$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: 54tprR8cyFwH6wv0bG3h23cBAbKtF1ApE4lnvB7dzcg= Subject key identifier: BF:5D:D2:AB:BE:88:4B:B2:27:0D:D1:54:EA:0C:65:9D:BE:40:2C:D3 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 3311B3BD2A01D481189525F1C1F7BFE483274D3B Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Tue 15 Jul 2025 00:00:27 +0000 ROA not before: Tue 15 Jul 2025 00:00:27 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:11:b3:bd:2a:01:d4:81:18:95:25:f1:c1:f7:bf:e4:83:27:4d:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 15 00:00:27 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=bed245b40d6d3ecdfff6e0d0f8468ce65611c2d0296ae01c4755417dc3a6d664, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:7f:98:61:ac:9f:d1:a4:80:3b:2b:f8:99:80: da:e5:51:20:43:7e:a8:8c:ed:ad:a3:8e:56:f0:59: bd:a3:46:ab:12:eb:28:4c:ce:1f:1c:ab:38:dc:d9: b2:d3:89:c2:15:e3:3d:4a:e0:19:8f:c8:98:ec:05: be:c9:f2:8b:0e:29:3c:93:e0:b0:a1:24:36:60:ef: c5:69:1a:03:98:ce:e0:33:dc:7f:6c:98:c2:d8:85: 57:fc:88:72:5c:df:ab:9e:cf:3d:a0:91:47:7d:76: 2f:72:7e:fd:39:86:59:d0:98:73:94:3a:2a:f4:71: 85:7e:0a:01:81:ac:fc:13:f3:19:47:b1:9e:fc:3c: 47:18:64:f0:63:1b:ce:e3:52:04:f7:46:31:39:7f: 28:3c:4f:99:59:96:d2:09:2d:92:2f:67:7c:6e:86: b6:e6:9b:83:47:e5:f6:0a:94:0a:a0:7f:f4:86:5c: f5:f1:ad:3e:fd:64:ca:82:59:8e:e5:45:27:71:93: e5:e4:e1:53:c1:f3:5f:da:d4:32:06:eb:30:c5:94: 76:16:83:7e:3f:96:63:fa:f8:d3:c1:b9:71:89:f1: 6c:46:fd:ae:f1:a2:76:3c:83:22:f7:5a:11:94:bc: 0a:8d:6e:34:1f:7f:0c:aa:37:8f:4d:fd:f2:f0:e5: 19:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:5D:D2:AB:BE:88:4B:B2:27:0D:D1:54:EA:0C:65:9D:BE:40:2C:D3 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 60:4a:a5:31:b7:07:36:58:6e:5e:03:d6:f6:d1:68:4a:5f:dd: c0:81:52:ea:aa:d2:b0:c3:da:b1:b6:8b:ec:2a:9e:3c:55:0f: 33:de:21:02:28:a3:d9:bc:c8:48:0b:5e:02:2b:40:03:09:03: cc:3e:25:45:7d:ec:0e:f9:9e:9c:ec:2e:9d:1a:9b:be:3b:ce: 2a:f2:2a:08:69:eb:27:ff:65:b3:83:7d:e4:70:e5:00:2c:a8: bd:be:6d:6c:33:fe:dc:17:c0:8a:e3:31:a5:83:27:b4:67:aa: 4a:71:23:a1:4a:3a:14:3b:50:a7:e1:ee:84:6e:ea:45:db:07: 1e:73:b7:de:88:74:2d:d0:a4:6f:18:f3:8a:4b:4f:8d:d0:97: 09:50:f8:fd:c3:a6:fc:e2:44:cf:fb:3c:35:51:c8:47:03:bd: 8c:38:59:7e:d4:c8:2d:75:f6:5a:53:97:1d:6e:c8:0c:f2:41: d5:45:83:62:e5:05:59:b9:a5:04:a6:54:b9:b7:9e:3f:1a:f3: 3d:71:d7:60:51:f2:57:e3:80:44:71:56:c9:15:f1:52:67:de: fb:58:74:f1:18:ce:74:a3:a0:aa:94:8f:5e:9d:ba:94:4d:54: cf:a5:4f:30:6f:b6:bd:39:93:89:94:03:10:e1:84:be:e6:04: 89:77:1d:ae -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMxGzvSoB1IEYlSXxwfe/5IMnTTswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcxNTAwMDAyN1oX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAYmVkMjQ1YjQwZDZkM2VjZGZmZjZl MGQwZjg0NjhjZTY1NjExYzJkMDI5NmFlMDFjNDc1NTQxN2RjM2E2ZDY2NDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn+YYayf0aSAOyv4mYDa5VEgQ36o jO2to45W8Fm9o0arEusoTM4fHKs43Nmy04nCFeM9SuAZj8iY7AW+yfKLDik8k+Cw oSQ2YO/FaRoDmM7gM9x/bJjC2IVX/IhyXN+rns89oJFHfXYvcn79OYZZ0JhzlDoq 9HGFfgoBgaz8E/MZR7Ge/DxHGGTwYxvO41IE90YxOX8oPE+ZWZbSCS2SL2d8boa2 5puDR+X2CpQKoH/0hlz18a0+/WTKglmO5UUncZPl5OFTwfNf2tQyBuswxZR2FoN+ P5Zj+vjTwblxifFsRv2u8aJ2PIMi91oRlLwKjW40H38MqjePTf3y8OUZnQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFL9d0qu+iEuyJw3RVOoMZZ2+QCzTMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBgSqUxtwc2WG5eA9b20WhK X93AgVLqqtKww9qxtovsKp48VQ8z3iECKKPZvMhIC14CK0ADCQPMPiVFfewO+Z6c 7C6dGpu+O84q8ioIaesn/2Wzg33kcOUALKi9vm1sM/7cF8CK4zGlgye0Z6pKcSOh SjoUO1Cn4e6EbupF2wcec7feiHQt0KRvGPOKS0+N0JcJUPj9w6b84kTP+zw1UchH A72MOFl+1MgtdfZaU5cdbsgM8kHVRYNi5QVZuaUEplS5t54/GvM9cddgUfJX44BE cVbJFfFSZ977WHTxGM50o6CqlI9enbqUTVTPpU8wb7a9OZOJlAMQ4YS+5gSJdx2u -----END CERTIFICATE-----Generated at Mon Jul 21 05:41:31 2025 by rpki-client