$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: vGhyLtcQ4/5s5QWrPAdMsKzmYpiZtSyd4EV/vcFORMo= Subject key identifier: 69:CA:53:DE:FD:21:53:05:C0:58:94:AF:AC:4B:DA:69:43:77:9F:60 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 198A6DDDE64C6E9EEB355E5764273D00F6C8CD44 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Wed 30 Apr 2025 00:00:33 +0000 ROA not before: Wed 30 Apr 2025 00:00:33 +0000 ROA not after: Wed 04 Jun 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 00:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:8a:6d:dd:e6:4c:6e:9e:eb:35:5e:57:64:27:3d:00:f6:c8:cd:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 30 00:00:33 2025 GMT Not After : Jun 4 23:59:59 2025 GMT Subject: serialNumber=f2797da7cc666f1b454dbf03ff3a5a4dc6bd5553c3b2a0b54a6ed232c75bb102, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:48:f1:40:f2:20:b8:68:38:00:41:45:73:e9: 49:f7:3f:50:00:88:4b:c8:49:c5:9b:19:79:e2:9e: 8d:f3:b1:d0:d4:4f:ba:b9:d7:76:3c:ca:79:61:6f: 51:04:82:fc:7f:d6:c7:cc:3e:de:41:f1:e5:2e:c7: 2f:82:29:56:a4:99:f6:77:05:83:51:ab:65:d1:86: 34:7c:ae:c5:2f:3f:09:2f:95:13:95:dd:b0:63:6a: aa:02:97:d2:73:ff:54:3c:6f:23:31:b4:13:bc:f0: 37:a7:bb:96:32:41:76:b1:d0:63:32:fb:8d:0f:aa: 7d:d5:84:9d:f2:30:ef:b5:cc:f7:c6:29:ad:30:e3: 9e:9b:4c:13:89:e5:78:c8:12:d2:99:60:a5:47:1a: 5a:47:ec:8d:8d:c6:92:40:5f:d0:92:6e:27:11:1d: bc:2f:da:e8:57:b7:2f:dc:90:42:b0:da:ab:2b:6d: e9:11:8f:8f:60:cd:75:d8:d8:56:cb:89:4e:ea:40: 63:a9:6d:c8:d6:3d:e1:db:05:75:e6:a5:50:13:7a: 37:8c:50:30:20:9a:19:0c:fb:79:8d:04:b6:06:73: bd:b7:ab:09:60:fa:8c:22:23:ca:58:70:3d:fc:ed: 88:a0:24:9c:13:19:75:72:05:37:43:2c:6c:b4:6e: ac:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:CA:53:DE:FD:21:53:05:C0:58:94:AF:AC:4B:DA:69:43:77:9F:60 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 85:b7:3e:e5:d0:68:26:46:ff:6c:6b:47:0d:37:f7:9d:bc:41: c3:17:10:12:0a:50:66:1b:2d:47:9a:6f:ab:bb:db:5b:da:4a: 83:ed:a9:ca:e3:a5:31:cb:55:ae:d4:a9:82:2a:68:58:27:e3: b7:d4:b0:d1:7d:91:1c:02:d2:a8:22:9c:e1:70:b3:5a:d4:bb: ca:ee:91:f3:a9:67:5a:0d:3c:5c:60:4e:ba:4e:b6:e1:08:15: 25:4b:ed:29:5f:7d:e8:16:5b:f1:7f:d8:05:08:61:e5:eb:bf: 75:24:d0:8c:f1:bb:cc:ba:92:c8:5c:54:a1:ed:83:b3:17:7a: 37:fd:ea:9d:04:91:20:a4:58:d0:3c:17:bd:39:b1:6c:5f:f5: 57:7a:97:06:b5:f6:99:76:fa:66:e9:84:bc:20:b2:78:2f:6a: 1e:cc:07:13:1a:d9:c2:fc:80:61:70:ed:a3:0f:33:cf:f6:e8: 00:95:d3:75:69:06:40:db:cb:90:91:eb:dc:2c:21:f8:e5:82: f2:60:4b:cd:ad:b8:d4:df:58:f4:e2:3c:50:40:9e:b1:6b:27: 03:99:50:5e:a8:4c:90:b3:8b:45:d1:98:b9:2e:a1:1d:d5:19: 9f:67:a7:a1:f9:39:aa:b0:8b:16:55:15:3e:a9:68:a0:3b:93: 18:df:ea:d8 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGYpt3eZMbp7rNV5XZCc9APbIzUQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDQzMDAwMDAzM1oX DTI1MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAZjI3OTdkYTdjYzY2NmYxYjQ1NGRi ZjAzZmYzYTVhNGRjNmJkNTU1M2MzYjJhMGI1NGE2ZWQyMzJjNzViYjEwMjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEjxQPIguGg4AEFFc+lJ9z9QAIhL yEnFmxl54p6N87HQ1E+6udd2PMp5YW9RBIL8f9bHzD7eQfHlLscvgilWpJn2dwWD Uatl0YY0fK7FLz8JL5UTld2wY2qqApfSc/9UPG8jMbQTvPA3p7uWMkF2sdBjMvuN D6p91YSd8jDvtcz3ximtMOOem0wTieV4yBLSmWClRxpaR+yNjcaSQF/Qkm4nER28 L9roV7cv3JBCsNqrK23pEY+PYM112NhWy4lO6kBjqW3I1j3h2wV15qVQE3o3jFAw IJoZDPt5jQS2BnO9t6sJYPqMIiPKWHA9/O2IoCScExl1cgU3QyxstG6sVQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGnKU979IVMFwFiUr6xL2mlDd59gMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQCFtz7l0GgmRv9sa0cNN/ed vEHDFxASClBmGy1Hmm+ru9tb2kqD7anK46Uxy1Wu1KmCKmhYJ+O31LDRfZEcAtKo IpzhcLNa1LvK7pHzqWdaDTxcYE66TrbhCBUlS+0pX33oFlvxf9gFCGHl6791JNCM 8bvMupLIXFSh7YOzF3o3/eqdBJEgpFjQPBe9ObFsX/VXepcGtfaZdvpm6YS8ILJ4 L2oezAcTGtnC/IBhcO2jDzPP9ugAldN1aQZA28uQkevcLCH45YLyYEvNrbjU31j0 4jxQQJ6xaycDmVBeqEyQs4tF0Zi5LqEd1RmfZ6eh+TmqsIsWVRU+qWigO5MY3+rY -----END CERTIFICATE-----Generated at Mon May 5 21:31:16 2025 by rpki-client