$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/653a4574-339b-4bb5-9b34-5450c0c7e304.roa File: 653a4574-339b-4bb5-9b34-5450c0c7e304.roa (raw, json) Hash identifier: NVaKQIR6/0pAnPF52klVeJBE6hRz6MvkgDIDBP59Qxg= Subject key identifier: CE:8E:77:BF:7E:B2:2C:AB:7A:9D:84:97:21:9D:7E:4E:40:13:C6:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 06C2DFA59AE5CAAC29BE2007E9672807A223A3B4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/653a4574-339b-4bb5-9b34-5450c0c7e304.roa Signing time: Wed 09 Jul 2025 00:00:14 +0000 ROA not before: Wed 09 Jul 2025 00:00:14 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.54.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:c2:df:a5:9a:e5:ca:ac:29:be:20:07:e9:67:28:07:a2:23:a3:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 9 00:00:14 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=7f657681c6496ab709ceb90b4ae8e03db43e5231d48fd2c8d73e4f8728f75b8e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:9f:52:f1:a7:9e:ba:2a:a7:a5:89:ff:22:84: f6:5a:95:9a:f6:d1:ff:20:69:33:a6:52:44:e6:43: 32:d6:15:1e:39:0c:0d:24:0e:5c:4e:47:1b:64:f2: ea:ef:32:f9:37:2f:c4:82:aa:e7:9a:f1:8c:26:98: 45:e5:05:a2:3d:d5:7b:f3:bf:ba:af:2e:a9:62:a3: c6:09:90:be:aa:19:5b:fd:60:f2:26:99:80:1c:66: d9:a3:d2:78:79:f6:6f:8e:4d:2d:e0:e3:a9:eb:8a: e7:eb:84:e4:2a:ef:3d:8c:35:28:cf:f2:a9:e5:04: 3c:80:2b:dc:71:5c:fe:b8:28:d7:af:8b:54:36:7a: a3:0f:e6:4a:54:57:62:37:78:7d:d9:f1:63:8c:2b: 78:bc:e4:b4:ea:61:8d:0d:56:cd:b7:0e:54:76:ee: 72:50:d2:df:09:c9:82:05:fa:37:37:87:80:7e:a3: 00:49:ab:75:39:16:a2:42:dc:a7:5e:40:b3:af:c9: 6b:de:f0:67:d6:f3:e4:54:12:44:4e:35:a8:db:fa: 15:1c:34:60:2a:e9:7d:58:59:54:74:dd:80:ce:d8: 9c:f3:d9:0a:e1:6c:6a:99:9e:6f:44:51:9e:d9:34: e6:cc:7f:c8:48:98:c0:4d:df:14:bb:59:ee:c9:20: a2:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:8E:77:BF:7E:B2:2C:AB:7A:9D:84:97:21:9D:7E:4E:40:13:C6:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/653a4574-339b-4bb5-9b34-5450c0c7e304.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.54.0/24 Signature Algorithm: sha256WithRSAEncryption ac:35:c0:40:01:0c:36:d3:e7:32:54:56:d2:5a:a7:99:f6:a1: 26:a8:a5:86:05:3f:b2:d8:ff:71:e1:d4:6e:a2:5b:de:77:b7: 86:93:04:7d:43:47:18:b7:20:d4:57:ea:54:28:d5:8d:1d:6d: db:5a:83:25:de:b8:1a:ff:9f:30:45:b5:59:7b:a5:4a:21:5b: 3f:ed:d5:d1:0d:1f:d1:47:68:dc:8d:42:f2:a7:a1:10:c8:68: 40:3e:a4:4c:c4:11:cc:1f:6e:55:aa:e3:54:2e:de:66:46:91: 66:b2:15:9e:47:67:f1:4d:db:62:64:85:6e:06:9d:80:88:e3: 2d:7e:7d:c4:e5:ec:9f:e2:f7:2a:7b:30:ae:81:55:6a:ec:27: 8a:34:ef:66:d4:2c:10:65:35:c0:4e:e0:e4:a8:87:7c:f8:0d: ba:3a:de:96:a8:74:20:df:c5:cc:f6:58:4b:75:65:d4:db:f5: 80:8d:03:f0:0f:76:d8:b4:6a:a2:9d:38:b9:e8:f0:3b:e7:b6: 5a:d9:7a:a0:37:8e:a2:6a:e8:02:23:dc:56:85:7b:88:5d:3a: 68:90:f0:e6:a4:df:66:95:40:84:bb:26:5f:a6:21:e1:10:1e: 31:ce:31:e7:e2:4b:33:5b:b8:f8:ce:a7:9a:03:65:d1:73:ed: ab:8c:f1:09 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBsLfpZrlyqwpviAH6WcoB6Ijo7QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwOTAwMDAxNFoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAN2Y2NTc2ODFjNjQ5NmFiNzA5Y2Vi OTBiNGFlOGUwM2RiNDNlNTIzMWQ0OGZkMmM4ZDczZTRmODcyOGY3NWI4ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Z9S8aeeuiqnpYn/IoT2WpWa9tH/ IGkzplJE5kMy1hUeOQwNJA5cTkcbZPLq7zL5Ny/EgqrnmvGMJphF5QWiPdV787+6 ry6pYqPGCZC+qhlb/WDyJpmAHGbZo9J4efZvjk0t4OOp64rn64TkKu89jDUoz/Kp 5QQ8gCvccVz+uCjXr4tUNnqjD+ZKVFdiN3h92fFjjCt4vOS06mGNDVbNtw5Udu5y UNLfCcmCBfo3N4eAfqMASat1ORaiQtynXkCzr8lr3vBn1vPkVBJETjWo2/oVHDRg Kul9WFlUdN2Aztic89kK4WxqmZ5vRFGe2TTmzH/ISJjATd8Uu1nuySCiWwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFM6Od79+siyrep2ElyGdfk5AE8YcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY1M2E0NTc0LTMzOWItNGJiNS05YjM0LTU0NTBjMGM3ZTMwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A2MA0GCSqGSIb3DQEBCwUAA4IBAQCsNcBAAQw20+cyVFbSWqeZ 9qEmqKWGBT+y2P9x4dRuolved7eGkwR9Q0cYtyDUV+pUKNWNHW3bWoMl3rga/58w RbVZe6VKIVs/7dXRDR/RR2jcjULyp6EQyGhAPqRMxBHMH25VquNULt5mRpFmshWe R2fxTdtiZIVuBp2AiOMtfn3E5eyf4vcqezCugVVq7CeKNO9m1CwQZTXATuDkqId8 +A26Ot6WqHQg38XM9lhLdWXU2/WAjQPwD3bYtGqinTi56PA757Za2XqgN46iaugC I9xWhXuIXTpokPDmpN9mlUCEuyZfpiHhEB4xzjHn4kszW7j4zqeaA2XRc+2rjPEJ -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:52 2025 by rpki-client