$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9208ca37-666c-46cf-adea-072bc5bb150d.roa File: 9208ca37-666c-46cf-adea-072bc5bb150d.roa (raw, json) Hash identifier: PtFLIW0bb53Kyj6MgtSX7M8PQtVFOXfalFs0PE78bNQ= Subject key identifier: EB:29:46:1D:D3:6C:11:86:FF:1A:13:5E:0F:7F:96:BD:BC:01:B8:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 03F5A8CFA26B86D92679C731B3E67F5E2EE11E67 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9208ca37-666c-46cf-adea-072bc5bb150d.roa Signing time: Tue 08 Jul 2025 00:00:54 +0000 ROA not before: Tue 08 Jul 2025 00:00:54 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:f5:a8:cf:a2:6b:86:d9:26:79:c7:31:b3:e6:7f:5e:2e:e1:1e:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:54 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=29f1b8b0d258a1064309d6083a4ec47d46e3bd04958b69195431d3549707a30c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:64:3e:7b:3d:59:bb:d9:0f:53:37:1f:71:0f: 5b:76:32:ae:da:de:74:ea:98:97:cb:56:3d:cc:b4: 36:4c:0c:6d:3d:57:e4:fd:1c:fa:43:cd:15:d7:b8: fb:64:49:bc:ac:0c:39:dd:42:3e:b9:b0:56:2f:a6: 87:9e:e2:e3:1b:41:d9:98:fe:16:1a:b3:da:49:b2: f7:bd:76:f2:c7:86:59:cb:9b:d0:62:b6:47:1b:cc: af:f6:c0:a9:66:43:08:ae:a7:d4:ad:18:a0:eb:cc: 1b:dc:01:9c:4c:80:a3:04:c3:3f:8d:fa:8a:29:e8: 78:47:17:e6:87:e7:df:3c:9a:b6:f7:c9:20:25:ed: 80:88:af:95:32:f8:77:5f:2c:ac:64:02:78:7e:23: 31:c6:b5:7a:8d:fa:4b:d8:a5:53:06:69:9e:fc:1c: 30:2a:84:a8:cf:37:7e:92:b9:a3:83:e2:03:28:07: ea:c4:cb:91:86:4d:85:0f:e5:92:44:e9:bb:d0:de: 99:2e:30:e4:4c:eb:02:9e:c5:04:33:46:65:0e:e0: 1c:6e:f9:96:e6:66:76:26:f5:5a:35:78:fd:98:08: d3:63:07:92:ff:6d:c6:e3:5d:88:c7:f1:58:7b:d3: 0b:fd:df:56:f2:19:ec:1a:a5:da:13:7e:87:48:b7: a5:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:29:46:1D:D3:6C:11:86:FF:1A:13:5E:0F:7F:96:BD:BC:01:B8:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9208ca37-666c-46cf-adea-072bc5bb150d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0b:6b:7f:7b:e6:3a:6a:af:21:0e:78:49:8f:ab:b8:00:61:8a: c0:69:e5:e6:37:96:ad:7d:05:a5:05:1e:bb:f7:e1:9c:00:e4: 60:f7:26:d4:dd:5a:78:93:9d:10:6e:e3:71:1a:cb:25:bc:43: cf:d4:df:a8:af:86:b7:41:11:b2:9b:cf:88:e2:77:99:93:c8: 19:97:a0:cb:a4:14:43:48:e9:22:27:91:1e:87:56:a7:bd:72: e4:8e:bc:ab:2b:e7:32:32:e7:3c:a5:ca:27:95:f0:61:8a:e0: 72:a7:d1:99:42:79:b9:80:02:fe:6c:23:59:82:07:33:80:46: 18:18:e2:94:f0:b8:d5:92:68:59:e0:bd:a1:ab:45:ba:74:3b: 1b:94:ad:12:8f:86:58:3a:ce:b7:ac:15:a2:58:53:fc:6f:ae: 72:59:3a:9e:4a:a4:10:a3:f3:47:7a:8b:51:7d:55:36:e7:ce: 54:68:41:28:05:7b:53:9d:be:7c:80:74:40:bc:a5:99:ea:0d: 3a:bd:d0:2d:f1:0c:61:46:85:d2:86:68:02:4f:c6:e5:87:91: 01:a6:15:58:a5:47:2c:47:42:02:c8:97:4d:ca:df:bb:83:69: e7:25:1f:a6:ce:0c:69:21:6c:c3:ae:84:52:2f:75:be:00:0c: 16:d5:ca:04 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUA/Woz6Jrhtkmeccxs+Z/Xi7hHmcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwODAwMDA1NFoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAMjlmMWI4YjBkMjU4YTEwNjQzMDlk NjA4M2E0ZWM0N2Q0NmUzYmQwNDk1OGI2OTE5NTQzMWQzNTQ5NzA3YTMwYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2Q+ez1Zu9kPUzcfcQ9bdjKu2t50 6piXy1Y9zLQ2TAxtPVfk/Rz6Q80V17j7ZEm8rAw53UI+ubBWL6aHnuLjG0HZmP4W GrPaSbL3vXbyx4ZZy5vQYrZHG8yv9sCpZkMIrqfUrRig68wb3AGcTICjBMM/jfqK Keh4Rxfmh+ffPJq298kgJe2AiK+VMvh3XyysZAJ4fiMxxrV6jfpL2KVTBmme/Bww KoSozzd+krmjg+IDKAfqxMuRhk2FD+WSROm70N6ZLjDkTOsCnsUEM0ZlDuAcbvmW 5mZ2JvVaNXj9mAjTYweS/23G412Ix/FYe9ML/d9W8hnsGqXaE36HSLelEwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFOspRh3TbBGG/xoTXg9/lr28AbgKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkyMDhjYTM3LTY2NmMtNDZjZi1hZGVhLTA3MmJjNWJiMTUwZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAK9owDQYJKoZIhvcNAQELBQADggEBAAtrf3vmOmqvIQ54SY+ruABh isBp5eY3lq19BaUFHrv34ZwA5GD3JtTdWniTnRBu43EayyW8Q8/U36ivhrdBEbKb z4jid5mTyBmXoMukFENI6SInkR6HVqe9cuSOvKsr5zIy5zylyieV8GGK4HKn0ZlC ebmAAv5sI1mCBzOARhgY4pTwuNWSaFngvaGrRbp0OxuUrRKPhlg6zresFaJYU/xv rnJZOp5KpBCj80d6i1F9VTbnzlRoQSgFe1OdvnyAdEC8pZnqDTq90C3xDGFGhdKG aAJPxuWHkQGmFVilRyxHQgLIl03K37uDaeclH6bODGkhbMOuhFIvdb4ADBbVygQ= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:39 2025 by rpki-client