$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa File: 9489db20-95e0-4921-9118-b2516a901b12.roa (raw, json) Hash identifier: rav8XC2NqYzaq3Z7Vkop0skSYxqJsN0pvXdLtuN+ARM= Subject key identifier: AB:38:AB:6E:55:28:EB:61:7C:A2:27:C4:48:2A:B7:5B:3E:BA:5C:ED Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 157EB771325E483B3A4812C0F3CDAC6504FD5D5B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa Signing time: Fri 13 Jun 2025 00:01:01 +0000 ROA not before: Fri 13 Jun 2025 00:01:01 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:7e:b7:71:32:5e:48:3b:3a:48:12:c0:f3:cd:ac:65:04:fd:5d:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:01:01 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=ce169dc9f0a578a063e8929721f4b8842fb1263753b7e36352a3daf94b6e2acf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a1:7e:5c:4e:46:98:c4:2a:0e:3b:8f:a7:fa: 41:27:67:46:b2:e6:bb:0e:19:77:cd:60:31:bc:ea: 58:4e:c6:f7:fc:58:85:65:2c:cd:51:16:a8:7f:c7: df:b4:19:9d:be:49:d8:10:32:11:8c:9a:c1:c3:d9: bd:be:86:21:2d:be:28:97:b8:17:8b:a1:df:30:8b: 3a:a4:e5:20:20:44:1b:75:87:eb:e2:4f:4d:eb:f4: 94:a5:c7:50:d6:bf:70:d9:a9:15:03:19:2d:d5:33: 60:b4:2e:dd:12:fc:45:5d:6f:bd:4c:72:c0:38:96: 9d:4b:05:02:9e:47:0a:0c:78:9d:6b:ea:6b:3f:ce: bc:19:1b:db:d6:a0:4b:ab:e3:db:9f:f0:20:79:86: c3:24:8a:82:0e:95:8f:cc:6f:83:d3:0f:fb:17:0a: a8:50:3d:2f:09:c4:9e:10:3f:fc:2a:ed:d6:55:b6: a9:6d:54:2f:25:4b:53:27:14:1f:ed:e1:a7:94:d7: e5:c2:02:92:da:cf:a2:55:79:bf:e3:32:e6:98:2f: 09:e6:67:67:cd:34:d8:66:d6:97:cf:60:bc:41:47: b1:cc:c3:c2:14:23:8a:5f:6e:2d:6f:05:3e:cd:d9: 3b:f7:b9:e8:63:e3:1d:eb:e6:1b:94:d4:bf:1e:ab: 9c:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:38:AB:6E:55:28:EB:61:7C:A2:27:C4:48:2A:B7:5B:3E:BA:5C:ED X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.72.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:72:f8:74:fe:6b:f5:e6:4e:4c:cd:14:2d:99:bd:f9:0a:9e: 12:f1:0e:89:42:27:23:3f:ed:e4:73:9f:ae:44:4a:d3:73:84: b2:f3:29:06:aa:4c:7d:90:01:97:46:e6:56:1d:6e:39:65:d7: b3:8d:47:dd:21:4b:40:d9:79:aa:d2:82:d2:85:a3:85:09:b8: 2f:97:7a:e1:45:c5:b8:21:cf:89:a7:20:15:bb:73:1d:9c:82: cd:0f:80:60:93:af:22:dc:33:a3:5e:27:2e:67:5d:87:ad:e7: 05:ba:81:c9:4c:eb:c5:0a:51:a3:d8:56:ed:6b:4b:42:f8:90: a0:95:a0:57:47:b7:e0:73:dc:c2:cb:03:07:6f:a6:15:d6:13: 0d:a4:87:c1:39:28:b9:7b:19:ad:c4:10:2e:83:3a:45:b7:80: f8:2e:de:26:4e:c6:7f:f0:b0:66:b4:5d:1a:97:84:70:1f:cd: e6:82:a8:c1:81:d9:52:8e:63:5c:92:74:36:ff:2c:8b:51:49: 71:69:3f:70:e9:8b:7c:8d:09:c7:38:d0:13:3f:32:12:bb:38: 85:b1:48:ad:8d:40:1a:b7:c4:53:c6:5b:e3:38:21:de:a2:d4: 3f:96:9c:89:60:0c:d4:c1:e5:20:7b:27:b6:72:04:31:72:e8: 90:91:bb:cc -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFX63cTJeSDs6SBLA882sZQT9XVswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDEwMVoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAY2UxNjlkYzlmMGE1NzhhMDYzZTg5 Mjk3MjFmNGI4ODQyZmIxMjYzNzUzYjdlMzYzNTJhM2RhZjk0YjZlMmFjZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqF+XE5GmMQqDjuPp/pBJ2dGsua7 Dhl3zWAxvOpYTsb3/FiFZSzNURaof8fftBmdvknYEDIRjJrBw9m9voYhLb4ol7gX i6HfMIs6pOUgIEQbdYfr4k9N6/SUpcdQ1r9w2akVAxkt1TNgtC7dEvxFXW+9THLA OJadSwUCnkcKDHida+prP868GRvb1qBLq+Pbn/AgeYbDJIqCDpWPzG+D0w/7Fwqo UD0vCcSeED/8Ku3WVbapbVQvJUtTJxQf7eGnlNflwgKS2s+iVXm/4zLmmC8J5mdn zTTYZtaXz2C8QUexzMPCFCOKX24tbwU+zdk797noY+Md6+YblNS/HqucTQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKs4q25VKOthfKInxEgqt1s+ulztMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0ODlkYjIwLTk1ZTAtNDkyMS05MTE4LWIyNTE2YTkwMWIxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9hIMA0GCSqGSIb3DQEBCwUAA4IBAQCccvh0/mv15k5MzRQtmb35 Cp4S8Q6JQicjP+3kc5+uRErTc4Sy8ykGqkx9kAGXRuZWHW45ZdezjUfdIUtA2Xmq 0oLShaOFCbgvl3rhRcW4Ic+JpyAVu3MdnILND4Bgk68i3DOjXicuZ12HrecFuoHJ TOvFClGj2Fbta0tC+JCglaBXR7fgc9zCywMHb6YV1hMNpIfBOSi5exmtxBAugzpF t4D4Lt4mTsZ/8LBmtF0al4RwH83mgqjBgdlSjmNcknQ2/yyLUUlxaT9w6Yt8jQnH ONATPzISuziFsUitjUAat8RTxlvjOCHeotQ/lpyJYAzUweUgeye2cgQxcuiQkbvM -----END CERTIFICATE-----Generated at Sat Jun 14 05:44:33 2025 by rpki-client