$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: l6wcUx8IRXpOOT4fy1oCu71Hhkb+yisGySMXO9SQyhM= Subject key identifier: E7:86:2C:AC:10:75:DA:10:D4:81:62:26:F9:EA:7B:05:21:6B:21:46 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 36C13E714C59DCAEC426DB21B524F88D044E3A1D Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Fri 02 May 2025 00:00:05 +0000 ROA not before: Fri 02 May 2025 00:00:05 +0000 ROA not after: Fri 06 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:c1:3e:71:4c:59:dc:ae:c4:26:db:21:b5:24:f8:8d:04:4e:3a:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 2 00:00:05 2025 GMT Not After : Jun 6 23:59:59 2025 GMT Subject: serialNumber=88cd205640e0bd9c718cef1469e82f1e36a77aae6dc1619f9af9b6e5133a5231, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:ec:17:0e:dd:07:83:43:19:da:cf:3f:4b:c1: 5e:c5:d1:53:69:be:8c:97:73:c5:2d:3e:52:d6:7f: e0:43:d6:58:8b:c2:96:ed:25:08:b0:30:95:f1:98: 1c:44:13:cb:4a:22:70:ac:10:b2:7b:23:4a:be:1d: a8:f4:cb:d0:55:df:e4:84:79:ae:e2:66:6f:ac:8f: 9f:89:f4:73:da:37:a1:9a:b2:88:05:6a:db:e9:45: bc:28:a7:fb:32:8d:3a:aa:b8:bb:6a:15:f6:93:90: a3:de:db:f0:57:9d:ec:bf:43:ab:e4:da:7f:e1:aa: bd:2a:c9:89:51:8c:82:28:b2:24:58:3b:ae:11:7f: 87:84:e7:d8:27:2f:4c:33:8a:fb:07:85:cb:9d:f8: 79:f3:e6:58:ce:9d:9a:9d:ba:f2:33:1f:66:95:ae: 4c:ff:b8:2a:4e:b5:57:13:6c:b9:b2:4c:d9:8b:46: 46:51:13:5d:a2:4a:c4:4f:ea:96:82:b6:d9:7e:78: e7:e3:e5:1d:95:ba:a2:e3:cb:d8:50:df:0a:b7:bc: cc:fb:ea:78:d3:b9:f9:be:dd:0d:4a:fc:77:00:af: 69:b8:3c:e4:dd:e0:25:8f:7a:ae:49:d7:be:37:fe: b4:c9:09:b8:01:09:ad:e7:c7:7d:78:c9:51:18:77: 7c:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:86:2C:AC:10:75:DA:10:D4:81:62:26:F9:EA:7B:05:21:6B:21:46 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 64:30:f7:b1:d4:81:5c:89:ad:14:eb:dc:24:df:1a:58:8b:72: f0:fc:11:9f:2b:fb:7f:78:4b:61:87:52:0c:03:4b:72:c2:c0: 06:fb:1c:0c:ed:b1:b0:49:29:61:03:fc:ee:76:23:ad:65:56: b2:fc:66:ac:71:19:e1:f5:48:c5:7f:0d:ca:f6:1f:2f:ac:84: 03:ee:75:13:e3:00:d2:d9:52:41:0c:7a:e0:fd:08:46:f4:82: dd:7f:c4:50:01:28:e7:d0:1a:e0:9b:37:d7:1a:0c:67:72:8e: 4a:62:05:4b:bd:7e:b1:60:fd:c1:8c:dc:a5:9a:d0:2f:79:3d: 39:ba:e4:f7:03:dd:77:e8:d6:cc:d4:e7:c2:11:b1:68:57:06: 47:90:7d:2f:e4:29:67:3a:6c:06:57:e7:cc:1e:3f:8c:c0:65: 3e:ab:8a:0d:67:a4:b0:03:05:53:ef:b5:ae:ef:74:a4:17:af: 75:34:f5:33:03:91:9f:24:41:65:f4:06:30:1d:c4:83:af:73: bf:26:41:3c:91:86:96:83:af:6b:f1:03:e2:ef:4f:b7:99:d2: c4:83:7d:13:df:6d:73:22:e8:50:e6:b1:23:74:5f:4a:ac:ee: 7a:15:91:53:1a:95:fd:0b:9d:b4:99:fd:d8:be:67:1d:9f:d3: bc:7c:53:96 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUNsE+cUxZ3K7EJtshtST4jQROOh0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUwMjAwMDAwNVoX DTI1MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAODhjZDIwNTY0MGUwYmQ5YzcxOGNl ZjE0NjllODJmMWUzNmE3N2FhZTZkYzE2MTlmOWFmOWI2ZTUxMzNhNTIzMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+wXDt0Hg0MZ2s8/S8FexdFTab6M l3PFLT5S1n/gQ9ZYi8KW7SUIsDCV8ZgcRBPLSiJwrBCyeyNKvh2o9MvQVd/khHmu 4mZvrI+fifRz2jehmrKIBWrb6UW8KKf7Mo06qri7ahX2k5Cj3tvwV53sv0Or5Np/ 4aq9KsmJUYyCKLIkWDuuEX+HhOfYJy9MM4r7B4XLnfh58+ZYzp2anbryMx9mla5M /7gqTrVXE2y5skzZi0ZGURNdokrET+qWgrbZfnjn4+Udlbqi48vYUN8Kt7zM++p4 07n5vt0NSvx3AK9puDzk3eAlj3quSde+N/60yQm4AQmt58d9eMlRGHd8FwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOeGLKwQddoQ1IFiJvnqewUhayFGMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQBkMPex1IFcia0U69wk3xpY i3Lw/BGfK/t/eEthh1IMA0tywsAG+xwM7bGwSSlhA/zudiOtZVay/GascRnh9UjF fw3K9h8vrIQD7nUT4wDS2VJBDHrg/QhG9ILdf8RQASjn0BrgmzfXGgxnco5KYgVL vX6xYP3BjNylmtAveT05uuT3A9136NbM1OfCEbFoVwZHkH0v5ClnOmwGV+fMHj+M wGU+q4oNZ6SwAwVT77Wu73SkF691NPUzA5GfJEFl9AYwHcSDr3O/JkE8kYaWg69r 8QPi70+3mdLEg30T321zIuhQ5rEjdF9KrO56FZFTGpX9C520mf3Yvmcdn9O8fFOW -----END CERTIFICATE-----Generated at Mon May 5 03:43:29 2025 by rpki-client