$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa File: 084fc721-60a4-414f-b72d-dc01788e0fc2.roa (raw, json) Hash identifier: 5bdpcM/K12CQ5h6bSq+7Csyij24OpPGh8WbIwM9sqn4= Subject key identifier: 56:23:A1:57:A6:22:E1:F2:5E:33:30:91:56:F2:33:D5:31:2C:C5:9E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 74A137CFE440CF3453B618C9603AADA153D86184 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa Signing time: Fri 13 Jun 2025 00:01:02 +0000 ROA not before: Fri 13 Jun 2025 00:01:02 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:a1:37:cf:e4:40:cf:34:53:b6:18:c9:60:3a:ad:a1:53:d8:61:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:01:02 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=3b63c0e3ca8e70ba7653825f5a9afa901c28d5bbf73004a90de35afeb53c70b7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:10:ab:a0:6e:8e:8c:42:c5:ae:e8:c4:0c:d0: 9b:f4:c8:80:fa:82:ed:e5:ef:1b:be:f6:6c:90:9b: a6:75:53:da:9b:ad:34:1c:ef:d4:d9:0c:a6:83:e7: 78:ed:25:32:4f:1d:a4:65:58:49:fc:02:95:1e:0b: c4:63:d5:2a:5e:4f:69:3d:27:2e:5f:d1:2b:87:23: 6b:25:00:6b:f5:b3:37:62:79:7e:af:d3:93:ca:16: 92:d3:4c:13:2c:75:40:29:b3:d1:be:08:ad:a3:04: e0:c7:92:37:f4:a7:d9:f9:94:01:39:46:76:be:90: 7d:47:a3:7c:36:02:b2:a3:54:cb:16:0c:61:a9:17: a5:1b:00:36:c9:42:29:a0:38:70:76:f5:c4:3e:d2: 85:3d:85:5d:78:65:14:28:2a:84:ee:f4:e9:3f:ea: 5f:36:d7:2d:ba:69:62:bf:13:00:da:5d:03:c9:72: e3:4c:b2:c0:82:22:6a:6d:44:2d:a3:c0:d4:6c:d7: c3:83:08:80:78:e1:63:e8:d2:df:5d:89:53:ac:72: 0a:a6:0d:8f:fb:6c:80:26:94:0b:0a:64:a1:74:e6: 28:14:de:df:a1:52:dc:de:2d:ec:bc:b5:e0:65:0f: 8c:a7:fd:1e:c8:ff:a0:b1:a7:ce:de:32:eb:9f:b3: c4:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:23:A1:57:A6:22:E1:F2:5E:33:30:91:56:F2:33:D5:31:2C:C5:9E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.61.0/24 Signature Algorithm: sha256WithRSAEncryption 34:e4:91:77:f8:02:7a:22:16:8d:5c:6a:05:87:47:16:cb:e3: cf:fa:60:e4:9c:25:a9:ec:1d:9c:67:fa:23:87:c5:fd:e8:f8: d3:ed:b1:f4:d9:77:cd:dc:f9:a1:3e:57:15:9f:17:35:ec:5f: f4:44:c3:06:f5:99:03:bb:5a:a6:5a:de:e0:5d:c6:83:3e:87: e3:cd:65:e4:ab:23:39:b0:c1:26:29:f1:bf:95:3d:17:d9:4f: 6d:56:30:aa:24:fb:c3:bf:32:87:e3:5d:cb:ea:be:9a:85:12: d8:c4:6d:c6:fe:81:f7:5b:41:20:78:35:29:ff:7a:7d:3f:22: 7c:f3:88:fa:38:60:ec:69:85:59:e6:d3:7c:42:bd:ac:4b:96: 85:3d:11:dc:82:0d:3f:d0:85:4f:e3:f5:19:87:f9:d6:04:1f: 80:e0:70:28:f8:85:97:40:a9:76:8b:06:5c:5b:80:6e:6a:d2: 39:1a:81:99:76:71:e9:d9:0a:ce:8e:d3:b2:1d:99:3e:c3:d2: f1:72:11:e3:2c:f6:04:37:22:4b:eb:c0:53:74:e0:98:19:80: 4f:aa:d0:d2:01:7b:50:be:7f:c4:e1:95:19:15:c8:20:85:8c: 96:4b:f1:bf:f0:49:45:e8:ae:ed:5a:d5:ce:a6:3f:06:cc:5b: a1:4e:9d:b3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUdKE3z+RAzzRTthjJYDqtoVPYYYQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDEwMloX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAM2I2M2MwZTNjYThlNzBiYTc2NTM4 MjVmNWE5YWZhOTAxYzI4ZDViYmY3MzAwNGE5MGRlMzVhZmViNTNjNzBiNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xCroG6OjELFrujEDNCb9MiA+oLt 5e8bvvZskJumdVPam600HO/U2Qymg+d47SUyTx2kZVhJ/AKVHgvEY9UqXk9pPScu X9ErhyNrJQBr9bM3Ynl+r9OTyhaS00wTLHVAKbPRvgitowTgx5I39KfZ+ZQBOUZ2 vpB9R6N8NgKyo1TLFgxhqRelGwA2yUIpoDhwdvXEPtKFPYVdeGUUKCqE7vTpP+pf NtctumlivxMA2l0DyXLjTLLAgiJqbUQto8DUbNfDgwiAeOFj6NLfXYlTrHIKpg2P +2yAJpQLCmShdOYoFN7foVLc3i3svLXgZQ+Mp/0eyP+gsafO3jLrn7PEZwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFYjoVemIuHyXjMwkVbyM9UxLMWeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4NGZjNzIxLTYwYTQtNDE0Zi1iNzJkLWRjMDE3ODhlMGZjMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g9MA0GCSqGSIb3DQEBCwUAA4IBAQA05JF3+AJ6IhaNXGoFh0cW y+PP+mDknCWp7B2cZ/ojh8X96PjT7bH02XfN3PmhPlcVnxc17F/0RMMG9ZkDu1qm Wt7gXcaDPofjzWXkqyM5sMEmKfG/lT0X2U9tVjCqJPvDvzKH413L6r6ahRLYxG3G /oH3W0EgeDUp/3p9PyJ884j6OGDsaYVZ5tN8Qr2sS5aFPRHcgg0/0IVP4/UZh/nW BB+A4HAo+IWXQKl2iwZcW4BuatI5GoGZdnHp2QrOjtOyHZk+w9LxchHjLPYENyJL 68BTdOCYGYBPqtDSAXtQvn/E4ZUZFcgghYyWS/G/8ElF6K7tWtXOpj8GzFuhTp2z -----END CERTIFICATE-----Generated at Sat Jun 14 06:32:24 2025 by rpki-client