$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa File: 245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa (raw, json) Hash identifier: LxtqH+zPmB+EXbFTGKhefDL2CL54tMsKQKrPwqYJqtA= Subject key identifier: 52:5E:DC:3C:57:FC:2D:90:08:7D:D5:BA:FF:6C:F8:73:23:50:54:56 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1065CCF9E58C7EFBE40F12E5B6B64C5A2E3789AD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa Signing time: Mon 07 Jul 2025 16:00:19 +0000 ROA not before: Mon 07 Jul 2025 16:00:19 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:65:cc:f9:e5:8c:7e:fb:e4:0f:12:e5:b6:b6:4c:5a:2e:37:89:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 16:00:19 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=6846dd739a77ceb578935d8323c939ef32d694d909201e5acbddafd40b8364d8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:21:f5:d7:80:59:fc:2c:9c:0d:12:82:49:2e: d1:2c:eb:41:43:a7:bd:15:1e:c0:10:57:78:cf:12: 3a:e8:fc:4f:48:22:86:db:1c:12:fa:46:a2:fa:3d: 59:81:ec:3d:e7:41:ce:d9:04:fd:91:88:f1:62:c0: 75:1f:06:8e:7e:16:c1:16:b7:ad:6a:99:46:85:06: c5:47:38:73:34:d9:f8:c2:63:1e:c8:40:ab:71:90: ca:d8:0e:52:64:3c:20:4e:9c:b5:66:28:be:67:2f: 91:2e:dd:74:26:5b:cd:6f:37:5b:e7:5d:9b:85:44: f8:0f:18:e4:f0:4a:e4:9d:5c:b0:0b:ee:fa:77:45: 90:84:e6:61:d7:d2:86:95:d3:06:ac:a1:b2:71:af: d0:87:94:ea:60:c0:94:05:13:82:c8:aa:a5:6a:16: 0f:5f:cf:21:c2:27:6a:1c:47:3d:b6:47:95:0f:07: ee:70:29:45:04:5d:c0:38:13:1a:d1:df:27:dd:91: 57:8b:78:3a:c2:b9:8d:3d:21:1a:6a:61:72:4c:71: ce:b9:ad:e8:55:cd:44:1b:1b:07:15:63:13:4e:96: d4:97:68:59:bd:3e:85:0c:af:c0:be:82:59:c6:74: 31:61:1c:6e:86:6e:fa:fc:f1:82:6d:85:ce:e3:b0: 31:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:5E:DC:3C:57:FC:2D:90:08:7D:D5:BA:FF:6C:F8:73:23:50:54:56 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.44.0/22 Signature Algorithm: sha256WithRSAEncryption 22:6b:19:d3:16:c9:0e:75:ef:6e:7b:24:ce:5d:c3:d7:ec:9a: fc:65:58:79:c7:fe:97:93:35:ee:53:a2:34:71:28:db:c7:1d: 40:3e:75:00:ac:7a:fa:77:4d:30:b5:fd:61:bd:68:a0:06:76: d5:bd:a0:c6:b8:cc:b4:9a:52:8e:bb:e8:0a:52:de:16:5c:17: d3:c7:29:bb:1c:56:a4:72:a3:bc:9e:39:7f:03:b4:85:97:c8: 7b:26:b3:f3:c6:aa:78:a5:f1:5a:06:7e:31:45:de:b8:d0:09: 07:f3:f8:4d:bd:26:4c:aa:32:1d:96:93:6b:c1:f1:99:a6:7a: 1d:11:b2:a9:97:8d:81:01:72:9f:10:c5:2b:77:6c:e9:14:82: 2b:a4:56:12:54:90:1f:ce:d7:e7:9a:24:c2:0a:c7:d9:94:42: e3:8a:0c:34:ce:d2:75:08:b5:95:1a:e4:7d:a7:ff:15:75:3a: 86:b3:25:ab:b4:9b:1f:1e:21:fe:b2:ba:c5:ee:c3:f0:f6:ed: 06:25:a1:74:59:d0:44:0b:6c:2c:f1:37:ce:a4:37:43:89:94: 2d:33:56:4f:47:61:4e:a4:26:d5:47:72:25:76:2b:09:91:80: 1a:55:ce:f9:a5:80:2d:66:a9:03:60:16:9e:8c:d2:84:f0:9e: b3:4e:ee:ba -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEGXM+eWMfvvkDxLltrZMWi43ia0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE2MDAxOVoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNANjg0NmRkNzM5YTc3Y2ViNTc4OTM1 ZDgzMjNjOTM5ZWYzMmQ2OTRkOTA5MjAxZTVhY2JkZGFmZDQwYjgzNjRkODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyH114BZ/CycDRKCSS7RLOtBQ6e9 FR7AEFd4zxI66PxPSCKG2xwS+kai+j1Zgew950HO2QT9kYjxYsB1HwaOfhbBFret aplGhQbFRzhzNNn4wmMeyECrcZDK2A5SZDwgTpy1Zii+Zy+RLt10JlvNbzdb512b hUT4Dxjk8ErknVywC+76d0WQhOZh19KGldMGrKGyca/Qh5TqYMCUBROCyKqlahYP X88hwidqHEc9tkeVDwfucClFBF3AOBMa0d8n3ZFXi3g6wrmNPSEaamFyTHHOua3o Vc1EGxsHFWMTTpbUl2hZvT6FDK/AvoJZxnQxYRxuhm76/PGCbYXO47Ax2wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFJe3DxX/C2QCH3Vuv9s+HMjUFRWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0NWE2NWJiLTU5MWMtNDdiYy04YThjLTZjODZiMDkzZmQ4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQAiaxnTFskOde9ueyTOXcPX 7Jr8ZVh5x/6XkzXuU6I0cSjbxx1APnUArHr6d00wtf1hvWigBnbVvaDGuMy0mlKO u+gKUt4WXBfTxym7HFakcqO8njl/A7SFl8h7JrPzxqp4pfFaBn4xRd640AkH8/hN vSZMqjIdlpNrwfGZpnodEbKpl42BAXKfEMUrd2zpFIIrpFYSVJAfztfnmiTCCsfZ lELjigw0ztJ1CLWVGuR9p/8VdTqGsyWrtJsfHiH+srrF7sPw9u0GJaF0WdBEC2ws 8TfOpDdDiZQtM1ZPR2FOpCbVR3IldisJkYAaVc75pYAtZqkDYBaejNKE8J6zTu66 -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:21 2025 by rpki-client