$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: tg1nJKR0DHrhFmNM4Uh5qbEkkpCCQsIm47+kHh9VFWg= Subject key identifier: 39:A5:81:EB:FD:7D:F1:BB:36:1C:AD:B5:4F:90:4A:07:08:1F:D5:5A Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 3B03AF9D7777A18F0B26FB651E67B6AFD4B8A8FB Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Fri 20 Jun 2025 00:00:24 +0000 ROA not before: Fri 20 Jun 2025 00:00:24 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:03:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:03:af:9d:77:77:a1:8f:0b:26:fb:65:1e:67:b6:af:d4:b8:a8:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jun 20 00:00:24 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=41fae8f90b0a24c70375e373cf24a365a317437fc9868a028131c07bb846091c, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:42:d0:05:ad:99:b0:49:3c:50:8e:0c:ca:af: c7:50:65:e8:12:d3:dc:86:8d:8a:30:0a:27:b8:04: 9f:d5:71:f8:d0:70:41:7d:fb:1c:0f:20:53:cc:4a: 3a:1f:6f:18:b5:5f:b2:9a:a6:c7:ee:4d:52:1e:89: d9:a1:19:65:00:f6:e9:80:19:92:f9:b9:f4:17:c2: e9:a6:ca:33:a9:ea:8c:2b:ba:cd:1c:d4:15:0c:bc: 27:f1:96:0c:56:34:e3:ac:dd:19:b5:5f:e5:0c:2f: e1:fd:86:a1:2d:ff:ca:9a:29:3d:f6:b3:c5:29:f3: 40:12:4e:5f:34:59:6c:91:57:00:38:73:91:eb:03: 6c:db:a5:bf:a6:44:71:c5:e3:c4:30:e5:52:3d:53: 12:57:34:62:88:15:8e:dc:04:11:75:0b:e5:f7:96: 82:d2:b5:e8:07:5c:91:33:bb:46:2f:87:38:b2:bd: b0:f1:a9:46:4a:68:42:78:37:cb:3f:16:e0:1e:e1: 1d:c8:62:0c:9b:be:e6:0e:79:5b:d3:cc:39:76:51: 70:19:a4:4b:e1:f7:9f:bb:9a:15:63:44:52:ef:db: ac:09:e7:16:05:25:f7:4c:48:ef:09:ab:25:71:00: 07:6f:ab:6c:19:06:70:70:82:b0:d2:e7:ec:0f:d4: 24:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:A5:81:EB:FD:7D:F1:BB:36:1C:AD:B5:4F:90:4A:07:08:1F:D5:5A X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 15:9a:77:0d:ee:8b:d2:bb:1e:51:5b:ec:df:2f:86:7d:31:d7: f3:95:c2:b7:1d:21:b9:26:00:f1:60:26:f2:78:90:b5:03:da: 2d:18:7c:64:83:91:42:32:98:24:c1:0c:54:5b:00:d3:56:57: 0c:e5:65:78:75:40:85:7d:57:45:e8:c8:99:00:26:b9:5f:b9: 2e:6f:2f:39:84:a7:07:e5:9e:94:ca:58:c6:09:cd:33:1f:1b: 6f:de:61:c3:1f:9a:76:65:50:62:e6:ba:cf:e5:d8:57:5f:59: 39:3f:41:e0:5e:5a:ee:62:a2:09:30:7f:09:05:c0:00:90:6f: b2:96:a4:d4:f2:84:a4:1e:25:f0:d7:0e:eb:59:87:66:7b:81: 62:50:00:0f:74:2d:22:7b:46:e1:d6:0a:47:41:bf:22:54:d7: a9:89:b4:c6:3d:9c:c3:6b:03:ce:b1:df:75:8c:15:60:1e:d0: 79:f5:36:f3:3d:b7:86:f4:73:a3:be:d2:d7:9c:b4:74:dc:ec: 07:4b:d2:44:82:e3:0d:14:6d:be:29:da:97:ae:dc:5f:49:75: a6:76:88:f9:a0:71:d8:e2:66:d2:53:c8:ba:2e:59:65:8f:f4: ab:84:3d:68:f0:51:dc:e1:f4:ae:e2:cf:85:23:32:eb:55:87: fb:c3:c4:24 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOwOvnXd3oY8LJvtlHme2r9S4qPswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDYyMDAwMDAyNFoX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNANDFmYWU4ZjkwYjBhMjRjNzAzNzVl MzczY2YyNGEzNjVhMzE3NDM3ZmM5ODY4YTAyODEzMWMwN2JiODQ2MDkxYzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00LQBa2ZsEk8UI4Myq/HUGXoEtPc ho2KMAonuASf1XH40HBBffscDyBTzEo6H28YtV+ymqbH7k1SHonZoRllAPbpgBmS +bn0F8LppsozqeqMK7rNHNQVDLwn8ZYMVjTjrN0ZtV/lDC/h/YahLf/Kmik99rPF KfNAEk5fNFlskVcAOHOR6wNs26W/pkRxxePEMOVSPVMSVzRiiBWO3AQRdQvl95aC 0rXoB1yRM7tGL4c4sr2w8alGSmhCeDfLPxbgHuEdyGIMm77mDnlb08w5dlFwGaRL 4fefu5oVY0RS79usCecWBSX3TEjvCaslcQAHb6tsGQZwcIKw0ufsD9QkkQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDmlgev9ffG7NhyttU+QSgcIH9VaMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQAVmncN7ovSux5RW+zfL4Z9 MdfzlcK3HSG5JgDxYCbyeJC1A9otGHxkg5FCMpgkwQxUWwDTVlcM5WV4dUCFfVdF 6MiZACa5X7kuby85hKcH5Z6UyljGCc0zHxtv3mHDH5p2ZVBi5rrP5dhXX1k5P0Hg XlruYqIJMH8JBcAAkG+ylqTU8oSkHiXw1w7rWYdme4FiUAAPdC0ie0bh1gpHQb8i VNepibTGPZzDawPOsd91jBVgHtB59TbzPbeG9HOjvtLXnLR03OwHS9JEguMNFG2+ KdqXrtxfSXWmdoj5oHHY4mbSU8i6Llllj/SrhD1o8FHc4fSu4s+FIzLrVYf7w8Qk -----END CERTIFICATE-----Generated at Sun Jun 29 11:31:30 2025 by rpki-client