$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: yOhD934HipKIALKOkXyUMhOVSxeOQG/b0pVEnB2hZ9E= Subject key identifier: BB:0F:EA:31:11:69:71:50:7C:B6:C3:F8:B4:6F:A5:AA:B9:9C:EF:4A Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 35EFE45EB1064B912A321A6AC89863E468E160F7 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Wed 02 Jul 2025 00:00:05 +0000 ROA not before: Wed 02 Jul 2025 00:00:05 +0000 ROA not after: Wed 06 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:ef:e4:5e:b1:06:4b:91:2a:32:1a:6a:c8:98:63:e4:68:e1:60:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jul 2 00:00:05 2025 GMT Not After : Aug 6 23:59:59 2025 GMT Subject: serialNumber=341b5f51a6375b5de8e0ef89efc9e54dc47971e2212300a5b1ddccb686d1ae50, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:0b:73:4d:19:35:ae:6b:4b:aa:73:e5:85:f1: 30:bd:dd:16:2a:d2:4c:9a:75:9c:e7:e0:c7:08:e2: a8:d0:1a:bd:d5:87:73:59:dd:7e:b5:99:b4:e6:2e: 8f:6e:97:3d:6a:ca:32:d2:e2:48:39:1a:28:66:6e: 4f:ae:d5:77:9f:f4:34:67:47:50:79:24:05:d2:34: e4:13:88:aa:05:6c:0c:d1:0c:cf:a1:d5:d2:80:20: 89:89:73:64:e2:07:c4:3c:c3:b2:b2:60:d3:43:bc: cb:3d:67:29:85:43:9a:55:a9:99:34:09:1b:86:dc: e7:b1:59:d0:ed:84:54:94:8a:26:a4:31:6c:0a:3e: 11:0c:c4:3f:3f:6a:3b:3e:07:ea:4a:e6:20:05:2f: 18:2a:43:e6:1a:17:bc:d4:df:f8:61:e7:87:f8:68: d3:d5:03:ac:9d:32:f2:bb:cd:3e:09:c9:ac:cf:62: e1:16:90:21:7b:0d:e1:ca:ad:27:10:ce:a6:bf:21: 9c:3d:9c:7a:68:77:e3:17:b3:18:77:59:b8:dc:ec: 67:73:a1:e8:0c:89:5d:36:de:58:8a:8f:ce:94:45: eb:c8:76:f4:73:82:30:cf:56:83:36:53:39:e8:a4: b8:cb:4a:20:f4:a2:3c:4c:96:f5:45:01:ee:dd:91: e2:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:0F:EA:31:11:69:71:50:7C:B6:C3:F8:B4:6F:A5:AA:B9:9C:EF:4A X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption c8:21:12:55:c0:ce:9e:57:0c:f0:e3:ce:a7:89:78:49:e6:b5: df:42:5f:83:1f:62:a8:04:b7:9d:85:58:9e:e2:f2:61:ae:b0: 89:d6:ed:f7:f2:4e:d6:d7:28:d2:05:35:63:ba:32:4a:71:bc: 89:6a:e1:26:7e:51:01:68:a9:92:15:00:78:b1:9f:51:41:20: 9c:f3:ee:6e:f6:b4:04:6f:94:f2:d4:cf:26:29:65:61:8b:89: 31:76:69:90:fc:50:ab:25:70:8e:a4:45:61:36:ee:89:66:dd: 0d:4d:96:a0:20:c2:a5:87:79:34:2a:65:17:2e:76:92:0a:a7: 03:12:96:d5:f9:cb:3b:d8:10:98:1c:6b:4c:b6:fb:42:63:70: e9:6e:24:e2:a2:aa:36:b3:13:08:88:a0:28:4a:de:e8:79:ce: f2:ee:ad:59:11:aa:2c:54:64:0b:48:f7:f9:37:81:e1:ed:10: c0:ce:56:43:41:17:e2:78:33:e6:6c:b0:bc:f1:3b:e3:44:af: dd:74:e9:a0:b9:cc:29:80:be:6e:1d:64:a8:15:bd:d6:ef:fe: 98:00:db:8b:5e:9a:de:43:8a:f3:dc:a1:f3:2d:ce:91:c4:0e: f2:3a:23:e4:b4:d2:90:f8:2a:f0:83:97:bd:b7:29:78:90:27: 16:0d:fd:6c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUNe/kXrEGS5EqMhpqyJhj5GjhYPcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDcwMjAwMDAwNVoX DTI1MDgwNjIzNTk1OVowejFJMEcGA1UEBRNAMzQxYjVmNTFhNjM3NWI1ZGU4ZTBl Zjg5ZWZjOWU1NGRjNDc5NzFlMjIxMjMwMGE1YjFkZGNjYjY4NmQxYWU1MDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgtzTRk1rmtLqnPlhfEwvd0WKtJM mnWc5+DHCOKo0Bq91YdzWd1+tZm05i6Pbpc9asoy0uJIORooZm5PrtV3n/Q0Z0dQ eSQF0jTkE4iqBWwM0QzPodXSgCCJiXNk4gfEPMOysmDTQ7zLPWcphUOaVamZNAkb htznsVnQ7YRUlIompDFsCj4RDMQ/P2o7PgfqSuYgBS8YKkPmGhe81N/4YeeH+GjT 1QOsnTLyu80+Ccmsz2LhFpAhew3hyq0nEM6mvyGcPZx6aHfjF7MYd1m43Oxnc6Ho DIldNt5Yio/OlEXryHb0c4Iwz1aDNlM56KS4y0og9KI8TJb1RQHu3ZHinQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLsP6jERaXFQfLbD+LRvpaq5nO9KMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQDIIRJVwM6eVwzw486niXhJ 5rXfQl+DH2KoBLedhVie4vJhrrCJ1u338k7W1yjSBTVjujJKcbyJauEmflEBaKmS FQB4sZ9RQSCc8+5u9rQEb5Ty1M8mKWVhi4kxdmmQ/FCrJXCOpEVhNu6JZt0NTZag IMKlh3k0KmUXLnaSCqcDEpbV+cs72BCYHGtMtvtCY3DpbiTioqo2sxMIiKAoSt7o ec7y7q1ZEaosVGQLSPf5N4Hh7RDAzlZDQRfieDPmbLC88TvjRK/ddOmgucwpgL5u HWSoFb3W7/6YANuLXpreQ4rz3KHzLc6RxA7yOiPktNKQ+Crwg5e9tyl4kCcWDf1s -----END CERTIFICATE-----Generated at Wed Jul 2 03:12:50 2025 by rpki-client