$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa File: 10466492-6e57-4b27-906d-531139de21f0.roa (raw, json) Hash identifier: fackbA70dZQ6AQOYolRcuMosni37UeInYDQMtAUjyec= Subject key identifier: 10:C6:AB:01:64:48:4C:0C:9D:5E:1A:C2:22:A7:27:70:92:81:BE:32 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 79B570E6ADEBD2FF6E37A5FA9C22143E7AD71C0E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa Signing time: Fri 13 Jun 2025 00:01:03 +0000 ROA not before: Fri 13 Jun 2025 00:01:03 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.156.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:b5:70:e6:ad:eb:d2:ff:6e:37:a5:fa:9c:22:14:3e:7a:d7:1c:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:01:03 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=b6920b128c09a35580e5db982c6671360f7afdf13d518e31414dc1f6d2c44559, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:eb:57:05:6c:65:c0:dc:89:5f:00:16:0b:99: 82:0a:26:60:39:f2:8a:64:8d:80:ff:30:59:e9:cb: 9d:6e:e7:87:ac:aa:30:12:7d:8e:98:91:9c:a9:af: ad:23:f9:13:c0:08:76:4c:b9:96:be:74:1f:98:f9: 08:0b:71:a0:8d:22:13:a0:69:73:f2:a9:df:7d:7d: 2a:32:b6:ad:e0:6c:da:ec:5c:94:de:c5:7d:dc:ad: 4a:db:52:25:f2:29:01:a5:f4:f8:66:a3:4c:80:e0: 49:10:43:83:76:e3:c0:9e:70:e3:d1:ed:b3:ae:e6: 54:a3:04:51:28:07:38:63:18:5f:37:50:92:0e:ce: e9:31:e5:39:9b:85:44:b3:f3:9c:2f:df:f8:2c:a2: db:b8:7d:0f:ac:8f:95:7f:e1:43:93:0c:06:66:39: 98:53:fc:e6:cd:26:20:51:f4:92:97:30:d0:ed:bf: 2b:7e:b2:c8:69:a2:6f:e6:a6:25:90:a5:4c:f0:ce: a5:2c:ac:b4:36:a5:f4:33:c9:a2:78:3c:98:7e:62: 58:9c:f2:58:79:3f:20:01:ff:d0:83:fb:33:1b:26: 8b:ca:79:5f:90:d3:3c:f5:43:42:51:12:4e:55:34: 32:2d:bd:7f:d1:b9:31:f0:80:12:2c:30:a9:e2:5b: 79:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:C6:AB:01:64:48:4C:0C:9D:5E:1A:C2:22:A7:27:70:92:81:BE:32 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.156.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:e2:1a:4b:7a:2d:18:76:82:17:34:98:bb:3d:a0:8b:94:fb: 96:a9:57:00:5e:64:d4:51:3f:8f:bf:06:07:a3:9b:07:f8:d6: c8:07:a0:35:d2:c3:a6:41:66:05:c1:06:6d:33:ba:07:f8:1d: 9b:9c:fe:0b:ab:e8:0c:d6:b9:c6:44:2d:f4:b2:8a:81:3a:14: 8f:f3:01:bd:93:9d:2a:6f:e6:80:4f:ee:62:6f:e1:fd:3c:1d: 9d:ea:7f:b6:26:f7:a2:40:3e:e7:7a:88:1f:08:dd:6a:db:3d: 65:cf:08:c9:84:7c:78:6f:0a:1c:ce:2e:c7:2a:c9:e4:38:3a: c6:72:fe:1b:05:e6:26:ea:26:0a:94:3a:df:f6:db:e3:48:46: 4b:d3:bf:55:8b:0d:cf:81:f3:f8:df:97:be:36:f1:7a:c2:14: b9:20:f6:11:d0:d5:fa:ba:74:24:f2:9e:a9:4c:fa:98:c0:ad: af:02:f0:56:ec:a9:af:93:50:7f:65:17:50:ab:ed:b3:8d:93: c3:9d:05:92:60:e6:7e:9a:30:ae:b9:03:6e:bf:0f:0f:6c:8c: bf:73:b1:3a:57:27:6d:f5:59:6a:9f:5f:f4:c7:9c:ce:35:29: 8e:53:86:9f:cc:6b:ea:cb:fe:9e:2c:13:a2:4f:3f:b9:4e:06: d4:37:1c:dc -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUebVw5q3r0v9uN6X6nCIUPnrXHA4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDEwM1oX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAYjY5MjBiMTI4YzA5YTM1NTgwZTVk Yjk4MmM2NjcxMzYwZjdhZmRmMTNkNTE4ZTMxNDE0ZGMxZjZkMmM0NDU1OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+tXBWxlwNyJXwAWC5mCCiZgOfKK ZI2A/zBZ6cudbueHrKowEn2OmJGcqa+tI/kTwAh2TLmWvnQfmPkIC3GgjSIToGlz 8qnffX0qMrat4Gza7FyU3sV93K1K21Il8ikBpfT4ZqNMgOBJEEODduPAnnDj0e2z ruZUowRRKAc4YxhfN1CSDs7pMeU5m4VEs/OcL9/4LKLbuH0PrI+Vf+FDkwwGZjmY U/zmzSYgUfSSlzDQ7b8rfrLIaaJv5qYlkKVM8M6lLKy0NqX0M8mieDyYfmJYnPJY eT8gAf/Qg/szGyaLynlfkNM89UNCURJOVTQyLb1/0bkx8IASLDCp4lt58QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBDGqwFkSEwMnV4awiKnJ3CSgb4yMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEwNDY2NDkyLTZlNTctNGIyNy05MDZkLTUzMTEzOWRlMjFmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9qcMA0GCSqGSIb3DQEBCwUAA4IBAQAa4hpLei0YdoIXNJi7PaCL lPuWqVcAXmTUUT+PvwYHo5sH+NbIB6A10sOmQWYFwQZtM7oH+B2bnP4Lq+gM1rnG RC30soqBOhSP8wG9k50qb+aAT+5ib+H9PB2d6n+2JveiQD7neogfCN1q2z1lzwjJ hHx4bwoczi7HKsnkODrGcv4bBeYm6iYKlDrf9tvjSEZL079Viw3PgfP435e+NvF6 whS5IPYR0NX6unQk8p6pTPqYwK2vAvBW7Kmvk1B/ZRdQq+2zjZPDnQWSYOZ+mjCu uQNuvw8PbIy/c7E6Vydt9Vlqn1/0x5zONSmOU4afzGvqy/6eLBOiTz+5TgbUNxzc -----END CERTIFICATE-----Generated at Sat Jun 14 06:46:28 2025 by rpki-client