$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: 4Ft1XsWB/byv1JDDa2f9EgosRJBjRvrlyTbjPgtifQI= Subject key identifier: 74:DA:AD:D4:84:40:18:22:72:7A:1F:C9:A0:B3:5A:13:CF:53:03:9A Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 6AE9FD7A9E4168B4AC906618E405E3728634AF86 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Tue 15 Jul 2025 00:00:06 +0000 ROA not before: Tue 15 Jul 2025 00:00:06 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:e9:fd:7a:9e:41:68:b4:ac:90:66:18:e4:05:e3:72:86:34:af:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jul 15 00:00:06 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=e9b4b500893316771a71ecc8d9c33dd6143eabec4c696891523ff0049045513a, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ae:ef:6d:71:d0:14:2a:84:ee:cf:55:4c:f4: 12:9d:7e:ab:92:d7:fb:eb:6c:08:6a:f4:c5:9c:cf: 25:fa:98:d5:8b:15:ed:dd:b4:22:c7:7b:26:b1:de: 1d:b3:cb:02:af:c9:0f:15:a5:4d:f1:94:fb:b5:e5: dc:80:b8:82:56:56:f7:a2:aa:cf:fc:04:b5:ec:55: cb:67:52:3a:63:c2:50:98:e7:fa:7c:26:48:11:6f: 5f:72:fa:b3:95:bf:37:46:45:fa:04:de:c6:c1:d8: 24:8b:6e:e8:b1:7f:a4:77:32:6a:39:0a:62:23:dd: 2a:07:dd:e5:6e:43:21:a8:48:b0:4d:36:20:67:3e: 3c:3f:fc:87:04:27:15:65:7c:07:77:cc:9b:69:33: c5:17:a9:ba:38:9e:28:61:a1:b4:44:d9:57:8d:62: c4:07:60:54:fe:1c:31:0e:05:07:05:04:46:1e:30: 07:ad:1b:6d:5f:41:72:ae:e6:01:0d:0c:f8:40:8c: a0:06:0c:c2:97:92:7f:f2:06:8d:7e:eb:91:81:59: 06:65:6c:23:37:47:69:22:c0:c6:60:86:7f:d0:1e: da:d8:ea:7a:09:1e:4a:7b:5e:65:e8:fd:a2:60:db: 46:a3:21:a5:ae:ee:8b:ef:6f:8e:4f:39:cf:c0:84: 50:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:DA:AD:D4:84:40:18:22:72:7A:1F:C9:A0:B3:5A:13:CF:53:03:9A X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 20:00:de:20:f1:52:8e:2f:35:cd:7c:7b:3b:22:8f:6a:f3:f8: a5:16:f7:d6:5a:5b:ed:aa:dc:4e:9a:39:24:47:75:e3:d7:93: 7f:30:82:51:ea:b4:66:38:d2:0f:ac:8c:f9:1b:7f:f3:c7:96: 94:14:09:d5:8d:cd:3d:cf:d3:02:c9:a2:41:98:ec:94:6c:30: 76:57:78:cb:5e:83:9b:d3:bc:c2:f6:80:b0:3b:3c:ae:ed:1d: ca:1c:fb:f7:be:ef:5b:19:73:0b:f0:79:a4:f4:5b:87:cf:47: f0:66:95:11:83:6e:37:7a:c8:08:80:ef:07:51:06:bd:c1:80: 36:d3:86:66:33:73:83:de:b9:01:03:96:94:7c:1e:19:e9:05: 71:3b:c1:91:a8:23:17:c8:36:3d:bf:0f:25:d2:a6:08:c6:9d: a4:a4:8f:6c:96:b9:ee:5c:e9:a9:9f:3b:71:62:5b:84:25:a0: e1:6f:86:db:18:5a:f8:45:f9:c3:ee:5b:29:b2:a6:40:b1:f1: 3c:51:00:23:03:3f:fb:2d:6b:94:d1:a3:97:82:6f:04:29:9f: cf:10:3d:8b:42:75:5d:ee:96:57:77:f4:e6:c1:32:33:74:f0: e2:30:3e:d9:76:12:e8:e5:da:4e:8f:78:5c:88:7b:7a:fe:db: ab:22:6d:10 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUaun9ep5BaLSskGYY5AXjcoY0r4YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDcxNTAwMDAwNloX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAZTliNGI1MDA4OTMzMTY3NzFhNzFl Y2M4ZDljMzNkZDYxNDNlYWJlYzRjNjk2ODkxNTIzZmYwMDQ5MDQ1NTEzYTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK7vbXHQFCqE7s9VTPQSnX6rktf7 62wIavTFnM8l+pjVixXt3bQix3smsd4ds8sCr8kPFaVN8ZT7teXcgLiCVlb3oqrP /AS17FXLZ1I6Y8JQmOf6fCZIEW9fcvqzlb83RkX6BN7Gwdgki27osX+kdzJqOQpi I90qB93lbkMhqEiwTTYgZz48P/yHBCcVZXwHd8ybaTPFF6m6OJ4oYaG0RNlXjWLE B2BU/hwxDgUHBQRGHjAHrRttX0FyruYBDQz4QIygBgzCl5J/8gaNfuuRgVkGZWwj N0dpIsDGYIZ/0B7a2Op6CR5Ke15l6P2iYNtGoyGlru6L72+OTznPwIRQGQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHTardSEQBgicnofyaCzWhPPUwOaMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQAgAN4g8VKOLzXNfHs7Io9q 8/ilFvfWWlvtqtxOmjkkR3Xj15N/MIJR6rRmONIPrIz5G3/zx5aUFAnVjc09z9MC yaJBmOyUbDB2V3jLXoOb07zC9oCwOzyu7R3KHPv3vu9bGXML8Hmk9FuHz0fwZpUR g243esgIgO8HUQa9wYA204ZmM3OD3rkBA5aUfB4Z6QVxO8GRqCMXyDY9vw8l0qYI xp2kpI9slrnuXOmpnztxYluEJaDhb4bbGFr4RfnD7lspsqZAsfE8UQAjAz/7LWuU 0aOXgm8EKZ/PED2LQnVd7pZXd/TmwTIzdPDiMD7ZdhLo5dpOj3hciHt6/turIm0Q -----END CERTIFICATE-----Generated at Mon Jul 21 05:43:35 2025 by rpki-client