$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: WWBk0T9ba/4jqPY59Ymt+rFzo7sJsLjsAI0eADZkFnQ= Subject key identifier: F3:1E:E5:B3:E6:7C:0A:EA:FB:56:21:C9:78:69:E9:CC:00:9D:DD:9C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6F23605B096BA5BDB444268035192C696A68E267 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Mon 11 Aug 2025 15:00:05 +0000 ROA not before: Mon 11 Aug 2025 15:00:05 +0000 ROA not after: Mon 15 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:23:60:5b:09:6b:a5:bd:b4:44:26:80:35:19:2c:69:6a:68:e2:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 11 15:00:05 2025 GMT Not After : Sep 15 23:59:59 2025 GMT Subject: serialNumber=7c6dbb2e7c40481bde53ecafba9f1bb0c99d4caec301390186ccb2245629a47a, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:50:55:17:83:3c:b5:aa:2f:53:1b:b1:77:76: b9:fd:c6:35:3c:70:1e:c1:2c:b1:ef:c5:32:b2:14: e3:eb:a2:95:c5:14:85:7b:4e:36:e5:29:4b:b5:85: 11:05:3a:d1:46:59:f1:7f:0c:ec:b4:91:a0:eb:af: cf:02:d9:a2:12:04:6c:d6:ed:91:79:50:17:c8:d8: 2c:77:e7:c3:00:59:65:79:eb:1f:51:32:31:88:76: 79:69:ee:7f:29:aa:b7:a7:89:d8:33:bd:f5:b3:72: 16:24:95:e0:e7:69:94:1d:3d:34:e2:d4:d7:f8:1f: 30:66:88:d0:ab:47:68:be:ee:17:70:b6:ac:d6:91: e0:a1:0e:2a:ef:86:be:a9:a0:12:90:1b:07:c0:5e: 4b:94:97:3e:37:4b:15:46:62:3e:10:5c:9e:4b:91: a0:79:9a:5e:db:f8:0d:ec:1c:28:d8:90:78:7a:f9: 92:c4:5f:a9:a1:86:28:f8:28:4f:a2:92:6e:b6:92: 41:1a:46:ce:50:f8:32:aa:69:1c:28:4d:58:08:bb: 75:ee:6a:bf:a1:58:0a:29:61:b3:54:28:ea:78:dd: a1:4c:7b:08:9a:b3:0c:b8:62:66:ae:fe:19:a9:f1: e5:07:23:2e:61:5a:2f:28:50:cf:e8:e8:b8:4f:2d: 28:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:1E:E5:B3:E6:7C:0A:EA:FB:56:21:C9:78:69:E9:CC:00:9D:DD:9C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 51:6f:bf:dd:30:86:60:c9:e0:61:6f:d5:02:b7:33:32:d6:5f: 66:2e:c7:3a:6b:86:d7:de:cd:56:a7:0d:c4:b5:bb:3a:71:54: 5e:c2:03:17:a8:b1:46:44:6b:8b:aa:ef:71:e3:66:1a:15:d7: 84:cb:4f:ed:0c:2c:6e:ae:f2:8a:55:e4:b2:c7:75:d3:0e:10: 7c:f1:de:e5:4e:da:a0:41:6f:13:97:e5:2c:01:bc:e1:58:97: 8a:b1:e0:68:48:d9:91:1b:2b:54:f8:e4:fb:0f:5c:79:40:68: 59:34:b2:a0:ae:58:18:c8:77:83:46:8f:39:95:fd:1a:43:01: 03:8b:1e:2a:74:e9:b8:49:6d:aa:d7:05:47:c2:7a:67:92:f8: 26:83:14:93:f5:8a:32:eb:ec:98:ec:97:9d:f6:cb:52:61:7b: 49:89:e9:eb:31:6a:37:d1:22:84:20:8c:37:35:84:23:7d:40: bb:1d:dc:27:8c:36:29:57:3a:d1:6b:1a:72:8e:e6:98:af:87: 9c:ba:e2:31:5f:bb:12:68:b4:e3:bf:12:71:2a:60:7e:60:25: 3a:53:97:6f:78:cd:e3:c4:e3:d8:4d:d6:9f:e3:77:39:e3:7e: d7:68:26:4a:12:67:1c:9b:2a:85:6f:5e:30:ee:51:06:b0:eb: f1:2e:f8:80 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUbyNgWwlrpb20RCaANRksaWpo4mcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgxMTE1MDAwNVoX DTI1MDkxNTIzNTk1OVowejFJMEcGA1UEBRNAN2M2ZGJiMmU3YzQwNDgxYmRlNTNl Y2FmYmE5ZjFiYjBjOTlkNGNhZWMzMDEzOTAxODZjY2IyMjQ1NjI5YTQ3YTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolBVF4M8taovUxuxd3a5/cY1PHAe wSyx78UyshTj66KVxRSFe0425SlLtYURBTrRRlnxfwzstJGg66/PAtmiEgRs1u2R eVAXyNgsd+fDAFlleesfUTIxiHZ5ae5/Kaq3p4nYM731s3IWJJXg52mUHT004tTX +B8wZojQq0dovu4XcLas1pHgoQ4q74a+qaASkBsHwF5LlJc+N0sVRmI+EFyeS5Gg eZpe2/gN7Bwo2JB4evmSxF+poYYo+ChPopJutpJBGkbOUPgyqmkcKE1YCLt17mq/ oVgKKWGzVCjqeN2hTHsImrMMuGJmrv4ZqfHlByMuYVovKFDP6Oi4Ty0o3QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPMe5bPmfArq+1YhyXhp6cwAnd2cMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQBRb7/dMIZgyeBhb9UCtzMy 1l9mLsc6a4bX3s1Wpw3Etbs6cVRewgMXqLFGRGuLqu9x42YaFdeEy0/tDCxurvKK VeSyx3XTDhB88d7lTtqgQW8Tl+UsAbzhWJeKseBoSNmRGytU+OT7D1x5QGhZNLKg rlgYyHeDRo85lf0aQwEDix4qdOm4SW2q1wVHwnpnkvgmgxST9Yoy6+yY7Jed9stS YXtJienrMWo30SKEIIw3NYQjfUC7HdwnjDYpVzrRaxpyjuaYr4ecuuIxX7sSaLTj vxJxKmB+YCU6U5dveM3jxOPYTdaf43c5437XaCZKEmccmyqFb14w7lEGsOvxLviA -----END CERTIFICATE-----Generated at Wed Aug 20 10:39:09 2025 by rpki-client