$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json) Hash identifier: 3GGzllZQEb/LIaisOrgPjMN2LppOjDh7xnzm4mDs0yY= Subject key identifier: F4:47:13:3E:DA:61:AB:F0:B2:FE:00:F3:26:E4:94:6F:8E:F2:9D:07 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 199E5CE8B2BC0AC54EFBCD0521663D16DF5273B9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa Signing time: Tue 10 Jun 2025 15:51:17 +0000 ROA not before: Tue 10 Jun 2025 15:51:17 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:9e:5c:e8:b2:bc:0a:c5:4e:fb:cd:05:21:66:3d:16:df:52:73:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:51:17 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=a806961643ff964fb654694d78d6267b1e616aff1c486f3d496ff31cc6267bac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b3:72:85:98:aa:7d:70:29:13:ee:d6:7a:34: a1:6a:2d:d7:0d:00:f1:2b:38:d9:f9:03:5a:41:bb: 31:5a:2e:2c:15:26:2a:79:bd:7f:f6:cf:13:a3:1f: e2:04:4f:9c:d5:1c:0c:4f:32:3c:b4:7b:0a:48:e6: bd:dd:71:b9:7d:83:f4:42:2f:2f:a7:6a:35:c6:7d: 69:a1:71:41:5e:52:50:4e:02:67:22:11:fa:3f:3a: 17:20:d7:f4:53:7c:1f:6f:6b:e6:8d:f7:bc:2d:39: 8e:42:75:8f:83:9c:9c:41:e3:46:c5:83:81:98:01: 4b:c8:b9:10:a1:80:71:ff:74:30:45:44:f7:d7:53: 79:cc:6a:41:4b:4f:09:a6:4c:e4:a1:ea:d3:a3:ff: d4:b8:3f:91:1c:9f:82:93:95:ad:12:0c:ae:84:ad: 89:a3:0e:ba:35:af:ed:5a:8a:ad:85:90:f4:f4:0f: 98:2f:91:78:54:bc:1c:0e:7a:a3:77:10:de:56:af: f8:1c:a6:51:f2:da:b2:11:7e:fa:b7:6b:30:cc:e8: 65:a0:af:db:57:86:76:5c:18:56:f3:26:64:90:60: 3d:d3:5d:05:3f:2b:28:d6:fe:bd:c4:53:3c:a5:3c: 51:70:12:08:bd:4b:7a:b8:0b:47:18:b6:38:f5:30: d6:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:47:13:3E:DA:61:AB:F0:B2:FE:00:F3:26:E4:94:6F:8E:F2:9D:07 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 14:18:7f:ef:ae:fe:25:eb:34:29:9e:cd:c1:a9:75:fa:d5:31: cb:e7:47:50:19:04:53:e7:4c:16:ce:95:ff:93:88:99:92:61: 1a:2e:4a:99:8e:53:52:5f:44:1a:08:f6:41:9f:2a:7c:41:7e: 22:58:c7:6c:43:ec:32:90:d7:c2:8e:3e:4f:e0:8a:05:11:49: 1f:6d:ef:8c:3a:5e:5a:34:2f:6b:bc:3f:4f:98:93:05:09:4e: c7:90:dc:82:4b:fb:31:39:63:05:ac:19:9f:59:06:0c:2d:0e: 1d:f3:82:22:66:0f:fc:3e:bb:07:3c:5d:81:32:0c:c9:32:aa: cd:72:b9:c8:91:06:a9:97:94:be:e4:68:21:00:15:d6:fe:d7: 13:af:b0:c3:19:ae:6c:44:38:7e:b9:c3:ab:8b:6f:57:4d:2d: c5:46:a0:7d:1b:a4:ac:5f:d7:bf:65:40:62:89:d2:b2:35:02: e7:aa:3e:19:bf:1d:c6:7b:cd:4e:6a:23:d1:36:41:67:08:6d: 99:25:55:d1:8d:1b:2c:bf:63:83:4b:34:9b:48:94:89:5b:7a: ab:9c:50:00:55:cb:0b:06:07:d5:f7:1b:1c:2a:2d:84:74:2a: 7d:2b:c4:fd:97:ac:25:fe:18:7d:82:99:18:6a:6a:ed:61:30: a9:d6:da:55 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUGZ5c6LK8CsVO+80FIWY9Ft9Sc7kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1NTExN1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYTgwNjk2MTY0M2ZmOTY0ZmI2NTQ2 OTRkNzhkNjI2N2IxZTYxNmFmZjFjNDg2ZjNkNDk2ZmYzMWNjNjI2N2JhYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLNyhZiqfXApE+7WejShai3XDQDx KzjZ+QNaQbsxWi4sFSYqeb1/9s8Tox/iBE+c1RwMTzI8tHsKSOa93XG5fYP0Qi8v p2o1xn1poXFBXlJQTgJnIhH6PzoXINf0U3wfb2vmjfe8LTmOQnWPg5ycQeNGxYOB mAFLyLkQoYBx/3QwRUT311N5zGpBS08JpkzkoerTo//UuD+RHJ+Ck5WtEgyuhK2J ow66Na/tWoqthZD09A+YL5F4VLwcDnqjdxDeVq/4HKZR8tqyEX76t2swzOhloK/b V4Z2XBhW8yZkkGA9010FPyso1v69xFM8pTxRcBIIvUt6uAtHGLY49TDWQQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFPRHEz7aYavwsv4A8ybklG+O8p0HMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBABQYf++u/iXrNCmezcGpdfrV McvnR1AZBFPnTBbOlf+TiJmSYRouSpmOU1JfRBoI9kGfKnxBfiJYx2xD7DKQ18KO Pk/gigURSR9t74w6Xlo0L2u8P0+YkwUJTseQ3IJL+zE5YwWsGZ9ZBgwtDh3zgiJm D/w+uwc8XYEyDMkyqs1yuciRBqmXlL7kaCEAFdb+1xOvsMMZrmxEOH65w6uLb1dN LcVGoH0bpKxf179lQGKJ0rI1AueqPhm/HcZ7zU5qI9E2QWcIbZklVdGNGyy/Y4NL NJtIlIlbequcUABVywsGB9X3GxwqLYR0Kn0rxP2XrCX+GH2CmRhqau1hMKnW2lU= -----END CERTIFICATE-----Generated at Sat Jun 14 06:16:26 2025 by rpki-client