$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e22e8ea-542f-4e00-9946-45b52a3a47c4.roa File: 9e22e8ea-542f-4e00-9946-45b52a3a47c4.roa (raw, json) Hash identifier: Ddj0019nF6+XEKqpQ4PNBqo6ljMTWc8MG5mQz5PwfPU= Subject key identifier: 1C:10:7D:7E:3D:7F:5D:40:F7:F8:A0:2F:FF:F9:B7:55:3D:B7:88:EC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3776E1534D07D55FF05A73AEF2B17BE8322E1AF8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e22e8ea-542f-4e00-9946-45b52a3a47c4.roa Signing time: Mon 09 Jun 2025 15:00:50 +0000 ROA not before: Mon 09 Jun 2025 15:00:50 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.246.148.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:76:e1:53:4d:07:d5:5f:f0:5a:73:ae:f2:b1:7b:e8:32:2e:1a:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:00:50 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=c404df3876e17d66d6e21f57ac85e1f495b6dad25445f60b9fc84270ddd27d5d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:07:98:95:60:b6:62:c2:ef:ed:39:b3:06:25: b5:da:a3:16:33:3e:4c:3a:4f:d1:ef:0e:da:e4:b8: 2d:7f:a5:b5:ff:13:c6:3a:13:fb:57:01:a0:b6:27: a5:72:d4:2b:55:be:8e:23:e5:28:7d:64:e5:23:de: 3a:3a:47:21:e7:d3:fe:f9:c9:98:fd:c8:02:2b:49: 8f:20:76:5c:68:16:88:46:eb:41:9e:35:37:99:a5: c3:30:7c:03:23:70:a9:4f:c1:7e:b7:6b:55:47:1e: a7:e2:59:b7:c8:48:ca:c0:17:89:08:80:b4:af:d3: 1d:9f:c0:85:c3:ae:4c:ff:1f:90:0a:23:0f:16:6e: 64:44:31:7d:8b:28:6c:84:17:99:91:3a:c8:0c:4b: 10:93:92:38:d0:50:fc:83:8b:49:54:88:5a:7b:e1: 4b:18:c5:de:90:8e:d2:8b:aa:e2:50:21:45:8f:73: a3:f8:79:3a:94:c1:cf:f8:98:43:7e:87:04:15:a4: 5b:86:41:c4:b3:a1:f3:72:86:8b:16:34:dc:b6:0f: ad:f6:55:c9:f1:8c:aa:d0:b9:33:81:e2:9e:0b:a1: 18:79:99:5b:65:f9:2a:66:b7:b1:a4:5d:7c:4c:83: ad:0a:33:71:8f:5d:c2:05:8a:2d:34:63:b5:7b:5d: 3f:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:10:7D:7E:3D:7F:5D:40:F7:F8:A0:2F:FF:F9:B7:55:3D:B7:88:EC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9e22e8ea-542f-4e00-9946-45b52a3a47c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.246.148.0/22 Signature Algorithm: sha256WithRSAEncryption 9a:3b:bf:61:17:75:c5:e0:27:97:74:92:3e:39:6a:0f:6e:07: 6f:90:c4:7c:01:04:ab:72:41:69:df:7b:c3:2a:3d:60:20:95: 9b:79:74:75:23:4e:90:3f:ea:07:97:ea:44:6f:d4:bf:75:8e: 21:c8:10:34:83:e1:72:95:59:1e:10:94:ae:51:5a:b8:f3:2c: 2a:f1:ee:d8:a2:41:17:14:ad:19:29:e1:3a:20:fc:39:5d:52: da:56:fe:0b:80:1b:49:97:b6:5a:58:5c:a7:38:39:0c:fd:1e: 1a:b9:bb:1f:a9:c7:d5:d0:3b:03:24:29:5a:2c:01:f3:bb:64: 74:6d:43:11:ee:58:f5:a5:f6:7a:f2:cd:e6:e9:60:c2:cd:1c: ba:df:62:62:09:fd:86:63:88:2b:b0:bd:e6:cd:28:60:50:de: 41:cd:ab:eb:94:7f:66:bd:37:9b:6b:94:2a:e0:0f:c6:1c:16: 98:40:01:ca:3e:f2:21:2a:32:67:d9:7f:36:9c:1a:23:53:ca: 47:f1:f2:31:bf:de:cd:83:49:57:c4:7e:b2:5d:7e:8e:6d:ba: bd:b4:75:30:e8:1f:7a:95:0c:fc:ec:4d:6a:d8:e5:d0:5a:09: b2:2f:46:1d:6c:f5:37:59:0c:84:45:49:f8:36:8c:92:76:14: 45:f2:ee:a1 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUN3bhU00H1V/wWnOu8rF76DIuGvgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MDA1MFoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAYzQwNGRmMzg3NmUxN2Q2NmQ2ZTIx ZjU3YWM4NWUxZjQ5NWI2ZGFkMjU0NDVmNjBiOWZjODQyNzBkZGQyN2Q1ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkweYlWC2YsLv7TmzBiW12qMWMz5M Ok/R7w7a5Lgtf6W1/xPGOhP7VwGgtielctQrVb6OI+UofWTlI946Okch59P++cmY /cgCK0mPIHZcaBaIRutBnjU3maXDMHwDI3CpT8F+t2tVRx6n4lm3yEjKwBeJCIC0 r9Mdn8CFw65M/x+QCiMPFm5kRDF9iyhshBeZkTrIDEsQk5I40FD8g4tJVIhae+FL GMXekI7Si6riUCFFj3Oj+Hk6lMHP+JhDfocEFaRbhkHEs6HzcoaLFjTctg+t9lXJ 8Yyq0LkzgeKeC6EYeZlbZfkqZrexpF18TIOtCjNxj13CBYotNGO1e10/IwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBwQfX49f11A9/igL//5t1U9t4jsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzllMjJlOGVhLTU0MmYtNGUwMC05OTQ2LTQ1YjUyYTNhNDdjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZ/aUMA0GCSqGSIb3DQEBCwUAA4IBAQCaO79hF3XF4CeXdJI+OWoP bgdvkMR8AQSrckFp33vDKj1gIJWbeXR1I06QP+oHl+pEb9S/dY4hyBA0g+FylVke EJSuUVq48ywq8e7YokEXFK0ZKeE6IPw5XVLaVv4LgBtJl7ZaWFynODkM/R4aubsf qcfV0DsDJClaLAHzu2R0bUMR7lj1pfZ68s3m6WDCzRy632JiCf2GY4grsL3mzShg UN5BzavrlH9mvTeba5Qq4A/GHBaYQAHKPvIhKjJn2X82nBojU8pH8fIxv97Ng0lX xH6yXX6Obbq9tHUw6B96lQz87E1q2OXQWgmyL0YdbPU3WQyERUn4NoySdhRF8u6h -----END CERTIFICATE-----Generated at Sat Jun 14 06:20:16 2025 by rpki-client