$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/a78b90df-233b-4ec6-89d2-de27ac2dc044.roa File: a78b90df-233b-4ec6-89d2-de27ac2dc044.roa (raw, json) Hash identifier: /otJ70NhW7BF22xSArd9caU3Q4gBuE2kAylz6rWAWrg= Subject key identifier: 46:56:F4:1A:AE:D4:94:80:92:AF:A0:0D:7F:FC:C3:C3:43:FF:42:AC Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 37204606C0A30F31A8CBF668DFDD04550649FB08 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/a78b90df-233b-4ec6-89d2-de27ac2dc044.roa Signing time: Mon 19 May 2025 15:00:06 +0000 ROA not before: Mon 19 May 2025 15:00:06 +0000 ROA not after: Mon 23 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.236.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:20:46:06:c0:a3:0f:31:a8:cb:f6:68:df:dd:04:55:06:49:fb:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 19 15:00:06 2025 GMT Not After : Jun 23 23:59:59 2025 GMT Subject: serialNumber=d12f67868f8825c8a66ddecac1f1ff1017e21d4b1a6b5890310fa146b4d6ccd6, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e8:e8:3c:1e:5a:d0:dc:d5:e7:16:ce:c0:51: 0a:d5:e7:77:c4:10:3b:bb:c7:f9:6d:1c:99:da:23: 8c:c1:99:21:44:16:ce:29:b1:54:f6:f1:0a:4d:c9: 39:47:e2:fa:c5:6a:28:18:08:f1:95:7d:7e:58:39: 97:d4:04:7d:51:b5:9a:57:3d:3b:e4:26:1c:bd:fb: 77:f0:a1:7b:de:c4:e7:58:f7:01:1f:e4:3b:62:8a: 8a:da:55:1e:83:66:74:32:fa:16:5b:97:32:92:10: 52:d1:48:a0:49:37:b4:8a:6e:ce:95:f8:0a:7f:54: 3b:eb:dd:af:42:be:a1:64:19:36:a5:cf:a3:b7:77: 91:29:08:06:7d:cf:2a:7d:b7:ad:4f:33:e9:38:b6: 6c:4d:12:30:6c:75:85:c6:f1:da:22:24:a7:90:25: f4:bf:20:de:de:47:2e:5e:08:07:f2:d6:fe:80:5a: 14:68:dd:b5:17:eb:e4:99:62:1b:83:55:b2:3e:92: 7c:83:8c:8a:ab:08:29:1f:b6:f3:52:41:95:e5:df: cf:9f:b0:32:92:34:dd:14:2f:52:2c:11:ee:4b:2a: 72:65:cd:26:09:78:8f:37:b5:83:0a:5f:8d:64:0f: 49:ad:f5:85:a7:93:be:47:4b:f3:f3:6b:4d:d6:13: 6f:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:56:F4:1A:AE:D4:94:80:92:AF:A0:0D:7F:FC:C3:C3:43:FF:42:AC X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/a78b90df-233b-4ec6-89d2-de27ac2dc044.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.236.0/23 Signature Algorithm: sha256WithRSAEncryption 71:c0:be:b9:99:a0:19:d5:18:6a:54:6e:1c:bc:17:29:2a:df: 2f:60:ef:43:79:ce:b6:0c:93:2f:65:f6:b1:84:22:5b:f3:fd: 99:cc:66:3b:c3:9b:d5:a2:7a:9a:3c:91:22:0d:8b:3d:8a:7e: 02:a4:fe:4d:17:fe:63:1b:60:fc:0f:c2:43:80:54:a2:92:2f: 7e:4b:dc:01:ea:e1:82:7f:68:e6:e5:6d:54:63:50:fd:05:de: 5d:81:dd:8a:9e:27:16:32:69:ee:7e:b3:1c:d5:98:b2:51:48: 02:44:a2:65:e4:9d:53:00:27:f8:6b:80:f8:41:5f:a5:64:fb: a5:49:ed:fd:85:64:64:28:ee:5f:7f:64:49:09:a8:da:6b:ec: 93:54:ab:8c:f7:50:66:bf:e7:55:5c:e8:d0:f9:9f:0f:af:43: 98:d5:82:ea:3c:8f:7f:f8:02:59:66:f0:4c:cf:d4:c4:94:be: c5:7e:18:12:2b:e0:37:38:b5:ad:fc:d6:fe:d2:04:a3:83:a8: a3:7a:b4:8d:ce:11:bd:16:5b:57:a0:1f:d0:8d:c7:e7:af:a4: 7a:da:09:6e:20:a1:df:2c:f6:dd:cb:f9:66:da:1e:0e:72:ff: d9:e7:29:bc:c9:eb:91:f3:43:2e:91:f6:0f:6f:9a:40:7b:3c: f9:f8:ef:a4 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUNyBGBsCjDzGoy/Zo390EVQZJ+wgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUxOTE1MDAwNloX DTI1MDYyMzIzNTk1OVowejFJMEcGA1UEBRNAZDEyZjY3ODY4Zjg4MjVjOGE2NmRk ZWNhYzFmMWZmMTAxN2UyMWQ0YjFhNmI1ODkwMzEwZmExNDZiNGQ2Y2NkNjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+joPB5a0NzV5xbOwFEK1ed3xBA7 u8f5bRyZ2iOMwZkhRBbOKbFU9vEKTck5R+L6xWooGAjxlX1+WDmX1AR9UbWaVz07 5CYcvft38KF73sTnWPcBH+Q7YoqK2lUeg2Z0MvoWW5cykhBS0UigSTe0im7OlfgK f1Q7692vQr6hZBk2pc+jt3eRKQgGfc8qfbetTzPpOLZsTRIwbHWFxvHaIiSnkCX0 vyDe3kcuXggH8tb+gFoUaN21F+vkmWIbg1WyPpJ8g4yKqwgpH7bzUkGV5d/Pn7Ay kjTdFC9SLBHuSypyZc0mCXiPN7WDCl+NZA9JrfWFp5O+R0vz82tN1hNvYwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEZW9Bqu1JSAkq+gDX/8w8ND/0KsMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2E3OGI5MGRmLTIzM2ItNGVjNi04OWQyLWRlMjdhYzJkYzA0NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrynsMA0GCSqGSIb3DQEBCwUAA4IBAQBxwL65maAZ1RhqVG4cvBcp Kt8vYO9Dec62DJMvZfaxhCJb8/2ZzGY7w5vVonqaPJEiDYs9in4CpP5NF/5jG2D8 D8JDgFSiki9+S9wB6uGCf2jm5W1UY1D9Bd5dgd2KnicWMmnufrMc1ZiyUUgCRKJl 5J1TACf4a4D4QV+lZPulSe39hWRkKO5ff2RJCajaa+yTVKuM91Bmv+dVXOjQ+Z8P r0OY1YLqPI9/+AJZZvBMz9TElL7FfhgSK+A3OLWt/Nb+0gSjg6ijerSNzhG9FltX oB/Qjcfnr6R62gluIKHfLPbdy/lm2h4Ocv/Z5ym8yeuR80MukfYPb5pAezz5+O+k -----END CERTIFICATE-----Generated at Mon Jun 2 04:42:53 2025 by rpki-client