$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: ucTd+D9ZtxHqhCiCDwt6QlJunFymEoFKhg+OVsnDNcs= Subject key identifier: 21:0E:36:A9:9D:AE:8E:27:1E:45:5A:C9:8A:AE:DE:5F:0C:0C:3F:8A Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 4FD87B6C1CACF4C31ADAC8BD7C23083557ED64AF Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Tue 06 May 2025 00:00:01 +0000 ROA not before: Tue 06 May 2025 00:00:01 +0000 ROA not after: Tue 10 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 00:02:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:d8:7b:6c:1c:ac:f4:c3:1a:da:c8:bd:7c:23:08:35:57:ed:64:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 6 00:00:01 2025 GMT Not After : Jun 10 23:59:59 2025 GMT Subject: serialNumber=28ba62c0b71b1985a1f2a8250e91ac98dac1d703381607c211daf591a383426b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:7f:b1:e5:2e:28:df:59:ed:93:03:67:10:8a: 77:34:0f:79:be:64:42:1b:e3:81:ca:8e:8a:50:e6: 7d:db:12:bd:15:eb:0a:c7:bc:c2:af:7f:b2:b3:c1: 9d:ee:9c:6b:fd:a5:af:76:89:7f:6a:96:6e:16:53: cf:87:e0:a4:69:74:22:8f:a8:0d:d1:bc:02:02:f6: 18:61:d0:0b:f8:77:a8:85:de:c6:2c:db:56:e3:60: 1d:ec:d1:3a:05:05:a6:29:9c:7d:e5:a3:71:05:ae: 16:b9:af:17:3d:d1:f2:be:b7:03:93:63:e9:34:85: 65:33:72:6f:7e:a5:2e:83:70:dc:d1:09:28:49:99: 8e:87:e4:ec:01:24:32:0e:62:1a:68:bf:cb:a2:31: 82:21:0e:a5:96:75:f3:65:c6:fd:c0:fa:9e:20:29: 9b:bb:3b:4c:8c:92:30:08:4a:c6:50:55:36:b5:78: b0:95:f5:12:c8:b0:a0:d9:b0:e6:4b:e9:68:13:1c: 63:d9:65:2c:e0:cc:bf:03:51:f1:62:3f:0f:76:21: bf:0b:3b:69:7c:3c:36:e5:d7:05:2b:bd:62:46:14: 80:a9:bc:6b:8a:64:0a:81:0c:27:a6:11:e6:c4:84: c2:4a:4b:82:b2:41:2a:e6:e7:d8:0a:72:46:18:a8: 45:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:0E:36:A9:9D:AE:8E:27:1E:45:5A:C9:8A:AE:DE:5F:0C:0C:3F:8A X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 17:49:33:72:87:08:d6:e3:49:e5:91:27:2b:13:65:1a:92:e0: 76:a6:d7:5e:d8:2c:dd:3a:77:ae:64:a6:25:e5:31:0d:55:a7: 3d:aa:b6:79:ae:c5:8f:2c:6d:74:48:cc:d1:98:b7:6d:27:54: 3c:6a:00:b8:08:25:fb:7e:17:fa:5e:4a:21:f6:4f:52:77:94: 45:d1:35:d5:73:40:b7:20:a5:28:fd:16:f9:8f:20:8d:80:bf: ca:e3:8d:5c:fb:2e:97:ba:70:04:4e:2a:2c:9a:c4:40:9b:29: ee:36:d1:a3:85:5f:9d:f4:89:d0:b3:f0:d7:13:5d:74:aa:b3: 4f:43:e1:36:f6:f8:86:28:04:6e:cd:75:e0:83:b0:b8:51:8c: 05:02:3e:c4:a4:fe:e7:5a:84:02:16:3c:98:10:13:1c:ef:e4: c7:cc:41:d5:a9:32:62:76:b2:b9:31:2e:a5:85:ee:59:40:56: 56:d0:14:20:34:d7:57:d5:ee:3c:54:f2:60:29:1b:75:53:07: bb:dd:c3:2d:78:81:eb:8f:23:15:29:28:66:f7:05:37:e0:0f: 2e:b5:51:7a:ec:77:0b:f0:0e:23:e2:b3:62:28:f3:1e:1c:d6: 77:07:ec:23:59:58:2d:02:5c:f9:25:7a:cd:a1:15:de:3e:13: c4:1f:a0:76 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUT9h7bBys9MMa2si9fCMINVftZK8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDUwNjAwMDAwMVoX DTI1MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAMjhiYTYyYzBiNzFiMTk4NWExZjJh ODI1MGU5MWFjOThkYWMxZDcwMzM4MTYwN2MyMTFkYWY1OTFhMzgzNDI2YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn+x5S4o31ntkwNnEIp3NA95vmRC G+OByo6KUOZ92xK9FesKx7zCr3+ys8Gd7pxr/aWvdol/apZuFlPPh+CkaXQij6gN 0bwCAvYYYdAL+Heohd7GLNtW42Ad7NE6BQWmKZx95aNxBa4Wua8XPdHyvrcDk2Pp NIVlM3JvfqUug3Dc0QkoSZmOh+TsASQyDmIaaL/LojGCIQ6llnXzZcb9wPqeICmb uztMjJIwCErGUFU2tXiwlfUSyLCg2bDmS+loExxj2WUs4My/A1HxYj8PdiG/Cztp fDw25dcFK71iRhSAqbxrimQKgQwnphHmxITCSkuCskEq5ufYCnJGGKhFOwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCEONqmdro4nHkVayYqu3l8MDD+KMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQAXSTNyhwjW40nlkScrE2Ua kuB2ptde2CzdOneuZKYl5TENVac9qrZ5rsWPLG10SMzRmLdtJ1Q8agC4CCX7fhf6 Xkoh9k9Sd5RF0TXVc0C3IKUo/Rb5jyCNgL/K441c+y6XunAETiosmsRAmynuNtGj hV+d9InQs/DXE110qrNPQ+E29viGKARuzXXgg7C4UYwFAj7EpP7nWoQCFjyYEBMc 7+THzEHVqTJidrK5MS6lhe5ZQFZW0BQgNNdX1e48VPJgKRt1Uwe73cMteIHrjyMV KShm9wU34A8utVF67HcL8A4j4rNiKPMeHNZ3B+wjWVgtAlz5JXrNoRXePhPEH6B2 -----END CERTIFICATE-----Generated at Thu May 8 07:41:00 2025 by rpki-client