$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json) Hash identifier: ej3gyaLE8AOmjl+zR+CHfWt68pZ2c/BQQYIiDGPM6MY= Subject key identifier: 8E:9A:53:BA:94:FA:16:26:8E:BC:E1:88:72:42:1E:4D:54:E0:24:55 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49D5CB888828D904EF74FD79F6C71BD176920AB7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa Signing time: Mon 07 Jul 2025 16:00:03 +0000 ROA not before: Mon 07 Jul 2025 16:00:03 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:d5:cb:88:88:28:d9:04:ef:74:fd:79:f6:c7:1b:d1:76:92:0a:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 16:00:03 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=2c7bbc55e06a03647311e492ae0730a16e29bf3a9a9df45e7496b8b18a3f198c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4b:9b:89:be:a8:fb:31:cb:c2:61:ee:cb:58: d3:73:74:be:7e:ac:42:af:2d:03:5b:9f:99:9d:b2: 8e:7a:6f:df:ab:f4:20:a2:c9:b4:76:72:fd:d4:49: 34:de:02:8e:46:65:a3:2a:16:2d:7e:a9:ce:4f:e1: ef:bd:3a:31:e1:18:9c:13:6b:07:ac:5c:37:01:b9: f7:f6:6d:27:5b:89:0c:93:9b:e9:3a:01:4f:53:72: f6:a2:17:25:c3:14:ab:51:83:fa:7d:7e:c3:f9:48: 05:34:6c:5c:21:c1:9b:b3:ab:ea:bb:cc:25:82:aa: d8:ed:1b:60:61:13:eb:98:79:9e:2f:09:da:69:aa: d1:c5:9f:ed:70:df:cf:73:36:1a:84:9b:27:4c:75: b9:ec:91:70:1a:fa:0b:a3:e5:e2:94:c6:37:28:52: 63:96:88:2b:9d:f7:11:cd:51:63:cd:9e:77:81:12: 5b:85:de:a3:0a:25:78:b2:8f:62:93:e2:7b:d3:c1: 54:af:3b:67:79:23:37:4f:65:2c:29:c4:d6:14:3e: e2:5b:87:e6:70:91:bc:a6:6e:b7:12:76:5a:d9:75: 21:34:08:e8:a7:21:72:11:70:88:17:4a:41:6e:dd: 9b:94:2d:a1:84:25:2b:d1:eb:05:65:fa:7d:b1:58: b1:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:9A:53:BA:94:FA:16:26:8E:BC:E1:88:72:42:1E:4D:54:E0:24:55 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 8f:c4:97:72:dd:01:95:dc:39:59:12:dc:c3:5c:36:ee:34:bf: 25:3e:f7:1f:60:0d:6c:48:70:7f:73:d6:7e:0e:aa:0c:c0:7f: c2:18:91:cc:2b:61:a9:96:10:f6:85:69:c0:03:0b:46:2f:ba: c6:7f:ed:7a:d9:63:02:89:9c:d6:3f:fd:c7:48:a5:a9:e3:1f: 8e:19:78:97:ce:b4:77:e7:7e:7f:a4:77:ce:bb:54:80:50:21: ee:16:38:8c:79:75:ea:22:64:46:1b:15:27:66:bc:80:94:72: 7d:1d:da:78:f4:ea:50:52:ca:43:7a:90:88:29:33:39:a6:79: ae:43:68:39:c6:4f:06:e6:8a:29:5e:26:f1:b7:47:7a:d0:94: 68:69:ca:6a:e8:b2:c7:0a:6b:11:fa:ad:ba:05:4d:76:69:00: 0c:61:66:1d:5c:d5:f8:60:3d:2d:8a:cc:d8:93:8b:8e:d0:db: 64:5e:c6:ef:e2:91:b4:19:92:3e:f4:63:19:93:d9:53:b2:cd: 7e:4f:b3:53:bd:22:aa:a8:87:b3:74:ef:af:4c:c3:05:cb:b0: 29:83:10:96:f0:28:74:26:b2:82:db:ea:05:09:b8:f9:cf:83: 1f:1f:8a:cb:42:94:b3:9c:06:a3:6d:8e:75:6b:62:b8:82:fa: 02:d2:3a:b4 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUSdXLiIgo2QTvdP159scb0XaSCrcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE2MDAwM1oX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMmM3YmJjNTVlMDZhMDM2NDczMTFl NDkyYWUwNzMwYTE2ZTI5YmYzYTlhOWRmNDVlNzQ5NmI4YjE4YTNmMTk4YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0ubib6o+zHLwmHuy1jTc3S+fqxC ry0DW5+ZnbKOem/fq/Qgosm0dnL91Ek03gKORmWjKhYtfqnOT+HvvTox4RicE2sH rFw3Abn39m0nW4kMk5vpOgFPU3L2ohclwxSrUYP6fX7D+UgFNGxcIcGbs6vqu8wl gqrY7RtgYRPrmHmeLwnaaarRxZ/tcN/PczYahJsnTHW57JFwGvoLo+XilMY3KFJj logrnfcRzVFjzZ53gRJbhd6jCiV4so9ik+J708FUrztneSM3T2UsKcTWFD7iW4fm cJG8pm63EnZa2XUhNAjopyFyEXCIF0pBbt2blC2hhCUr0esFZfp9sVixJwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFI6aU7qU+hYmjrzhiHJCHk1U4CRVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAI/El3LdAZXcOVkS3MNcNu40 vyU+9x9gDWxIcH9z1n4OqgzAf8IYkcwrYamWEPaFacADC0YvusZ/7XrZYwKJnNY/ /cdIpanjH44ZeJfOtHfnfn+kd867VIBQIe4WOIx5deoiZEYbFSdmvICUcn0d2nj0 6lBSykN6kIgpMzmmea5DaDnGTwbmiileJvG3R3rQlGhpymrosscKaxH6rboFTXZp AAxhZh1c1fhgPS2KzNiTi47Q22Rexu/ikbQZkj70YxmT2VOyzX5Ps1O9Iqqoh7N0 769MwwXLsCmDEJbwKHQmsoLb6gUJuPnPgx8fistClLOcBqNtjnVrYriC+gLSOrQ= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:36 2025 by rpki-client