$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa File: 25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa (raw, json) Hash identifier: uGiFKPLQDS/QAU59JJG2IGztYjRxhlFBPzF6P6baRXI= Subject key identifier: 4E:D6:A3:7D:D1:E8:3D:9F:5C:EB:AB:04:65:0C:58:D5:7E:F1:1F:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 58F406D79B7206B016882BE8DAF12307EBEEB90D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa Signing time: Wed 23 Jul 2025 00:00:15 +0000 ROA not before: Wed 23 Jul 2025 00:00:15 +0000 ROA not after: Wed 27 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:f4:06:d7:9b:72:06:b0:16:88:2b:e8:da:f1:23:07:eb:ee:b9:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 23 00:00:15 2025 GMT Not After : Aug 27 23:59:59 2025 GMT Subject: serialNumber=21a9b363d4eaa19d041b0ecb0064d02c06041abd7f00d193cde5f3ea6020f8f1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3d:fb:35:de:53:dc:47:a6:5d:f0:6f:df:14: 0d:a3:77:e2:d9:98:59:7d:b6:4b:4d:e7:f9:df:74: b5:0d:1d:4d:a6:fc:96:97:3b:3d:4d:47:24:1e:46: a3:e0:06:8c:a9:d6:b2:72:85:90:f6:17:57:9b:31: 6a:91:ce:98:57:d7:e0:d3:50:e6:4f:a5:70:5d:bc: a8:b7:09:29:45:ea:3f:8b:95:50:bd:8f:7c:2f:f0: 51:b2:42:95:f1:83:af:89:ea:a8:df:c2:54:f8:25: ae:19:14:d3:cc:a0:7e:cb:11:a6:32:46:cb:60:62: 06:28:e8:3c:a9:5d:73:96:84:4e:ad:89:80:70:0d: b0:62:b7:37:40:df:64:49:17:1d:96:2b:a4:13:62: 53:cf:12:7f:ae:86:7e:bf:51:cd:a8:f2:bc:bd:ba: a6:50:20:0b:34:f3:ce:b8:4e:4f:bd:26:56:bc:66: 08:60:d5:89:4a:8f:48:28:ac:aa:08:fe:52:4a:ed: 60:e2:40:c5:45:c1:40:0e:e3:03:8f:75:21:e1:1f: 1f:e8:0f:f5:89:7e:1d:b6:90:0f:2c:10:b9:d2:79: 12:97:94:b2:ec:43:06:dd:7a:93:78:3f:7b:ee:da: be:2e:20:e6:a8:5e:be:fe:e7:e3:ad:e8:63:62:42: ba:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:D6:A3:7D:D1:E8:3D:9F:5C:EB:AB:04:65:0C:58:D5:7E:F1:1F:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.70.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:34:9f:f3:88:8a:56:b9:95:3a:0c:90:87:73:41:74:d2:0e: 23:81:f8:dd:82:7b:8d:49:a9:a3:55:b2:7d:43:8a:bc:c6:0d: b1:a3:c6:58:a2:6a:e4:d3:3b:21:5d:a3:d6:b1:d3:dc:1c:1b: ae:96:22:0f:97:1a:d3:ed:95:4b:9f:16:2c:b3:9d:80:04:4b: 28:c4:fe:09:42:b0:1a:18:fb:7a:2c:83:aa:05:0a:ec:52:26: af:ec:e8:16:47:a7:08:c0:bc:53:86:e4:a3:b6:56:5a:dd:5d: 38:4a:ea:61:98:45:d7:f4:02:4d:eb:d4:48:5f:b9:8a:d5:e5: 7b:36:63:59:aa:80:50:0c:9d:05:ef:7a:f2:da:ab:af:4b:ca: 8a:ae:eb:85:3a:68:80:d8:0c:a8:56:4b:8e:4d:24:54:10:56: ae:5b:c9:f9:b6:0e:46:c3:4f:6c:7a:11:31:8d:06:5a:5f:65: 6e:62:23:f5:89:c5:6e:64:27:2a:a5:23:23:8f:74:0a:03:01: 2a:1c:e6:ec:48:45:f7:a2:7d:0f:21:a5:36:1c:6c:1a:6a:11: 2a:d7:74:11:d0:75:17:84:6d:f8:00:1b:88:71:f5:b0:8b:20: b4:58:ac:9a:6d:3b:f2:b6:68:38:ad:b6:b9:8d:19:9d:b0:02: 0c:8e:ba:a5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUWPQG15tyBrAWiCvo2vEjB+vuuQ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDAxNVoX DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAMjFhOWIzNjNkNGVhYTE5ZDA0MWIw ZWNiMDA2NGQwMmMwNjA0MWFiZDdmMDBkMTkzY2RlNWYzZWE2MDIwZjhmMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT37Nd5T3EemXfBv3xQNo3fi2ZhZ fbZLTef533S1DR1NpvyWlzs9TUckHkaj4AaMqdaycoWQ9hdXmzFqkc6YV9fg01Dm T6VwXbyotwkpReo/i5VQvY98L/BRskKV8YOvieqo38JU+CWuGRTTzKB+yxGmMkbL YGIGKOg8qV1zloROrYmAcA2wYrc3QN9kSRcdliukE2JTzxJ/roZ+v1HNqPK8vbqm UCALNPPOuE5PvSZWvGYIYNWJSo9IKKyqCP5SSu1g4kDFRcFADuMDj3Uh4R8f6A/1 iX4dtpAPLBC50nkSl5Sy7EMG3XqTeD977tq+LiDmqF6+/ufjrehjYkK6mQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFE7Wo33R6D2fXOurBGUMWNV+8R9CMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1ZTA0YzVkLTRhZTktNDQ3MC04MTM4LWRlYTFlOGIzMTYwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RGMA0GCSqGSIb3DQEBCwUAA4IBAQAbNJ/ziIpWuZU6DJCHc0F0 0g4jgfjdgnuNSamjVbJ9Q4q8xg2xo8ZYomrk0zshXaPWsdPcHBuuliIPlxrT7ZVL nxYss52ABEsoxP4JQrAaGPt6LIOqBQrsUiav7OgWR6cIwLxThuSjtlZa3V04Suph mEXX9AJN69RIX7mK1eV7NmNZqoBQDJ0F73ry2quvS8qKruuFOmiA2AyoVkuOTSRU EFauW8n5tg5Gw09sehExjQZaX2VuYiP1icVuZCcqpSMjj3QKAwEqHObsSEX3on0P IaU2HGwaahEq13QR0HUXhG34ABuIcfWwiyC0WKyabTvytmg4rba5jRmdsAIMjrql -----END CERTIFICATE-----Generated at Thu Jul 31 01:03:55 2025 by rpki-client