:80:44:19: 62:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:8B:FD:28:91:F7:40:69:6F:B4:B0:86:28:DA:46:78:51:80:EF:B4 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/74efe8b3-d39c-4a8b-9b7b-5994aa4c8d82.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.240.0/20 Signature Algorithm: sha256WithRSAEncryption a8:1f:3b:57:50:2a:23:95:58:74:a6:19:ea:cb:65:1e:f3:bb: 0f:b3:2d:d5:7f:9c:b5:80:90:cb:49:da:e3:fc:14:64:54:69: 5d:51:92:29:2e:cf:95:a6:95:b5:d3:56:42:d5:f5:0f:aa:88: 1d:60:6f:bf:e7:e3:ca:f2:2b:23:fd:e8:8a:b4:04:26:35:36: 06:e7:33:a3:68:06:8a:f7:b5:60:06:7f:05:9d:b7:08:0e:89: 64:5d:87:98:e4:8f:37:cf:b1:45:12:cc:fb:c5:18:3b:f7:8f: 85:12:54:58:cf:af:12:33:ac:f0:b4:77:82:d9:59:aa:5b:36: fa:7e:0f:ac:6d:d0:d0:63:c2:3b:85:b1:84:22:29:3d:43:c1: bd:a3:0f:24:01:23:77:b7:dc:45:2e:65:14:ef:1f:e9:79:29: 04:5e:5e:36:4f:dd:00:d4:8e:dd:b8:bc:cd:a6:a3:63:08:f3: 65:36:c3:51:66:e9:70:09:65:2c:61:e3:7d:a9:62:ed:9a:59: f7:a3:03:79:d5:fd:2b:22:4b:8d:d7:b8:b9:95:3d:fa:39:ec: cb:f6:de:84:39:96:8c:ef:cf:cb:af:81:71:58:90:cc:79:ba: cc:a0:89:12:1b:b3:4f:1d:7e:56:8b:45:36:c9:d5:d8:5e:26: a2:c6:a1:ef -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcucYhab2P5helGvyonB6OjnAjT0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUxOTE1MDAxMFoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAYzdhZmEwNDhlYzg0ZjgwOTRlNmEy MGEwM2VhNTJmZmFhMmJkZDc0OGViYWEwN2NjNDdjOTc3ZTNhNDU4NDkyNzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGZ6mPQV9Harki31tKbSUiUQtjQa uFlCbU5E5fQXsuzeQca5SnfaEgGINF9t2c2PGUmWE7rSuUSiQWerui1/iCp2IVYx rA+K5enfLMRa74cAOkEzi3QXZysqqRifwecVXTBCKA+tVKNWPjYHRBKzmoVjjeRO NURQcq59wT3ztGcWEnxnWCK1PIODQKHD7WqM/1ltdvEbU3NJXpDBWAI8956xefqc NxI7ACsF5yn4O347hY9TgWBqo2z4hqrJSC9hwTLg5Z0AToe/4MUDkzfy+TvMoPZg 4S6Qk8NUqR0Gq7Ija3RvnOcPCey5byrLSOk+jjGFxm0ggKp2FkGARBliMQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNGL/SiR90Bpb7SwhijaRnhRgO+0MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 Lzc0ZWZlOGIzLWQzOWMtNGE4Yi05YjdiLTU5OTRhYTRjOGQ4Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQErynwMA0GCSqGSIb3DQEBCwUAA4IBAQCoHztXUCojlVh0phnqy2Ue 87sPsy3Vf5y1gJDLSdrj/BRkVGldUZIpLs+VppW101ZC1fUPqogdYG+/5+PK8isj /eiKtAQmNTYG5zOjaAaK97VgBn8FnbcIDolkXYeY5I83z7FFEsz7xRg794+FElRY z68SM6zwtHeC2VmqWzb6fg+sbdDQY8I7hbGEIik9Q8G9ow8kASN3t9xFLmUU7x/p eSkEXl42T90A1I7duLzNpqNjCPNlNsNRZulwCWUsYeN9qWLtmln3owN51f0rIkuN 17i5lT36OezL9t6EOZaM78/Lr4FxWJDMebrMoIkSG7NPHX5Wi0U2ydXYXiaixqHv -----END CERTIFICATE-----Generated at Mon Jun 2 04:44:34 2025 by rpki-client