$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: 0MylFyi9TduMw1JRopNfqW7k0QVlsl87ZgXnVRp4bLc= Subject key identifier: F4:23:A7:F2:E7:D1:6E:EB:BD:F6:F0:85:29:92:58:97:36:15:ED:C3 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 5330838E83B12B3A78CC70774E844058D7AD3602 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Sat 09 Aug 2025 00:00:02 +0000 ROA not before: Sat 09 Aug 2025 00:00:02 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:03:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:30:83:8e:83:b1:2b:3a:78:cc:70:77:4e:84:40:58:d7:ad:36:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Aug 9 00:00:02 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=de0e8c6a192d715f7718e8a7b5cdc96f099b8880b131e02033a1d7979ec58401, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f0:a0:93:73:30:44:e2:ce:57:6c:d5:15:61: 91:c8:14:23:e6:41:61:18:e5:47:32:ae:ec:49:83: 3a:ac:ee:97:88:e5:fd:50:b4:a7:6e:2d:3e:a2:b3: 0e:78:0d:bc:d5:55:93:ff:f4:60:95:37:77:cc:79: e5:4d:66:dd:cb:f3:23:b1:43:a8:41:e4:79:d5:76: 55:f8:eb:b7:cc:97:67:c3:8c:84:b7:be:ca:18:23: f9:11:98:64:06:f5:23:02:22:f8:88:24:78:f9:76: 28:cc:7c:ed:c0:c6:b1:f4:c4:95:a9:93:a3:69:4f: d7:14:d2:05:3e:4a:82:67:99:8b:2d:61:f5:8a:2d: 2d:29:77:86:4d:49:8e:0e:49:25:f8:1d:dc:f8:c6: 9e:b3:fa:d0:0c:bd:7b:97:5e:6f:2a:3d:47:e3:b5: 8f:ee:37:41:e6:39:ec:55:db:50:77:f0:ee:e6:15: 74:d2:4a:d0:f9:35:f7:06:e0:81:eb:e6:c7:fd:12: 74:54:55:bd:22:0f:14:25:5e:36:71:a3:72:4a:17: de:3c:3c:2a:99:67:f3:ff:e3:f8:4e:46:2d:b0:76: 03:61:2f:b4:19:f2:94:6a:1d:99:8f:be:ee:7b:cf: 20:00:f9:e4:45:0c:a8:e3:91:63:25:ae:8d:6c:25: 16:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:23:A7:F2:E7:D1:6E:EB:BD:F6:F0:85:29:92:58:97:36:15:ED:C3 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:7e:8f:7e:8a:4f:42:0b:76:cc:8c:15:6b:60:35:f8:54:a6: ed:d2:9b:54:2a:3d:c9:63:95:e7:92:db:b9:74:87:6c:be:8b: 64:85:a2:cf:a9:2c:47:7e:eb:8b:90:86:de:6e:38:73:37:b1: 10:f8:43:db:18:76:1d:50:b1:f7:6f:c5:2f:11:50:92:42:50: ba:7e:8a:ca:04:fc:98:bd:e6:05:e0:ba:56:c8:7a:22:5f:0f: 0f:d4:fb:3d:35:81:0c:2b:f4:58:c1:9d:15:ac:03:08:e8:8b: 43:55:dc:0e:c0:48:86:26:33:5f:32:7a:3d:c4:09:a4:56:38: ca:3e:c0:af:0d:4b:71:a8:c6:d6:83:05:2c:71:75:e7:58:45: b6:64:31:4f:11:dc:cc:57:f5:88:b0:30:8d:1a:a7:ff:32:b6: 60:bb:51:27:1f:a6:da:03:50:80:81:51:1b:53:70:3d:10:12: 5c:ee:71:e1:ce:ee:5d:16:de:ed:01:e6:d0:42:0f:b1:85:b1: fc:fa:7e:f4:8e:ac:e1:91:eb:14:79:17:bd:06:1b:d8:4f:6e: 8d:a2:d7:fd:cb:db:98:e9:04:a3:e1:55:7c:71:98:aa:ef:2e: 28:88:41:cf:c9:1e:30:d4:97:93:3a:12:0b:b1:36:fe:62:f9: cc:eb:c5:cc -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUzCDjoOxKzp4zHB3ToRAWNetNgIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDgwOTAwMDAwMloX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNAZGUwZThjNmExOTJkNzE1Zjc3MThl OGE3YjVjZGM5NmYwOTliODg4MGIxMzFlMDIwMzNhMWQ3OTc5ZWM1ODQwMTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fCgk3MwROLOV2zVFWGRyBQj5kFh GOVHMq7sSYM6rO6XiOX9ULSnbi0+orMOeA281VWT//RglTd3zHnlTWbdy/MjsUOo QeR51XZV+Ou3zJdnw4yEt77KGCP5EZhkBvUjAiL4iCR4+XYozHztwMax9MSVqZOj aU/XFNIFPkqCZ5mLLWH1ii0tKXeGTUmODkkl+B3c+Maes/rQDL17l15vKj1H47WP 7jdB5jnsVdtQd/Du5hV00krQ+TX3BuCB6+bH/RJ0VFW9Ig8UJV42caNyShfePDwq mWfz/+P4TkYtsHYDYS+0GfKUah2Zj77ue88gAPnkRQyo45FjJa6NbCUWNwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPQjp/Ln0W7rvfbwhSmSWJc2Fe3DMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQBvfo9+ik9CC3bMjBVrYDX4 VKbt0ptUKj3JY5Xnktu5dIdsvotkhaLPqSxHfuuLkIbebjhzN7EQ+EPbGHYdULH3 b8UvEVCSQlC6forKBPyYveYF4LpWyHoiXw8P1Ps9NYEMK/RYwZ0VrAMI6ItDVdwO wEiGJjNfMno9xAmkVjjKPsCvDUtxqMbWgwUscXXnWEW2ZDFPEdzMV/WIsDCNGqf/ MrZgu1EnH6baA1CAgVEbU3A9EBJc7nHhzu5dFt7tAebQQg+xhbH8+n70jqzhkesU eRe9BhvYT26Notf9y9uY6QSj4VV8cZiq7y4oiEHPyR4w1JeTOhILsTb+YvnM68XM -----END CERTIFICATE-----Generated at Wed Aug 20 13:13:28 2025 by rpki-client