$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json) Hash identifier: 0hUPSGWVkpM1DVpfbxZ+b3TvGt2Y0PP/EyAep+KQUKc= Subject key identifier: 03:16:A9:35:01:FE:91:C0:1A:59:14:A1:96:0C:C1:E8:9D:16:A1:26 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 5A55C865B93A0973979FD58D7A2F97906EC04152 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa Signing time: Fri 13 Jun 2025 00:00:04 +0000 ROA not before: Fri 13 Jun 2025 00:00:04 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:55:c8:65:b9:3a:09:73:97:9f:d5:8d:7a:2f:97:90:6e:c0:41:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 13 00:00:04 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=4c1a74732d725a60435d9f230a84db986fcff62e84036882af65cdee65627343, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:84:eb:d7:c0:cf:60:3d:9d:55:74:b6:fc:43: 0f:2d:5e:9a:0e:88:fa:c4:03:30:5b:b1:11:b7:32: 92:31:27:52:0a:e2:3c:8b:49:72:aa:51:03:d7:85: 7e:4f:81:b9:9f:40:29:dc:4a:ec:4c:87:31:55:65: 79:a6:61:c4:6e:70:47:86:39:23:c3:f0:ae:6a:0f: d5:8b:44:bc:0a:e1:7a:f8:4e:9f:ce:cf:61:cb:80: 66:56:63:96:2c:d5:68:48:1c:0e:10:5a:73:70:d7: a5:6c:8c:ee:24:54:ee:72:ca:66:7a:a3:ea:ac:b4: 62:25:73:e9:12:cc:7a:a0:be:8e:41:23:b7:e9:b9: 64:50:03:e3:95:d5:be:c2:e0:4f:ff:4f:1a:81:b8: 84:9b:26:b5:87:b3:0f:5a:1f:21:1f:91:af:54:ba: f7:20:1c:ee:72:64:20:ab:8b:32:29:3f:39:ab:e9: b0:62:cd:04:e4:d3:36:b2:8d:bf:77:2b:bf:4d:06: 06:e8:a8:fd:9b:07:bc:da:d0:98:53:58:92:e9:ad: 62:ba:16:12:70:9c:e0:f0:78:e9:5f:13:76:27:18: 2f:d6:b9:fa:b6:d9:b9:bc:b7:d1:54:10:c3:ec:75: ce:88:65:66:d2:6b:d0:7b:72:d6:ab:d4:e3:77:1d: 31:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:16:A9:35:01:FE:91:C0:1A:59:14:A1:96:0C:C1:E8:9D:16:A1:26 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 86:49:9f:27:48:b4:55:61:5f:cd:75:62:9e:2a:c0:d2:a9:52: 65:a7:0f:d4:cb:db:86:f6:5c:9c:01:4d:ba:f9:c4:1f:f6:19: 22:21:05:50:e6:e1:f7:4b:5b:89:cb:ac:ae:20:83:ce:33:12: 90:d7:8e:c3:c8:f5:9a:b1:f2:17:73:dd:c2:01:a8:fc:f9:19: 04:06:96:6e:a1:6a:6a:bb:c2:b9:c9:11:51:a7:5c:03:da:7b: aa:59:1f:6c:76:9f:d7:bb:ea:bf:03:c0:01:e1:72:39:91:f6: f2:68:4b:92:38:ac:fe:7a:72:0c:30:13:05:86:d1:25:2a:37: e6:f3:07:df:6d:0d:bd:e0:a0:87:ef:d4:4b:bd:ea:7e:83:8b: a8:0b:d3:a4:85:d3:f8:45:5e:31:e5:ef:e2:61:c8:67:e9:5c: 71:5c:8f:fa:2a:8c:6f:64:b4:63:db:98:a2:1e:dd:e1:8c:70: 1a:8e:e9:c0:ed:de:3a:8e:fc:82:5e:60:28:30:d9:21:4d:33: 9b:22:3c:50:d0:94:63:67:5c:0c:85:c8:95:bd:59:47:89:8b: 17:be:5b:e1:2f:b4:96:d6:33:4e:88:c5:8a:86:51:9c:15:d8: 2b:86:9f:80:a3:74:dd:0c:a8:01:05:21:c2:2c:78:aa:37:6b: 1d:05:40:29 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUWlXIZbk6CXOXn9WNei+XkG7AQVIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYxMzAwMDAwNFoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNANGMxYTc0NzMyZDcyNWE2MDQzNWQ5 ZjIzMGE4NGRiOTg2ZmNmZjYyZTg0MDM2ODgyYWY2NWNkZWU2NTYyNzM0MzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYTr18DPYD2dVXS2/EMPLV6aDoj6 xAMwW7ERtzKSMSdSCuI8i0lyqlED14V+T4G5n0Ap3ErsTIcxVWV5pmHEbnBHhjkj w/Cuag/Vi0S8CuF6+E6fzs9hy4BmVmOWLNVoSBwOEFpzcNelbIzuJFTucspmeqPq rLRiJXPpEsx6oL6OQSO36blkUAPjldW+wuBP/08agbiEmya1h7MPWh8hH5GvVLr3 IBzucmQgq4syKT85q+mwYs0E5NM2so2/dyu/TQYG6Kj9mwe82tCYU1iS6a1iuhYS cJzg8HjpXxN2Jxgv1rn6ttm5vLfRVBDD7HXOiGVm0mvQe3LWq9Tjdx0xCwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAMWqTUB/pHAGlkUoZYMweidFqEmMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQCGSZ8nSLRVYV/NdWKeKsDS qVJlpw/Uy9uG9lycAU26+cQf9hkiIQVQ5uH3S1uJy6yuIIPOMxKQ147DyPWasfIX c93CAaj8+RkEBpZuoWpqu8K5yRFRp1wD2nuqWR9sdp/Xu+q/A8AB4XI5kfbyaEuS OKz+enIMMBMFhtElKjfm8wffbQ294KCH79RLvep+g4uoC9OkhdP4RV4x5e/iYchn 6VxxXI/6KoxvZLRj25iiHt3hjHAajunA7d46jvyCXmAoMNkhTTObIjxQ0JRjZ1wM hciVvVlHiYsXvlvhL7SW1jNOiMWKhlGcFdgrhp+Ao3TdDKgBBSHCLHiqN2sdBUAp -----END CERTIFICATE-----Generated at Sun Jun 29 07:42:00 2025 by rpki-client