$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: z3+u5KKkvLgRlfE4ivoL+HEumbdMOKooNwTJpPnPA1A= Subject key identifier: 05:6B:66:90:D7:30:38:EF:22:50:5D:88:04:6D:DC:66:82:79:3E:69 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 23F956E4433B8CB732115150B00A7925364B457F Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Wed 03 Sep 2025 00:00:08 +0000 ROA not before: Wed 03 Sep 2025 00:00:08 +0000 ROA not after: Wed 08 Oct 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 00:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:f9:56:e4:43:3b:8c:b7:32:11:51:50:b0:0a:79:25:36:4b:45:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Sep 3 00:00:08 2025 GMT Not After : Oct 8 23:59:59 2025 GMT Subject: serialNumber=4a94e6bbbcd0b7e0988ad7fed07fc04d21ea0bd2df01daafc6f02d029eabe60c, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:83:a1:ee:24:de:b6:95:e5:00:c2:63:8e:6b: 3f:74:63:4f:d7:7a:1a:7f:8f:d9:dc:db:45:0d:21: a8:61:8e:86:00:2c:45:b8:e1:d3:12:1b:12:86:09: da:e6:36:35:11:b3:84:17:14:30:98:0d:55:30:34: de:a7:83:44:fd:fa:98:20:e5:cc:52:1e:ae:e2:af: 1b:db:9e:a2:6d:db:c2:38:d8:8d:a4:c3:51:42:4e: 7c:26:c4:78:2b:2e:ba:50:48:86:31:b3:2e:2b:db: ce:6a:d6:56:e1:62:d6:75:75:12:2c:ba:bc:d5:7a: 75:52:bc:90:0c:6d:19:93:97:85:2d:a0:c1:f9:ff: 08:ff:a2:1a:8d:7e:cb:a4:53:b4:c0:f7:7d:53:0b: 75:44:fd:eb:17:7b:68:66:e7:a0:04:a6:a8:98:42: 7e:b5:b3:b7:3e:f2:1b:6a:5f:06:c4:1f:bf:2b:e7: cd:42:ba:1e:f5:e3:2f:df:c5:3f:38:5f:4c:1c:4f: 8c:16:ec:7c:b8:23:39:0f:a5:d0:4b:15:28:34:0d: 02:20:23:a5:b6:61:e2:4f:69:49:80:66:75:b4:4f: 3c:00:38:00:9a:f3:ee:ef:38:3b:38:de:4e:4d:e2: e3:18:5e:5a:1c:87:58:1c:26:c1:cd:81:55:03:00: 72:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:6B:66:90:D7:30:38:EF:22:50:5D:88:04:6D:DC:66:82:79:3E:69 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 28:15:87:8b:d6:0e:fb:75:57:df:08:5e:c3:37:c3:f4:25:02: 1f:5a:e4:eb:e2:95:5a:7e:ed:33:e8:f9:1b:cc:0b:7d:33:c8: cf:94:5a:09:ca:dd:aa:0e:e0:4a:30:03:2f:1c:b9:a9:d4:f3: d9:0f:49:05:81:67:32:d5:57:e1:cb:9f:17:35:26:99:83:de: 2e:78:ad:b7:9e:85:cc:58:55:cf:a1:63:06:2c:62:9d:6e:cf: 30:9f:59:1e:0c:ac:f4:56:e6:71:73:fb:c4:b4:63:15:aa:fa: 4c:8b:9f:b6:09:ad:7e:72:49:f9:d9:ec:03:84:63:e8:42:73: 99:b0:80:18:6c:5c:7e:ce:3b:4e:ba:85:5c:a2:4b:7a:9b:7f: 11:00:b4:c0:30:09:79:c0:69:a9:84:0f:85:72:0e:4a:7d:1e: ea:9c:4b:84:e8:9f:28:bf:27:13:c9:b4:20:5d:6d:aa:95:d2: ca:c5:dd:92:9a:b0:0e:f3:c9:86:87:4b:d2:86:94:5e:44:d9: aa:3b:5f:76:bb:5d:7f:30:4e:02:71:de:62:da:e8:7d:b1:95: 6d:9c:43:29:1c:a6:fc:55:e3:92:25:06:95:71:95:cd:0f:9f: 8a:8c:ac:98:8b:c9:6c:82:be:57:43:8b:f9:73:e2:33:8c:1e: 05:b4:61:45 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUI/lW5EM7jLcyEVFQsAp5JTZLRX8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDkwMzAwMDAwOFoX DTI1MTAwODIzNTk1OVowejFJMEcGA1UEBRNANGE5NGU2YmJiY2QwYjdlMDk4OGFk N2ZlZDA3ZmMwNGQyMWVhMGJkMmRmMDFkYWFmYzZmMDJkMDI5ZWFiZTYwYzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IOh7iTetpXlAMJjjms/dGNP13oa f4/Z3NtFDSGoYY6GACxFuOHTEhsShgna5jY1EbOEFxQwmA1VMDTep4NE/fqYIOXM Uh6u4q8b256ibdvCONiNpMNRQk58JsR4Ky66UEiGMbMuK9vOatZW4WLWdXUSLLq8 1Xp1UryQDG0Zk5eFLaDB+f8I/6IajX7LpFO0wPd9Uwt1RP3rF3toZuegBKaomEJ+ tbO3PvIbal8GxB+/K+fNQroe9eMv38U/OF9MHE+MFux8uCM5D6XQSxUoNA0CICOl tmHiT2lJgGZ1tE88ADgAmvPu7zg7ON5OTeLjGF5aHIdYHCbBzYFVAwByQQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAVrZpDXMDjvIlBdiARt3GaCeT5pMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQAoFYeL1g77dVffCF7DN8P0 JQIfWuTr4pVafu0z6PkbzAt9M8jPlFoJyt2qDuBKMAMvHLmp1PPZD0kFgWcy1Vfh y58XNSaZg94ueK23noXMWFXPoWMGLGKdbs8wn1keDKz0VuZxc/vEtGMVqvpMi5+2 Ca1+ckn52ewDhGPoQnOZsIAYbFx+zjtOuoVcokt6m38RALTAMAl5wGmphA+Fcg5K fR7qnEuE6J8ovycTybQgXW2qldLKxd2SmrAO88mGh0vShpReRNmqO192u11/ME4C cd5i2uh9sZVtnEMpHKb8VeOSJQaVcZXND5+KjKyYi8lsgr5XQ4v5c+IzjB4FtGFF -----END CERTIFICATE-----Generated at Sun Sep 7 13:45:13 2025 by rpki-client