$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: AbfCmBnyVYp2yprf9QaYlasDAmW74EQA1NI5ExaXcT8= Subject key identifier: 17:53:28:63:03:97:8E:21:97:6F:75:FC:62:FD:14:3A:C4:C8:1D:02 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 5009B394F0FBBC02F59BCBC09B732AA8C2EE46A3 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Mon 19 May 2025 15:00:00 +0000 ROA not before: Mon 19 May 2025 15:00:00 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:09:b3:94:f0:fb:bc:02:f5:9b:cb:c0:9b:73:2a:a8:c2:ee:46:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 19 15:00:00 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=2af5e368c7c17d9c3b0639b7875a98c14cadbcce6b4076766ba6538b0ee4228c, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d8:65:44:10:90:da:3b:ce:e2:65:43:49:4d: a9:bf:cb:d3:eb:16:4b:4e:5a:49:f5:ad:25:79:37: b4:f2:c2:c2:bd:89:b4:81:3c:35:bf:1c:71:16:09: c4:83:75:17:30:01:96:88:1c:20:72:06:a6:80:3a: f9:81:c5:8f:e6:e7:80:1d:8b:f7:60:5b:11:f8:59: 80:1e:e1:b0:e7:d2:b4:41:8d:f7:f2:00:01:79:25: 89:2c:b8:5d:74:66:9e:15:38:13:7b:90:a3:bc:98: 4b:ae:43:4a:07:e1:cd:e9:44:12:e9:a2:7e:3b:e7: d2:76:e0:58:6d:cc:dc:e6:3e:61:5f:28:34:73:a3: 68:22:c1:4d:de:4d:b1:79:f3:43:a2:ff:a4:9b:e3: ce:4c:a6:02:d2:50:a8:e8:3d:d9:61:b5:44:2c:fb: 78:ab:dc:bf:3f:ba:10:e1:50:80:36:5d:4f:8c:da: 14:f2:83:dc:78:93:72:c9:a7:07:53:7e:63:e7:8a: 46:67:82:72:f2:09:96:63:56:2e:85:2e:85:3d:49: 39:10:b0:ea:94:84:2c:78:74:0c:5b:41:40:ce:a4: a2:1b:0b:d6:69:72:03:aa:03:81:77:00:0b:88:83: f9:e7:9d:7f:32:da:8a:57:06:3d:f6:6d:a3:f5:2e: 5d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:53:28:63:03:97:8E:21:97:6F:75:FC:62:FD:14:3A:C4:C8:1D:02 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 1a:8a:de:8e:e6:7b:94:3c:43:d5:92:58:7d:ca:68:04:d0:5f: 01:9f:37:df:94:8b:25:81:59:2c:53:0f:61:db:0a:88:67:25: 61:bc:5c:70:5a:a1:7c:89:4a:01:a6:fc:b2:c9:c7:be:9d:98: 0e:5d:95:51:8a:fd:5f:34:32:8f:ab:5e:a8:74:d6:07:5d:e2: 80:e1:c8:91:77:6f:20:45:51:c4:b8:45:15:e2:f2:07:47:3b: ed:0c:cc:b3:1d:5d:3c:bc:82:9d:56:24:cd:8f:5a:73:f8:b5: f6:40:fa:30:35:c8:14:c7:a9:9c:fc:e4:cd:a4:9a:83:a9:fa: ca:f3:f2:cb:60:00:ac:14:e2:8a:09:c6:59:db:71:ee:54:bd: f1:33:a9:54:ec:f2:38:2d:ff:e9:22:f1:dd:d1:c2:e5:db:81: a2:30:dc:a8:c1:aa:98:a8:3a:17:58:3a:b4:52:87:d2:f5:10: 31:74:f4:16:ac:25:26:5b:76:ff:4d:e9:28:23:93:92:26:9c: 15:56:b0:62:10:65:fe:de:bc:81:5f:89:53:50:1a:c9:dd:4b: e1:ca:ce:b9:7a:f0:ca:92:a2:be:da:a1:89:25:ad:d6:01:9a: 88:dd:8d:de:76:6b:9e:af:5a:e8:8a:d3:59:16:ff:c5:34:d2: 7b:bb:7c:05 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUAmzlPD7vAL1m8vAm3MqqMLuRqMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUxOTE1MDAwMFoX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAMmFmNWUzNjhjN2MxN2Q5YzNiMDYz OWI3ODc1YTk4YzE0Y2FkYmNjZTZiNDA3Njc2NmJhNjUzOGIwZWU0MjI4YzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9hlRBCQ2jvO4mVDSU2pv8vT6xZL TlpJ9a0leTe08sLCvYm0gTw1vxxxFgnEg3UXMAGWiBwgcgamgDr5gcWP5ueAHYv3 YFsR+FmAHuGw59K0QY338gABeSWJLLhddGaeFTgTe5CjvJhLrkNKB+HN6UQS6aJ+ O+fSduBYbczc5j5hXyg0c6NoIsFN3k2xefNDov+km+POTKYC0lCo6D3ZYbVELPt4 q9y/P7oQ4VCANl1PjNoU8oPceJNyyacHU35j54pGZ4Jy8gmWY1YuhS6FPUk5ELDq lIQseHQMW0FAzqSiGwvWaXIDqgOBdwALiIP5551/MtqKVwY99m2j9S5dKwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBdTKGMDl44hl291/GL9FDrEyB0CMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQAait6O5nuUPEPVklh9ymgE 0F8BnzfflIslgVksUw9h2wqIZyVhvFxwWqF8iUoBpvyyyce+nZgOXZVRiv1fNDKP q16odNYHXeKA4ciRd28gRVHEuEUV4vIHRzvtDMyzHV08vIKdViTNj1pz+LX2QPow NcgUx6mc/OTNpJqDqfrK8/LLYACsFOKKCcZZ23HuVL3xM6lU7PI4Lf/pIvHd0cLl 24GiMNyowaqYqDoXWDq0UofS9RAxdPQWrCUmW3b/TekoI5OSJpwVVrBiEGX+3ryB X4lTUBrJ3Uvhys65evDKkqK+2qGJJa3WAZqI3Y3edmuer1roitNZFv/FNNJ7u3wF -----END CERTIFICATE-----Generated at Mon Jun 2 04:46:31 2025 by rpki-client