$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa File: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (raw, json) Hash identifier: klz1MEK94RYvGwUSIB1Lkt3YQy4A8azoTSfmTEKsx0w= Subject key identifier: 23:B2:51:A8:94:CD:3D:95:EF:A1:08:F2:54:14:56:D0:B1:FA:AB:68 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 4115FB18B917C78AC110CF35245BFFA5B67CC1A0 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa Signing time: Mon 16 Jun 2025 15:00:05 +0000 ROA not before: Mon 16 Jun 2025 15:00:05 +0000 ROA not after: Mon 21 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 160.235.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:15:fb:18:b9:17:c7:8a:c1:10:cf:35:24:5b:ff:a5:b6:7c:c1:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jun 16 15:00:05 2025 GMT Not After : Jul 21 23:59:59 2025 GMT Subject: serialNumber=f1f929ce6a26a57bbd2827b88beb4c26d45a062e1b17a05cdabb09f34798e48d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:96:92:92:f2:c5:8a:03:57:f9:32:0c:44:87: 20:73:7e:6b:57:89:a0:1e:58:c1:ec:02:a1:58:20: 74:46:a0:dd:f6:c8:87:81:ed:2e:15:5e:71:f4:44: 9e:f9:d7:aa:d3:1d:50:14:40:41:99:a7:59:ec:60: a2:cf:98:ea:70:c6:32:fb:82:07:aa:d9:b4:55:e5: 55:ed:dc:b1:e0:f2:6c:b8:c6:a1:16:79:d7:80:1f: dc:5d:88:18:87:c5:fc:f8:4c:45:6e:ff:4f:b1:e6: 42:de:cb:cc:91:da:4a:0a:27:29:88:95:ae:90:12: 27:a9:e7:b6:f0:f8:ef:42:11:b4:80:d1:d2:04:c3: c7:3e:36:ae:44:ff:67:b4:7f:27:12:30:b3:8e:36: e0:f9:14:0f:7b:58:1a:5a:22:5a:d3:05:d1:06:de: 00:5c:30:64:cf:90:94:4b:ce:75:11:23:3c:2f:93: ab:e2:c3:c1:e7:fb:2d:ee:18:93:c9:88:bb:72:29: 0e:0f:db:a4:9c:70:3e:36:c4:91:75:98:67:79:53: 23:dd:16:07:0d:69:d5:5b:f0:48:57:2f:aa:cc:2c: 8f:4e:dd:f7:e1:7d:41:45:fe:4b:a1:81:34:c9:13: d1:91:0b:9d:fe:63:90:8b:59:8c:21:56:51:50:5f: 40:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:B2:51:A8:94:CD:3D:95:EF:A1:08:F2:54:14:56:D0:B1:FA:AB:68 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.235.0.0/16 Signature Algorithm: sha256WithRSAEncryption 28:db:dd:70:2d:4d:d3:06:f6:a7:5e:fa:5f:fb:8f:2b:37:ed: 02:05:74:30:71:fd:45:4f:2c:d8:79:76:c0:65:67:71:51:63: a4:2c:f6:0e:f1:d3:44:da:1a:23:14:7a:f8:39:9c:8e:88:8b: 03:58:0b:3b:30:65:bf:c5:77:83:80:8f:f6:60:55:e0:a1:7c: 81:c2:67:68:b6:d9:ef:a3:33:f7:b0:7f:9a:ea:77:1b:14:0c: 26:4f:3d:2b:0f:7d:4a:cb:04:63:2a:55:db:50:11:61:08:0e: a3:7a:d7:3c:17:ff:05:85:36:ac:1e:63:41:75:9c:aa:ac:e6: a1:20:33:28:2d:50:74:5d:fb:3f:08:bc:b5:b1:b1:56:db:e9: 3c:aa:3a:a9:c3:1f:ac:b6:74:81:b7:e6:12:56:40:72:7d:b2: 6c:ec:4b:25:d4:76:9e:ad:31:c5:e8:19:38:d2:a6:4b:79:59: 60:01:97:11:3e:c4:79:a2:eb:e4:90:95:fe:3e:ef:51:57:b4: ab:93:99:34:a6:97:2d:4a:e7:4c:5f:7d:ba:c1:d8:3c:ef:67: 71:3f:2c:3e:67:19:82:e2:d4:4b:76:27:34:90:4e:38:27:fd: 1f:49:72:f2:42:7c:4d:21:24:5b:d7:63:7d:34:a3:94:5c:70: 3c:0c:28:c6 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUQRX7GLkXx4rBEM81JFv/pbZ8waAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDYxNjE1MDAwNVoX DTI1MDcyMTIzNTk1OVowejFJMEcGA1UEBRNAZjFmOTI5Y2U2YTI2YTU3YmJkMjgy N2I4OGJlYjRjMjZkNDVhMDYyZTFiMTdhMDVjZGFiYjA5ZjM0Nzk4ZTQ4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppaSkvLFigNX+TIMRIcgc35rV4mg HljB7AKhWCB0RqDd9siHge0uFV5x9ESe+deq0x1QFEBBmadZ7GCiz5jqcMYy+4IH qtm0VeVV7dyx4PJsuMahFnnXgB/cXYgYh8X8+ExFbv9PseZC3svMkdpKCicpiJWu kBInqee28PjvQhG0gNHSBMPHPjauRP9ntH8nEjCzjjbg+RQPe1gaWiJa0wXRBt4A XDBkz5CUS851ESM8L5Or4sPB5/st7hiTyYi7cikOD9uknHA+NsSRdZhneVMj3RYH DWnVW/BIVy+qzCyPTt334X1BRf5LoYE0yRPRkQud/mOQi1mMIVZRUF9AswIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFCOyUaiUzT2V76EI8lQUVtCx+qtoMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkMWZiMWM3LTYxNDAtNGM1Ny05MjhmLTFhNTk1ODZmOWUyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAoOswDQYJKoZIhvcNAQELBQADggEBACjb3XAtTdMG9qde+l/7jys3 7QIFdDBx/UVPLNh5dsBlZ3FRY6Qs9g7x00TaGiMUevg5nI6IiwNYCzswZb/Fd4OA j/ZgVeChfIHCZ2i22e+jM/ewf5rqdxsUDCZPPSsPfUrLBGMqVdtQEWEIDqN61zwX /wWFNqweY0F1nKqs5qEgMygtUHRd+z8IvLWxsVbb6TyqOqnDH6y2dIG35hJWQHJ9 smzsSyXUdp6tMcXoGTjSpkt5WWABlxE+xHmi6+SQlf4+71FXtKuTmTSmly1K50xf fbrB2DzvZ3E/LD5nGYLi1Et2JzSQTjgn/R9JcvJCfE0hJFvXY300o5RccDwMKMY= -----END CERTIFICATE-----Generated at Sun Jun 29 03:54:15 2025 by rpki-client