$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa File: c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa (raw, json) Hash identifier: 29W9baS1ezgnMspblpV6tO4kzMsgrl55pWp4L4oJYuc= Subject key identifier: 7B:A8:58:89:1E:45:FB:D3:A3:46:B4:F7:33:C5:79:8C:D2:30:E7:4E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10AD8DF19477BAF9DB7439B3D6866F0293C9281E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa Signing time: Tue 08 Jul 2025 00:00:54 +0000 ROA not before: Tue 08 Jul 2025 00:00:54 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:ad:8d:f1:94:77:ba:f9:db:74:39:b3:d6:86:6f:02:93:c9:28:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:54 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=de33f09c64add5bbde5962362ecbc95e62c22fcc0c5d84f33cfae801df066777, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:07:45:1f:e1:85:b1:c9:86:d0:8f:4c:74:ce: 39:af:42:2a:14:e5:64:c9:2b:90:8e:4f:f8:78:17: 8b:9a:32:c6:23:87:d7:d7:7b:63:3f:1b:66:56:bc: 5f:1e:e1:c6:d2:09:eb:f9:df:cc:aa:d0:24:6d:7f: 30:d5:cf:d6:f1:b9:43:7c:e7:42:69:3a:ba:7c:b2: 4f:6d:ff:ba:9f:e8:bc:b9:93:5b:92:73:c6:8c:af: 79:22:a3:be:1f:3b:8c:c1:17:27:2a:f1:f9:fd:43: 73:8d:8a:3c:00:a1:5f:b7:10:55:e3:09:05:08:81: 1d:d4:2a:d1:5f:f6:9c:12:8f:45:b2:d7:cc:7a:f1: 9a:87:a8:df:ef:d8:b3:d9:ce:f3:eb:f8:0d:3d:cf: 65:77:a5:72:d0:53:18:f4:f7:b8:1f:4c:79:e2:81: 5d:cd:20:b2:96:89:01:ce:70:33:cf:1d:a5:df:d8: 71:59:b0:67:fc:48:6f:39:5f:72:ff:18:d5:bc:0a: c0:5c:9f:c5:3b:62:6a:5c:6f:b9:de:e7:72:b4:68: 0e:3f:8b:e0:68:1b:08:3c:e6:f4:bb:d3:e6:63:67: ee:11:fd:96:2d:4c:59:fb:68:83:41:f2:b8:2c:0b: 1c:dc:b2:6d:ae:2f:15:98:1e:b3:40:1b:1c:ae:fe: 6a:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:A8:58:89:1E:45:FB:D3:A3:46:B4:F7:33:C5:79:8C:D2:30:E7:4E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.158.0/23 Signature Algorithm: sha256WithRSAEncryption 2b:e0:ab:30:84:91:69:17:27:27:1a:6e:08:6e:ba:ae:5f:af: 72:2b:a5:ec:26:71:91:db:2d:82:08:7c:b2:37:89:22:1b:2a: 39:11:59:23:75:47:b4:d2:01:39:89:64:cd:34:76:37:04:a5: 66:8b:3e:60:bd:e9:49:0a:ae:4b:11:82:d3:bb:31:48:e3:d7: 85:3d:02:e0:24:d3:59:5b:7d:4f:65:7f:51:93:aa:d5:64:14: 42:ba:ca:87:f3:94:04:b8:64:6a:a8:25:1e:ba:4d:95:6e:ec: cf:c8:7e:1a:70:85:0d:9d:10:72:22:28:c7:d8:da:23:b3:c4: 43:89:cb:0b:86:b6:c4:f6:60:52:c5:b6:d5:d7:ac:cf:fa:46: cf:f8:7c:bd:b1:62:01:34:58:70:26:e6:9e:d2:32:16:36:4c: 2a:47:bc:d5:66:81:89:93:b5:62:5a:41:c3:d5:01:8d:6e:69: 3d:e6:22:74:cf:8f:44:a8:db:80:b9:1f:b4:78:6b:46:a2:7e: 44:2f:00:7b:74:66:c2:d0:21:cd:23:68:60:00:3e:67:44:44: b5:9f:b2:bf:92:c7:31:27:65:45:de:8b:2c:d5:92:19:44:73: a1:5a:b1:68:e2:4c:92:2b:69:84:9a:05:22:63:a9:99:08:12: 9d:a7:79:31 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEK2N8ZR3uvnbdDmz1oZvApPJKB4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwODAwMDA1NFoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAZGUzM2YwOWM2NGFkZDViYmRlNTk2 MjM2MmVjYmM5NWU2MmMyMmZjYzBjNWQ4NGYzM2NmYWU4MDFkZjA2Njc3NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAdFH+GFscmG0I9MdM45r0IqFOVk ySuQjk/4eBeLmjLGI4fX13tjPxtmVrxfHuHG0gnr+d/MqtAkbX8w1c/W8blDfOdC aTq6fLJPbf+6n+i8uZNbknPGjK95IqO+HzuMwRcnKvH5/UNzjYo8AKFftxBV4wkF CIEd1CrRX/acEo9FstfMevGah6jf79iz2c7z6/gNPc9ld6Vy0FMY9Pe4H0x54oFd zSCylokBznAzzx2l39hxWbBn/EhvOV9y/xjVvArAXJ/FO2JqXG+53udytGgOP4vg aBsIPOb0u9PmY2fuEf2WLUxZ+2iDQfK4LAsc3LJtri8VmB6zQBscrv5qdQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHuoWIkeRfvTo0a09zPFeYzSMOdOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZTA3MzVkLWE5MWUtNDc4ZC04MmQyLWEzZjA0ZWU0MzVkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9qeMA0GCSqGSIb3DQEBCwUAA4IBAQAr4KswhJFpFycnGm4Ibrqu X69yK6XsJnGR2y2CCHyyN4kiGyo5EVkjdUe00gE5iWTNNHY3BKVmiz5gvelJCq5L EYLTuzFI49eFPQLgJNNZW31PZX9Rk6rVZBRCusqH85QEuGRqqCUeuk2VbuzPyH4a cIUNnRByIijH2Nojs8RDicsLhrbE9mBSxbbV16zP+kbP+Hy9sWIBNFhwJuae0jIW NkwqR7zVZoGJk7ViWkHD1QGNbmk95iJ0z49EqNuAuR+0eGtGon5ELwB7dGbC0CHN I2hgAD5nRES1n7K/kscxJ2VF3oss1ZIZRHOhWrFo4kySK2mEmgUiY6mZCBKdp3kx -----END CERTIFICATE-----Generated at Thu Jul 31 00:57:26 2025 by rpki-client