$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa File: fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa (raw, json) Hash identifier: ZQWWd8Skp6kxRstGCAfXAkHu01ei3128sim2BwuYjLE= Subject key identifier: CA:1F:61:C5:DE:2A:F2:C1:B4:C9:38:B3:5F:48:10:71:68:8B:B2:D8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7CCE588A744454E65A9569AB766E00F72EE4BA9B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa Signing time: Mon 07 Jul 2025 16:00:16 +0000 ROA not before: Mon 07 Jul 2025 16:00:16 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.221.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:ce:58:8a:74:44:54:e6:5a:95:69:ab:76:6e:00:f7:2e:e4:ba:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 16:00:16 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=6cdd181eba1f9d5729750a813cbc75ee4f3408ad327d2ae2e66af589d791429f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:9b:64:f3:d2:a9:a2:57:18:3a:2d:fa:5b:ab: a1:f2:d4:05:6b:eb:51:f6:1e:1c:f8:5b:41:6d:83: 26:de:49:32:09:1d:3f:bf:a5:56:65:34:d9:de:1e: db:0b:93:9b:1c:5a:a8:d1:3b:a3:68:c9:35:4b:5e: 55:69:bf:72:97:bb:f0:35:fa:4f:3f:2f:51:32:1f: f0:5d:d3:71:22:8f:53:8a:35:7d:c5:4b:e5:38:7c: ca:b7:68:52:ad:5b:82:d2:32:6e:70:eb:89:04:5c: 20:4b:0a:e7:80:c8:f7:f0:40:59:e8:e6:16:93:ee: 8d:59:29:d4:d5:f0:bb:d9:18:5e:61:68:e2:93:72: bc:00:2c:c9:e6:e1:d3:a7:72:b5:f8:2c:81:59:1e: c6:68:72:c6:d0:f7:38:5c:dc:49:69:e7:e3:a4:f8: 9e:47:bd:ad:95:85:17:15:13:b5:31:7d:6c:90:ac: ba:a9:10:07:e9:78:da:85:60:70:85:2c:f1:75:e4: 1d:31:96:aa:a0:70:5e:48:a5:e9:e5:4e:5d:27:f4: ad:a2:d2:ad:c1:a5:83:55:45:7a:d4:32:1b:d5:a2: 53:b1:e9:a9:27:5b:fd:52:3a:c8:98:23:5e:53:54: bf:8e:81:05:9c:47:a5:a0:b2:c6:c7:8c:ec:49:cf: 9c:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:1F:61:C5:DE:2A:F2:C1:B4:C9:38:B3:5F:48:10:71:68:8B:B2:D8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.221.0.0/16 Signature Algorithm: sha256WithRSAEncryption 7b:5b:7b:24:85:3d:2f:4d:5b:a0:4c:cf:73:bb:35:f7:75:08: 94:bc:d0:55:59:1f:78:ca:0b:5a:ee:77:e7:7e:a4:99:fe:92: 39:9f:7a:30:50:76:67:25:db:36:55:1e:9e:1c:38:72:47:eb: b4:48:06:ac:63:1c:51:66:41:5f:0b:f8:60:f0:14:5f:1a:4e: f3:a6:77:1d:e0:77:92:42:fc:24:48:12:0c:c2:70:21:e7:e6: 9f:01:d0:1a:f9:d5:0d:9c:3c:96:ab:51:7b:a1:69:34:d3:44: 51:35:57:aa:7e:bb:9b:84:b2:4d:56:72:fc:0e:5c:4e:90:93: 99:4b:10:4b:fd:22:fe:cf:75:30:78:30:e4:a1:c2:27:73:4f: c5:35:29:58:73:df:d8:24:86:e7:a2:b3:37:5a:c6:d3:31:e3: 71:c4:32:ae:d5:e7:a6:2d:76:27:33:21:03:93:ab:67:bc:0b: 4c:a9:f3:0a:73:86:4f:dd:76:f1:56:9a:50:14:09:85:08:46: 24:0a:6f:c6:28:0c:ea:a5:69:6c:43:33:76:f2:a3:00:a4:80: 77:d2:f7:11:70:0f:4d:d2:ef:30:75:90:21:b9:f1:72:e8:b1: 78:7f:f7:36:b7:cd:95:dd:68:a0:e0:49:70:6a:52:76:42:e9: bb:14:ee:35 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUfM5YinREVOZalWmrdm4A9y7kupswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE2MDAxNloX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNANmNkZDE4MWViYTFmOWQ1NzI5NzUw YTgxM2NiYzc1ZWU0ZjM0MDhhZDMyN2QyYWUyZTY2YWY1ODlkNzkxNDI5ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwptk89KpolcYOi36W6uh8tQFa+tR 9h4c+FtBbYMm3kkyCR0/v6VWZTTZ3h7bC5ObHFqo0TujaMk1S15Vab9yl7vwNfpP Py9RMh/wXdNxIo9TijV9xUvlOHzKt2hSrVuC0jJucOuJBFwgSwrngMj38EBZ6OYW k+6NWSnU1fC72RheYWjik3K8ACzJ5uHTp3K1+CyBWR7GaHLG0Pc4XNxJaefjpPie R72tlYUXFRO1MX1skKy6qRAH6XjahWBwhSzxdeQdMZaqoHBeSKXp5U5dJ/StotKt waWDVUV61DIb1aJTsempJ1v9UjrImCNeU1S/joEFnEeloLLGx4zsSc+cCQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFMofYcXeKvLBtMk4s19IEHFoi7LYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiZDNiYzQxLTY0MWItNDM0MS1hMTM4LWNkYjM3ZGJlNWIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAK90wDQYJKoZIhvcNAQELBQADggEBAHtbeySFPS9NW6BMz3O7Nfd1 CJS80FVZH3jKC1rud+d+pJn+kjmfejBQdmcl2zZVHp4cOHJH67RIBqxjHFFmQV8L +GDwFF8aTvOmdx3gd5JC/CRIEgzCcCHn5p8B0Br51Q2cPJarUXuhaTTTRFE1V6p+ u5uEsk1WcvwOXE6Qk5lLEEv9Iv7PdTB4MOShwidzT8U1KVhz39gkhueiszdaxtMx 43HEMq7V56YtdiczIQOTq2e8C0yp8wpzhk/ddvFWmlAUCYUIRiQKb8YoDOqlaWxD M3byowCkgHfS9xFwD03S7zB1kCG58XLosXh/9za3zZXdaKDgSXBqUnZC6bsU7jU= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:17 2025 by rpki-client