$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa File: 92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa (raw, json) Hash identifier: wJEmxHqkoaDP4kUzUT1Os90+JLoIrmZY06x6330w4MA= Subject key identifier: 4C:D9:6E:D2:6F:69:69:2E:F1:DC:2C:38:93:98:0F:44:D3:D0:EF:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B7355C8C4F9CEE185A267E4B2285110D8E994A7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa Signing time: Mon 07 Jul 2025 16:00:03 +0000 ROA not before: Mon 07 Jul 2025 16:00:03 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Jul 2025 00:08:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:73:55:c8:c4:f9:ce:e1:85:a2:67:e4:b2:28:51:10:d8:e9:94:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 16:00:03 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=aec31222d754cab6c2f2c68dfcccede22664f904ac18d8d5bfef5f763cf26329, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:dd:6f:8d:12:82:9e:dc:7a:6e:0b:3d:e1:32: 2b:36:c4:25:82:aa:14:c9:65:99:c8:b6:16:ae:62: 41:62:6e:2d:b2:3c:a4:34:33:82:64:6b:14:4f:db: c8:19:94:0f:81:30:e9:f3:e4:00:de:39:d0:74:c2: 6b:9a:e5:c8:cd:3e:31:95:c6:d5:9e:91:9c:3f:cc: ce:32:6f:12:09:e1:5f:19:d8:de:44:f4:a3:59:34: 6c:b1:52:be:0d:c4:b0:2c:c4:e7:cd:69:62:7e:16: 6f:a4:30:48:52:5d:68:25:07:05:98:79:78:3b:15: 49:df:a5:4a:42:ea:ac:d1:61:48:1f:a7:5e:72:ef: 3e:87:b2:f0:8a:73:b8:0b:48:fc:3a:7d:21:7b:43: 93:69:2b:e4:78:5f:62:e1:0b:55:ee:04:4f:60:d3: 52:02:97:0f:8f:d5:6d:4e:42:62:1e:be:b3:77:0a: 42:ca:21:9d:3e:0d:94:9e:93:d3:af:25:2f:ce:36: 60:7f:89:27:03:37:66:a5:8a:1d:fa:b1:dc:95:eb: 7d:2d:be:66:f3:43:43:21:c4:8f:a3:af:27:03:f5: 34:25:2f:06:a3:20:23:38:0a:0c:0e:3e:c6:c0:50: f8:d5:11:bd:39:61:4a:d1:45:9e:64:3c:3f:30:7c: 9e:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:D9:6E:D2:6F:69:69:2E:F1:DC:2C:38:93:98:0F:44:D3:D0:EF:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 45:e6:e1:c5:db:ba:d5:c2:6a:41:94:37:0e:9e:50:08:ed:55: 52:51:e7:3e:ca:f0:06:25:2a:c7:a1:02:66:a8:ee:bd:53:18: 83:2c:5d:e0:86:81:38:0d:03:a2:59:9d:3a:bf:9b:c7:47:08: 0a:8d:74:33:05:30:01:1c:45:5f:d2:17:0b:ab:d3:9f:8e:ab: ce:7c:f4:0d:89:66:90:bf:a2:32:26:87:d4:92:44:cb:3e:a1: 61:6b:f6:c0:50:45:ff:59:71:3b:e8:33:86:95:86:41:7f:eb: 04:91:1c:c7:8f:7d:af:ba:b3:d3:65:8b:46:07:2e:15:30:af: 49:1f:c0:18:d7:f5:d2:0a:95:b5:1e:ce:9a:53:a7:7e:55:b9: a0:02:51:d1:14:3b:8f:b3:45:e7:94:22:b3:ca:fb:63:dd:e3: c1:19:42:69:8c:a7:fc:f7:ef:ed:1a:00:cf:a3:5d:59:57:78: 0a:7e:18:fe:9d:07:14:56:24:d9:f7:c4:f3:a6:12:87:de:4a: 93:76:a5:f3:7b:3e:67:c5:cd:fb:2d:cf:2f:08:79:a6:55:60: 15:12:59:e7:9b:a3:22:2f:2a:ed:4a:06:c6:45:f2:6e:32:c7: 0e:df:81:bc:f2:42:92:28:1b:4c:67:b3:91:66:cc:8a:09:39: 47:f9:dc:f2 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUO3NVyMT5zuGFomfksihRENjplKcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE2MDAwM1oX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYWVjMzEyMjJkNzU0Y2FiNmMyZjJj NjhkZmNjY2VkZTIyNjY0ZjkwNGFjMThkOGQ1YmZlZjVmNzYzY2YyNjMyOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2t1vjRKCntx6bgs94TIrNsQlgqoU yWWZyLYWrmJBYm4tsjykNDOCZGsUT9vIGZQPgTDp8+QA3jnQdMJrmuXIzT4xlcbV npGcP8zOMm8SCeFfGdjeRPSjWTRssVK+DcSwLMTnzWlifhZvpDBIUl1oJQcFmHl4 OxVJ36VKQuqs0WFIH6decu8+h7LwinO4C0j8On0he0OTaSvkeF9i4QtV7gRPYNNS ApcPj9VtTkJiHr6zdwpCyiGdPg2UnpPTryUvzjZgf4knAzdmpYod+rHclet9Lb5m 80NDIcSPo68nA/U0JS8GoyAjOAoMDj7GwFD41RG9OWFK0UWeZDw/MHyehwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFEzZbtJvaWku8dwsOJOYD0TT0O//MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkyZGMxYTY0LWU3OTEtNDllMS05ZjFmLWJkYmIzNzRhZGZhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAEXm4cXbutXCakGUNw6eUAjt VVJR5z7K8AYlKsehAmao7r1TGIMsXeCGgTgNA6JZnTq/m8dHCAqNdDMFMAEcRV/S Fwur05+Oq8589A2JZpC/ojImh9SSRMs+oWFr9sBQRf9ZcTvoM4aVhkF/6wSRHMeP fa+6s9Nli0YHLhUwr0kfwBjX9dIKlbUezppTp35VuaACUdEUO4+zReeUIrPK+2Pd 48EZQmmMp/z37+0aAM+jXVlXeAp+GP6dBxRWJNn3xPOmEofeSpN2pfN7PmfFzfst zy8IeaZVYBUSWeeboyIvKu1KBsZF8m4yxw7fgbzyQpIoG0xns5FmzIoJOUf53PI= -----END CERTIFICATE-----Generated at Thu Jul 10 05:13:43 2025 by rpki-client