$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa File: 92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa (raw, json) Hash identifier: wqDECSPGQUDTqmyo33ub49nlDp6YFknpolZsFc7hwag= Subject key identifier: 7B:16:FD:A2:DD:CB:81:88:66:25:5C:E7:9B:BC:69:9B:4E:5F:21:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2AF2E688CBAEA9F835E0E505DDEA5122A516CCB7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa Signing time: Tue 10 Jun 2025 15:51:16 +0000 ROA not before: Tue 10 Jun 2025 15:51:16 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 14618 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 00:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:f2:e6:88:cb:ae:a9:f8:35:e0:e5:05:dd:ea:51:22:a5:16:cc:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:51:16 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=c445d9fdc219949bc8e5f16f93303d49ba4641fec5a457801f65e49f608c7ccc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:06:a8:7f:3d:16:03:b1:42:9f:cb:a9:3c:77: de:7c:8c:8a:7b:2e:15:99:ea:70:bd:66:a7:2b:0d: 98:56:82:47:fd:3a:a9:bc:ae:76:64:63:f2:79:0c: e2:06:cb:39:85:41:6d:3c:b8:70:e8:58:12:cd:e4: d4:3a:6e:a3:5d:9f:66:32:92:9b:db:40:2a:f8:c2: 5f:99:5e:a5:2c:34:cf:8d:2b:0b:6f:2c:61:ad:90: db:01:46:3c:ee:70:e1:fa:ae:6a:eb:01:0f:8e:f8: f6:55:93:b6:53:ab:27:5d:16:67:b2:0d:33:ca:15: 12:f6:05:a6:b9:75:93:65:35:b7:43:7d:39:b8:81: a2:cc:89:4d:5d:98:19:9d:5c:40:62:b0:9b:36:bf: 1c:ed:c1:9f:ed:21:06:cd:af:9b:ae:d9:d2:2a:25: 84:14:6d:67:92:e6:11:ea:97:ec:95:1d:d8:a0:e3: ea:45:81:15:3f:d9:81:f2:ff:03:e3:7f:e7:0b:df: 04:e3:5c:28:e9:71:fd:1d:50:79:b0:23:61:c0:d3: 66:f6:a2:e9:68:34:91:78:d7:73:53:a2:cd:71:53: 7d:63:c8:8a:6d:ae:7e:38:29:e7:06:59:b8:c1:5b: 6a:b7:2c:3e:6f:1a:88:da:cd:9b:70:ea:17:b2:c6: d9:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:16:FD:A2:DD:CB:81:88:66:25:5C:E7:9B:BC:69:9B:4E:5F:21:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption c9:b5:b5:27:38:8f:33:20:03:cd:d4:e8:14:4a:62:58:91:62: 62:47:63:1d:fb:ff:94:5a:f4:24:db:d8:92:4b:25:11:c4:a4: ca:07:06:db:21:2d:ce:45:3f:7f:e4:a3:c9:b4:ee:fc:de:3a: 07:6f:dd:d8:6f:7d:26:62:55:6e:f6:39:59:95:9b:22:75:7b: d7:ef:73:0e:9c:2c:e3:13:11:3b:b4:69:3c:aa:e9:44:49:4d: ba:25:c2:83:8a:76:37:4a:44:19:8e:b6:85:3c:5c:54:21:e6: 96:cc:08:c8:b1:20:50:12:03:4d:8d:37:af:81:ac:ce:2a:fb: 62:0a:a7:d6:14:7e:c4:50:b1:09:24:df:0c:f8:34:7c:d6:ba: e4:ec:4f:8a:d7:d3:1a:9b:89:36:47:35:f4:20:46:1a:23:b9: a6:c6:93:b6:5c:52:e4:8a:80:89:03:b6:73:68:d8:31:4c:72: 93:f4:b3:53:dd:7b:95:7b:f6:b9:53:9f:4e:6f:0a:72:5a:3e: 47:fa:ac:56:8f:54:63:c9:f9:25:a5:50:2a:b2:77:60:7d:5b: b3:5b:79:ab:87:95:f7:02:7e:cd:27:2f:65:e7:00:30:ce:70: d9:ff:ba:4b:c3:a0:f3:6e:9f:5c:1b:a2:af:f8:8d:df:5a:91: bf:2c:08:bd -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUKvLmiMuuqfg14OUF3epRIqUWzLcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NTExNloX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYzQ0NWQ5ZmRjMjE5OTQ5YmM4ZTVm MTZmOTMzMDNkNDliYTQ2NDFmZWM1YTQ1NzgwMWY2NWU0OWY2MDhjN2NjYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQaofz0WA7FCn8upPHfefIyKey4V mepwvWanKw2YVoJH/TqpvK52ZGPyeQziBss5hUFtPLhw6FgSzeTUOm6jXZ9mMpKb 20Aq+MJfmV6lLDTPjSsLbyxhrZDbAUY87nDh+q5q6wEPjvj2VZO2U6snXRZnsg0z yhUS9gWmuXWTZTW3Q305uIGizIlNXZgZnVxAYrCbNr8c7cGf7SEGza+brtnSKiWE FG1nkuYR6pfslR3YoOPqRYEVP9mB8v8D43/nC98E41wo6XH9HVB5sCNhwNNm9qLp aDSReNdzU6LNcVN9Y8iKba5+OCnnBlm4wVtqtyw+bxqI2s2bcOoXssbZqQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFHsW/aLdy4GIZiVc55u8aZtOXyHIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkyZGMxYTY0LWU3OTEtNDllMS05ZjFmLWJkYmIzNzRhZGZhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAMm1tSc4jzMgA83U6BRKYliR YmJHYx37/5Ra9CTb2JJLJRHEpMoHBtshLc5FP3/ko8m07vzeOgdv3dhvfSZiVW72 OVmVmyJ1e9fvcw6cLOMTETu0aTyq6URJTbolwoOKdjdKRBmOtoU8XFQh5pbMCMix IFASA02NN6+BrM4q+2IKp9YUfsRQsQkk3wz4NHzWuuTsT4rX0xqbiTZHNfQgRhoj uabGk7ZcUuSKgIkDtnNo2DFMcpP0s1Pde5V79rlTn05vCnJaPkf6rFaPVGPJ+SWl UCqyd2B9W7NbeauHlfcCfs0nL2XnADDOcNn/ukvDoPNun1wboq/4jd9akb8sCL0= -----END CERTIFICATE-----Generated at Tue Jul 1 23:25:45 2025 by rpki-client