$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa File: 9489db20-95e0-4921-9118-b2516a901b12.roa (raw, json) Hash identifier: AAxPfiDvx+HJJTmaWCDxgOvg0mo+86jFiq8BAgcENNk= Subject key identifier: F0:A5:C3:7A:74:57:41:8B:BB:82:35:CB:28:EB:75:AF:B7:CB:C9:86 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 61598478652A14C47E9C5DC1ED52E87BA42F822A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa Signing time: Sat 02 Aug 2025 00:00:54 +0000 ROA not before: Sat 02 Aug 2025 00:00:54 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:59:84:78:65:2a:14:c4:7e:9c:5d:c1:ed:52:e8:7b:a4:2f:82:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 2 00:00:54 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=dde3cc6cfeebd5eebccc959ac231a13ef7b273817a105606c68097ef6cacecbb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:3f:76:f9:62:cc:f4:aa:67:8b:59:5c:25:f3: 0a:0e:48:8c:fd:47:3e:37:fb:e5:3c:da:79:1b:2a: 34:cc:3d:00:2c:37:e5:74:a2:5a:fb:80:1c:31:f9: 31:80:00:75:74:fe:f2:7f:c7:0a:0b:8f:01:97:d1: c1:53:36:c7:ac:66:c7:58:70:c7:69:65:a4:c9:62: da:55:e5:40:27:b3:dc:b9:95:49:bb:57:38:be:ef: e3:e7:17:0c:09:a3:98:83:50:6f:be:8f:c2:d9:c8: a8:27:5f:69:15:bd:30:97:c1:92:4a:ed:5b:80:14: a8:3a:ee:8d:4f:cc:16:0b:59:b8:fc:73:eb:1b:6d: 14:6a:e3:2f:ab:fb:7f:ab:4c:69:06:e4:27:c0:3d: 86:b8:1b:0f:b1:02:37:22:8f:88:f4:78:2e:2e:30: 41:5b:a7:e8:7e:9a:2c:47:01:8b:61:0f:89:9a:05: ae:14:bb:09:01:62:22:99:10:b8:6d:6b:68:19:80: bb:ee:f1:d3:8f:07:3e:8e:c6:c3:c0:c1:39:e4:31: d8:6a:47:c8:5d:c2:f5:0e:68:a5:90:0c:98:74:60: 86:42:3d:56:9e:6e:49:c1:c2:3e:23:a5:4e:94:e3: e4:cd:b5:9b:ab:eb:b0:b4:cf:e3:f4:c8:43:26:1c: e8:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:A5:C3:7A:74:57:41:8B:BB:82:35:CB:28:EB:75:AF:B7:CB:C9:86 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.72.0/24 Signature Algorithm: sha256WithRSAEncryption 89:07:de:7f:d7:fe:ee:95:91:dc:24:98:86:08:89:77:ce:23: 83:2c:3e:ca:df:c8:c8:c8:ab:68:98:3f:48:ff:24:f6:74:84: af:70:5a:f6:44:21:b7:03:db:7d:17:80:0f:ab:b4:a8:0c:36: 3b:cd:7d:7f:19:c8:fd:f9:9c:3a:33:4a:08:ec:ec:0d:ca:ad: ed:d2:74:ab:8d:13:2e:98:4c:fc:b4:7d:77:3e:52:93:47:ae: 3d:57:3a:c8:a8:0c:f8:6d:78:fa:cc:1e:65:ca:d4:3e:08:ed: a1:16:75:f2:db:de:0a:18:11:25:6f:a0:61:91:e1:b9:25:7f: 19:4c:bc:6c:7b:a9:49:0f:c6:5c:44:74:bf:b2:71:37:27:e4: bc:45:85:a9:13:6b:0f:fa:35:e9:b8:60:1d:f5:f4:e3:dd:be: 5b:fe:1c:03:be:24:4d:62:13:5f:9f:10:7b:c5:69:e1:b8:63: 45:63:ce:7a:d4:c3:0d:51:5e:71:38:2e:74:1a:a0:dc:59:82: 7e:53:0c:e4:91:50:73:6c:cb:f7:17:96:4c:59:da:ad:44:96: 43:91:22:d3:6c:ea:b4:78:30:44:4f:e1:62:2e:92:4a:4d:ab: 70:82:17:24:63:39:4d:4c:3b:50:38:68:7b:40:7e:73:72:d7: aa:bf:a4:41 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYVmEeGUqFMR+nF3B7VLoe6QvgiowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMjAwMDA1NFoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAZGRlM2NjNmNmZWViZDVlZWJjY2M5 NTlhYzIzMWExM2VmN2IyNzM4MTdhMTA1NjA2YzY4MDk3ZWY2Y2FjZWNiYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT92+WLM9Kpni1lcJfMKDkiM/Uc+ N/vlPNp5Gyo0zD0ALDfldKJa+4AcMfkxgAB1dP7yf8cKC48Bl9HBUzbHrGbHWHDH aWWkyWLaVeVAJ7PcuZVJu1c4vu/j5xcMCaOYg1Bvvo/C2cioJ19pFb0wl8GSSu1b gBSoOu6NT8wWC1m4/HPrG20UauMvq/t/q0xpBuQnwD2GuBsPsQI3Io+I9HguLjBB W6fofposRwGLYQ+JmgWuFLsJAWIimRC4bWtoGYC77vHTjwc+jsbDwME55DHYakfI XcL1DmilkAyYdGCGQj1Wnm5JwcI+I6VOlOPkzbWbq+uwtM/j9MhDJhzomQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPClw3p0V0GLu4I1yyjrda+3y8mGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0ODlkYjIwLTk1ZTAtNDkyMS05MTE4LWIyNTE2YTkwMWIxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9hIMA0GCSqGSIb3DQEBCwUAA4IBAQCJB95/1/7ulZHcJJiGCIl3 ziODLD7K38jIyKtomD9I/yT2dISvcFr2RCG3A9t9F4APq7SoDDY7zX1/Gcj9+Zw6 M0oI7OwNyq3t0nSrjRMumEz8tH13PlKTR649VzrIqAz4bXj6zB5lytQ+CO2hFnXy 294KGBElb6BhkeG5JX8ZTLxse6lJD8ZcRHS/snE3J+S8RYWpE2sP+jXpuGAd9fTj 3b5b/hwDviRNYhNfnxB7xWnhuGNFY8561MMNUV5xOC50GqDcWYJ+UwzkkVBzbMv3 F5ZMWdqtRJZDkSLTbOq0eDBET+FiLpJKTatwghckYzlNTDtQOGh7QH5zcteqv6RB -----END CERTIFICATE-----Generated at Mon Aug 4 13:58:06 2025 by rpki-client