$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: jCsEYIlHF3mqSGL2fxk32R6bu430A+nu75eBaVc6XLU= Subject key identifier: 4D:C2:A3:23:B4:CD:67:FC:61:98:73:CD:FC:D7:67:A5:68:00:C8:3C Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 03CCDB488E9900D02C2C19EEE64E74E531802798 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Mon 26 May 2025 15:00:04 +0000 ROA not before: Mon 26 May 2025 15:00:04 +0000 ROA not after: Mon 30 Jun 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 15:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:cc:db:48:8e:99:00:d0:2c:2c:19:ee:e6:4e:74:e5:31:80:27:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 26 15:00:04 2025 GMT Not After : Jun 30 23:59:59 2025 GMT Subject: serialNumber=e47c54dc8d4d7c33bf50250c556d83f4270f5cee7ddba0a973cadb9611dd24c0, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:6d:b6:a7:d1:50:47:a0:80:3c:76:d7:c7:0d: a6:be:c3:3d:ab:08:7c:44:48:12:66:c0:c2:fb:6e: 80:dc:5e:6a:87:34:48:9f:3b:d4:2a:8f:1b:e2:f1: 44:61:d0:51:bf:2f:18:f5:0a:ca:ed:f5:a7:ad:d3: b3:59:68:a1:01:76:1f:40:20:3a:2b:1f:92:57:78: f1:1c:2f:4d:f7:fb:f1:26:46:a8:7c:ca:d1:29:7d: 43:2d:e6:e1:61:c5:ef:75:be:7a:a9:e4:48:8d:28: 68:e3:0c:f9:24:9f:f5:3a:fa:e8:90:77:8d:27:9f: fa:e5:9f:5e:4b:cd:24:46:3e:74:cf:b7:ab:02:82: 1a:10:f4:68:2e:cb:4a:07:ab:15:45:d7:fb:15:4d: 09:2f:ab:78:c4:2a:00:ca:65:fa:20:30:50:02:e3: 9b:92:14:61:b7:5e:1b:fa:53:c9:c0:b7:3c:5e:f3: 44:ad:7e:33:12:3b:19:00:2d:ec:17:9d:66:cd:97: 5a:a0:26:15:62:60:8b:5b:41:b3:23:c8:e2:d1:fd: 57:47:ee:3f:98:02:ea:2b:86:2d:24:3a:c8:94:0e: 75:37:49:d4:67:2c:c0:b1:78:22:fa:95:05:f3:76: df:e2:2b:35:2c:21:27:b6:e3:d0:72:2b:ff:66:a9: fc:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:C2:A3:23:B4:CD:67:FC:61:98:73:CD:FC:D7:67:A5:68:00:C8:3C X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 6e:96:8e:0a:9f:db:ff:17:24:63:9a:fd:56:0d:c7:4c:69:5a: 02:44:ed:6f:34:b0:c8:ea:22:b6:18:ae:b0:e9:75:d5:b8:2f: 10:0d:78:ab:08:e2:1a:78:d0:06:89:0b:78:13:be:8c:83:8d: 8b:d2:5b:b1:3b:90:48:05:f7:52:88:23:f0:71:2b:c2:1e:ec: 5e:c0:d7:3b:56:98:1b:f8:7f:ab:14:1f:49:fe:9f:8e:d6:7c: bc:25:0d:42:8a:90:57:af:45:60:a5:9b:d4:ac:86:a1:92:30: 2f:b9:b9:fe:43:6c:e5:32:b8:16:cb:ed:b2:12:da:78:fa:8a: 2b:36:a2:59:bc:6b:4e:b2:69:93:8b:1d:ea:d4:f4:31:7e:25: 50:df:17:37:93:b2:6b:a3:fd:0d:75:42:91:4b:82:02:3e:c0: 6b:3d:11:fd:66:9d:93:10:3f:5f:f3:2f:47:21:69:3a:e0:7a: 96:98:e1:7f:50:05:29:87:5a:09:58:2e:5c:e1:23:53:64:8f: 4e:50:b9:10:88:c3:a3:52:19:b9:97:d0:d6:1f:94:43:86:48: e1:16:70:67:91:a1:59:0b:eb:15:c9:28:f5:89:46:9c:7a:f0: b7:bd:47:33:e6:8c:6b:cb:1f:70:6f:07:80:b2:04:6c:d4:04: 9a:c3:81:bb -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUA8zbSI6ZANAsLBnu5k505TGAJ5gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDUyNjE1MDAwNFoX DTI1MDYzMDIzNTk1OVowejFJMEcGA1UEBRNAZTQ3YzU0ZGM4ZDRkN2MzM2JmNTAy NTBjNTU2ZDgzZjQyNzBmNWNlZTdkZGJhMGE5NzNjYWRiOTYxMWRkMjRjMDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8G22p9FQR6CAPHbXxw2mvsM9qwh8 REgSZsDC+26A3F5qhzRInzvUKo8b4vFEYdBRvy8Y9QrK7fWnrdOzWWihAXYfQCA6 Kx+SV3jxHC9N9/vxJkaofMrRKX1DLebhYcXvdb56qeRIjSho4wz5JJ/1OvrokHeN J5/65Z9eS80kRj50z7erAoIaEPRoLstKB6sVRdf7FU0JL6t4xCoAymX6IDBQAuOb khRht14b+lPJwLc8XvNErX4zEjsZAC3sF51mzZdaoCYVYmCLW0GzI8ji0f1XR+4/ mALqK4YtJDrIlA51N0nUZyzAsXgi+pUF83bf4is1LCEntuPQciv/Zqn8iwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFE3CoyO0zWf8YZhzzfzXZ6VoAMg8MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBulo4Kn9v/FyRjmv1WDcdM aVoCRO1vNLDI6iK2GK6w6XXVuC8QDXirCOIaeNAGiQt4E76Mg42L0luxO5BIBfdS iCPwcSvCHuxewNc7Vpgb+H+rFB9J/p+O1ny8JQ1CipBXr0VgpZvUrIahkjAvubn+ Q2zlMrgWy+2yEtp4+oorNqJZvGtOsmmTix3q1PQxfiVQ3xc3k7Jro/0NdUKRS4IC PsBrPRH9Zp2TED9f8y9HIWk64HqWmOF/UAUph1oJWC5c4SNTZI9OULkQiMOjUhm5 l9DWH5RDhkjhFnBnkaFZC+sVySj1iUacevC3vUcz5oxryx9wbweAsgRs1ASaw4G7 -----END CERTIFICATE-----Generated at Mon Jun 2 04:42:54 2025 by rpki-client