$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: VTxK64xho+3DBIeRo2RiiUuCgNDrOq/Fkct2BeHtPuA= Subject key identifier: 43:2F:F6:5A:C6:26:6C:69:9E:F4:04:48:B6:4B:A3:EA:CC:E2:A0:58 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 46E9AE85E9B50A53296EFECA2B771F899DBADECC Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Wed 03 Sep 2025 00:00:31 +0000 ROA not before: Wed 03 Sep 2025 00:00:31 +0000 ROA not after: Wed 08 Oct 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 00:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:e9:ae:85:e9:b5:0a:53:29:6e:fe:ca:2b:77:1f:89:9d:ba:de:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 3 00:00:31 2025 GMT Not After : Oct 8 23:59:59 2025 GMT Subject: serialNumber=ce9a1772083f245465b740e38dc164ac1df77695ba80bf7c265614c5c8140306, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:29:c2:3d:e3:97:d9:5e:24:35:33:5c:ba:82: b0:32:e5:8d:d7:62:90:24:87:fe:24:1d:21:e8:d5: c8:4b:d4:f1:ed:bd:d9:18:20:07:cb:d0:d8:9d:b6: ec:6c:53:0f:5c:7b:33:95:90:a6:41:bf:a3:8d:45: 06:5b:a5:3a:db:1b:9d:c2:ba:72:d2:75:83:dc:2c: c8:b4:31:2a:1c:06:de:01:72:92:21:b4:dd:83:01: b2:41:08:ab:c6:41:c5:73:2f:a7:fa:32:1c:f9:21: 7c:70:f1:38:b2:e8:e9:33:2a:df:56:5e:a7:71:13: 01:9a:3c:99:89:18:74:da:22:0a:db:7d:25:f2:78: 5e:1e:cc:06:df:b4:09:c5:64:53:0c:c1:d5:8e:22: a9:b4:43:48:30:0a:2b:26:2f:95:41:9b:73:18:1a: 08:c2:b6:f0:cd:9c:5f:65:61:b8:cd:dc:f9:a2:04: b0:8b:b5:91:c9:8b:71:2f:aa:c6:c8:54:8b:04:00: 04:b9:45:64:1f:c4:01:42:56:fb:3d:a4:90:4d:84: b2:e4:e0:ca:27:f3:93:d8:b8:fe:f0:43:00:99:b1: e9:9d:45:23:27:26:f3:49:72:40:05:a7:06:b9:24: 47:79:06:f4:20:82:71:c5:73:94:b6:70:e2:e7:82: ab:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:2F:F6:5A:C6:26:6C:69:9E:F4:04:48:B6:4B:A3:EA:CC:E2:A0:58 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 4d:1b:14:7c:a9:45:8f:ad:00:7c:b8:c3:36:e9:7b:4d:c7:8a: c7:49:e8:a6:17:31:57:b8:7a:a2:eb:fb:1d:07:5c:ba:bd:ce: b3:f5:96:d1:99:73:a7:47:2f:49:09:67:4e:c1:0f:41:b2:7e: 1b:de:4c:e3:f7:76:10:5f:fc:9a:1f:c2:be:90:90:ac:87:17: cd:32:d8:b9:fe:f1:f5:6c:80:25:00:e0:b6:de:a2:e1:e9:73: 67:c0:25:20:96:41:ce:43:c5:4b:bc:d9:8e:1d:04:f5:16:ae: ef:0c:89:ed:dc:7d:1b:47:b8:35:3d:a6:ee:e6:f1:cd:54:18: 1f:e4:90:99:ed:41:3d:4e:93:f0:5e:d0:55:e6:46:76:1a:5a: db:09:09:d3:50:7b:d3:74:f0:89:32:dd:fb:18:bd:9c:77:46: bc:4b:59:30:a5:c7:f9:d1:3d:85:64:17:a9:b3:34:1b:cf:2f: ad:a6:1b:44:d8:97:ed:bd:c1:4b:5a:a9:50:69:ee:5f:76:c9: a9:0d:97:b9:f2:87:d6:01:8a:e8:1b:fd:02:d3:e6:61:f9:7c: 4d:6d:e4:0e:78:a0:c2:49:91:77:43:63:3f:7f:24:5b:73:12: da:e3:a1:3a:d0:db:d1:0b:0c:99:9b:59:c9:7f:b8:4f:24:89: c6:f3:4b:e1 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIURumuhem1ClMpbv7KK3cfiZ263swwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDkwMzAwMDAzMVoX DTI1MTAwODIzNTk1OVowejFJMEcGA1UEBRNAY2U5YTE3NzIwODNmMjQ1NDY1Yjc0 MGUzOGRjMTY0YWMxZGY3NzY5NWJhODBiZjdjMjY1NjE0YzVjODE0MDMwNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSnCPeOX2V4kNTNcuoKwMuWN12KQ JIf+JB0h6NXIS9Tx7b3ZGCAHy9DYnbbsbFMPXHszlZCmQb+jjUUGW6U62xudwrpy 0nWD3CzItDEqHAbeAXKSIbTdgwGyQQirxkHFcy+n+jIc+SF8cPE4sujpMyrfVl6n cRMBmjyZiRh02iIK230l8nheHswG37QJxWRTDMHVjiKptENIMAorJi+VQZtzGBoI wrbwzZxfZWG4zdz5ogSwi7WRyYtxL6rGyFSLBAAEuUVkH8QBQlb7PaSQTYSy5ODK J/OT2Lj+8EMAmbHpnUUjJybzSXJABacGuSRHeQb0IIJxxXOUtnDi54KrEwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEMv9lrGJmxpnvQESLZLo+rM4qBYMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBNGxR8qUWPrQB8uMM26XtN x4rHSeimFzFXuHqi6/sdB1y6vc6z9ZbRmXOnRy9JCWdOwQ9Bsn4b3kzj93YQX/ya H8K+kJCshxfNMti5/vH1bIAlAOC23qLh6XNnwCUglkHOQ8VLvNmOHQT1Fq7vDInt 3H0bR7g1Pabu5vHNVBgf5JCZ7UE9TpPwXtBV5kZ2GlrbCQnTUHvTdPCJMt37GL2c d0a8S1kwpcf50T2FZBepszQbzy+tphtE2JftvcFLWqlQae5fdsmpDZe58ofWAYro G/0C0+Zh+XxNbeQOeKDCSZF3Q2M/fyRbcxLa46E60NvRCwyZm1nJf7hPJInG80vh -----END CERTIFICATE-----Generated at Sun Sep 7 11:25:33 2025 by rpki-client