$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa File: 0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa (raw, json) Hash identifier: Bq6TP43vAnRuDxlUOvkDxPndDjbVrL7K/Tg7kXBWAoA= Subject key identifier: 51:97:5B:0C:88:89:73:5F:97:AB:71:15:10:46:63:D4:D2:49:21:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 262D958498EC041AAC4BACC589E4C77C607701E4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa Signing time: Fri 13 Jun 2025 00:00:59 +0000 ROA not before: Fri 13 Jun 2025 00:00:59 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:2d:95:84:98:ec:04:1a:ac:4b:ac:c5:89:e4:c7:7c:60:77:01:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:00:59 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=81cc25d573f6e62f186fd1e7ee30b54a228cc0233ca2822584977f56d38e1c11, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f6:a8:e2:e8:4c:94:5c:e0:61:8d:6a:5f:56: 9c:73:61:0c:bb:f3:51:f8:9d:28:37:56:dc:7b:da: 4d:16:2d:ea:09:e6:bd:ec:37:c8:ce:fb:95:07:c2: 5c:e1:61:7f:7d:de:47:68:1f:2e:df:5f:c1:dd:28: 15:83:e7:21:e3:92:db:49:26:d3:c8:13:25:66:7f: 7c:3a:e3:e2:9d:ff:68:75:b4:39:62:c3:07:08:2b: eb:a7:ea:27:40:b4:f7:ab:6f:ef:61:91:94:e6:a5: fc:3c:27:71:10:90:af:48:b5:8f:68:89:40:2c:0c: a2:83:a3:da:47:a7:35:7f:c2:20:0e:1b:6d:95:3d: 34:fd:c2:20:e0:6b:e1:35:b8:6b:10:1c:2f:08:c4: b3:23:02:2a:d2:20:d0:e9:58:91:f2:fe:9d:20:0a: 77:92:86:77:a7:e0:a8:77:ab:da:26:0b:24:9d:73: 7a:94:84:cc:d6:f0:01:27:c5:86:f1:17:d5:ba:a9: b2:ef:b1:18:91:25:91:f0:d6:da:91:ca:3b:76:c3: ea:79:d0:a2:dd:60:d8:ae:31:d4:93:88:43:ed:93: 42:58:19:f4:90:e0:3e:0a:b4:83:10:ae:95:17:38: 9e:3d:54:87:4d:e2:56:53:2a:6d:c5:d8:45:d0:70: d8:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:97:5B:0C:88:89:73:5F:97:AB:71:15:10:46:63:D4:D2:49:21:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.0.0/15 Signature Algorithm: sha256WithRSAEncryption 1d:32:84:37:67:8a:78:67:fe:0b:50:bb:dd:17:c8:1a:3b:14: be:6c:c7:24:4a:7d:6e:f0:99:0d:55:10:55:0c:7d:68:1e:e7: 00:2f:35:d7:2f:ab:19:be:19:86:95:d7:6a:2f:a3:ca:f1:91: 76:cb:57:b7:a5:3a:e6:23:95:09:d0:db:09:96:05:2e:ff:d8: 7e:a5:8c:7e:32:b9:c7:7e:08:4d:44:bc:a8:ef:ef:0b:d3:b3: ba:06:91:bc:d4:08:8c:aa:18:8c:ba:24:61:3e:55:1b:1d:77: 66:80:6b:7e:0f:7a:bc:2c:e9:1e:86:8f:86:0b:bf:c4:c5:bc: ab:6a:2c:ab:c5:6d:4a:82:92:fc:6a:74:20:16:d8:97:26:64: 8a:b4:8b:1c:88:dd:2a:21:b4:be:b4:79:ce:71:d4:ca:27:c3: 70:39:5a:3d:99:65:36:41:3c:6c:27:d8:3a:a7:4b:b3:bc:41: 54:09:2d:d7:57:28:61:15:08:66:98:41:be:fb:97:54:15:ec: 2d:fa:8e:0e:b9:2c:62:d2:22:e5:b7:a1:f8:f8:1b:d5:65:c9: 51:b4:da:fd:57:69:c3:17:a7:bd:04:f3:02:ba:d5:be:a5:8b: 45:b4:c0:e1:25:10:53:b4:ad:be:d8:f2:39:77:15:05:30:48: 84:69:93:9b -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUJi2VhJjsBBqsS6zFieTHfGB3AeQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDA1OVoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAODFjYzI1ZDU3M2Y2ZTYyZjE4NmZk MWU3ZWUzMGI1NGEyMjhjYzAyMzNjYTI4MjI1ODQ5NzdmNTZkMzhlMWMxMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfao4uhMlFzgYY1qX1acc2EMu/NR +J0oN1bce9pNFi3qCea97DfIzvuVB8Jc4WF/fd5HaB8u31/B3SgVg+ch45LbSSbT yBMlZn98OuPinf9odbQ5YsMHCCvrp+onQLT3q2/vYZGU5qX8PCdxEJCvSLWPaIlA LAyig6PaR6c1f8IgDhttlT00/cIg4GvhNbhrEBwvCMSzIwIq0iDQ6ViR8v6dIAp3 koZ3p+Cod6vaJgsknXN6lITM1vABJ8WG8RfVuqmy77EYkSWR8Nbakco7dsPqedCi 3WDYrjHUk4hD7ZNCWBn0kOA+CrSDEK6VFziePVSHTeJWUyptxdhF0HDYvwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFFGXWwyIiXNfl6txFRBGY9TSSSElMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAzODRjOTQzLWQwYWMtNGQ0Yy1iNWMzLWE2NzBjN2UzM2M1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9gwDQYJKoZIhvcNAQELBQADggEBAB0yhDdninhn/gtQu90XyBo7 FL5sxyRKfW7wmQ1VEFUMfWge5wAvNdcvqxm+GYaV12ovo8rxkXbLV7elOuYjlQnQ 2wmWBS7/2H6ljH4yucd+CE1EvKjv7wvTs7oGkbzUCIyqGIy6JGE+VRsdd2aAa34P erws6R6Gj4YLv8TFvKtqLKvFbUqCkvxqdCAW2JcmZIq0ixyI3SohtL60ec5x1Mon w3A5Wj2ZZTZBPGwn2DqnS7O8QVQJLddXKGEVCGaYQb77l1QV7C36jg65LGLSIuW3 ofj4G9VlyVG02v1XacMXp70E8wK61b6li0W0wOElEFO0rb7Y8jl3FQUwSIRpk5s= -----END CERTIFICATE-----Generated at Sat Jun 14 23:17:41 2025 by rpki-client