$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa File: 427017ca-fc05-4df1-9de8-dc6182848704.roa (raw, json) Hash identifier: bzRofDoD/t5PfX7C/AHi+TB8IvQ25CicfdU22kGqedg= Subject key identifier: 37:17:0B:04:A9:F3:82:0A:AF:25:10:8C:E8:3F:BF:D7:A8:C9:F9:2B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6D37AE6C930766A31919412E7F55AA0DE04BAD43 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa Signing time: Tue 26 Aug 2025 00:51:13 +0000 ROA not before: Tue 26 Aug 2025 00:51:13 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 8987 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:37:ae:6c:93:07:66:a3:19:19:41:2e:7f:55:aa:0d:e0:4b:ad:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:51:13 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=8fdcba28f48b32c66a205e1b80a7f900d74bcc3ebb00f2fc2856884dbec3cfbd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f7:90:93:aa:87:ed:3c:65:6a:2e:9a:3a:bb: ea:aa:dd:40:04:d5:b2:71:24:3e:54:9f:1e:b8:ba: 59:21:fe:ac:8c:49:31:41:a9:c1:20:85:cc:81:9c: e8:c4:c4:bd:52:dc:1e:db:23:ed:94:8c:c7:df:2a: a4:50:6f:6a:c0:d6:b5:9a:f2:26:52:80:03:8e:7a: 30:64:51:76:a1:3d:44:25:83:04:e9:40:37:b4:b9: 20:88:6e:57:a7:12:35:a4:6d:3e:fb:5e:df:cc:25: aa:27:b3:4a:54:ba:79:0f:52:8d:5a:04:9b:25:1e: e3:46:bd:85:ba:0c:44:09:b1:e0:bc:ff:94:b3:14: c5:6d:4e:0d:59:22:f8:89:c2:6e:18:4d:b6:56:ac: 3d:75:f6:2f:00:10:0b:fa:7a:0d:81:8d:88:e4:53: b9:73:5c:9e:7d:19:f0:a8:a5:ec:d7:88:a5:85:03: 22:c8:16:6a:e9:3f:be:3c:3e:d9:ce:9f:dc:ac:c8: 21:7f:5b:ff:e4:eb:68:9b:bc:d8:29:9a:38:1b:d5: 0c:c5:8e:7a:72:51:14:14:99:6f:02:ce:3f:04:d0: cf:31:a3:40:e8:ac:4e:5b:e3:e8:18:39:e9:d2:62: 68:f8:b5:ad:e4:d3:84:8b:40:84:72:39:89:58:38: 2d:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:17:0B:04:A9:F3:82:0A:AF:25:10:8C:E8:3F:BF:D7:A8:C9:F9:2B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption b8:00:3a:60:aa:a6:1e:83:96:d4:9a:0d:e7:66:b5:76:d3:4e: b4:d1:60:61:6e:a7:38:70:97:c5:26:c5:9c:f7:bd:c6:8f:b6: 43:3d:9f:30:e0:97:95:b6:f4:74:60:32:5c:a5:d7:dd:3c:5a: 55:b2:f8:3f:11:75:ba:f0:0b:8c:03:d1:84:02:d8:bf:89:c2: 16:86:53:d7:20:4f:b0:51:a2:91:d7:bd:92:4d:73:f2:34:09: 9f:4d:6b:71:6e:63:5d:ad:42:e1:24:96:36:da:2d:39:d5:ba: 83:d2:d2:13:ce:dd:8b:9a:8a:90:dc:5f:98:e6:24:2c:a6:29: ad:95:04:8a:26:52:52:50:7d:8f:df:d5:5b:8d:e6:51:38:ba: 2c:09:c6:17:41:0d:81:44:5f:ad:35:35:41:84:0b:d9:9a:69: 27:ee:5c:e5:54:df:e3:41:ac:8e:d2:61:aa:d1:55:a3:a0:f8: 44:fa:15:97:a4:dc:f4:1e:c7:9a:a4:a1:0a:be:d5:8b:ff:a5: 09:ac:76:d0:c1:04:d1:74:69:98:a4:7a:3b:4c:c3:f0:73:e4: c9:dc:d6:b7:a5:6e:41:42:2f:01:4c:22:0f:50:24:42:aa:79: e5:14:73:85:3f:21:e5:70:56:f5:e0:33:01:5b:88:1b:73:8a: e0:0b:7e:08 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUbTeubJMHZqMZGUEuf1WqDeBLrUMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwNTExM1oX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAOGZkY2JhMjhmNDhiMzJjNjZhMjA1 ZTFiODBhN2Y5MDBkNzRiY2MzZWJiMDBmMmZjMjg1Njg4NGRiZWMzY2ZiZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPeQk6qH7Txlai6aOrvqqt1ABNWy cSQ+VJ8euLpZIf6sjEkxQanBIIXMgZzoxMS9Utwe2yPtlIzH3yqkUG9qwNa1mvIm UoADjnowZFF2oT1EJYME6UA3tLkgiG5XpxI1pG0++17fzCWqJ7NKVLp5D1KNWgSb JR7jRr2FugxECbHgvP+UsxTFbU4NWSL4icJuGE22Vqw9dfYvABAL+noNgY2I5FO5 c1yefRnwqKXs14ilhQMiyBZq6T++PD7Zzp/crMghf1v/5Otom7zYKZo4G9UMxY56 clEUFJlvAs4/BNDPMaNA6KxOW+PoGDnp0mJo+LWt5NOEi0CEcjmJWDgt3QIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFDcXCwSp84IKryUQjOg/v9eoyfkrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyNzAxN2NhLWZjMDUtNGRmMS05ZGU4LWRjNjE4Mjg0ODcwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBALgAOmCqph6DltSaDedmtXbT TrTRYGFupzhwl8UmxZz3vcaPtkM9nzDgl5W29HRgMlyl1908WlWy+D8RdbrwC4wD 0YQC2L+JwhaGU9cgT7BRopHXvZJNc/I0CZ9Na3FuY12tQuEkljbaLTnVuoPS0hPO 3YuaipDcX5jmJCymKa2VBIomUlJQfY/f1VuN5lE4uiwJxhdBDYFEX601NUGEC9ma aSfuXOVU3+NBrI7SYarRVaOg+ET6FZek3PQex5qkoQq+1Yv/pQmsdtDBBNF0aZik ejtMw/Bz5Mnc1relbkFCLwFMIg9QJEKqeeUUc4U/IeVwVvXgMwFbiBtziuALfgg= -----END CERTIFICATE-----Generated at Sun Sep 7 11:21:21 2025 by rpki-client