$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa File: c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa (raw, json) Hash identifier: q3/1KlmfuyaUW5o4uGi3clrV35zqQ5aOXxWB36iLRaQ= Subject key identifier: 1D:29:69:00:06:CB:49:DE:B2:6F:0D:26:D1:02:1D:35:F8:79:2F:19 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2AE0474C40DE0BC912DBF0FDC02A0A50C4D8A2EE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa Signing time: Sat 02 Aug 2025 00:00:59 +0000 ROA not before: Sat 02 Aug 2025 00:00:59 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:e0:47:4c:40:de:0b:c9:12:db:f0:fd:c0:2a:0a:50:c4:d8:a2:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 2 00:00:59 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=a6b5e1fc62b92634a92e1a279838a12cec7e92f9f354bc9a5df1ea8274113eb9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:b3:4a:c3:aa:6f:f6:1f:91:c3:81:a2:36:5f: 23:4a:67:ca:23:cf:65:a2:52:f5:9e:00:60:5e:08: 32:ed:48:c0:db:f6:4f:47:4d:bd:4a:8b:22:60:e3: eb:c1:1b:c6:db:10:d9:96:a5:7a:c3:d0:1b:8a:17: 94:64:04:00:ee:0e:ba:c4:6e:b3:db:d4:63:45:d7: 15:5d:55:76:c5:d9:3f:28:6e:51:83:b0:64:f1:fb: 13:d1:47:ff:e7:9d:ee:bf:ec:9f:b1:70:37:a7:91: 15:97:4f:b5:78:e0:4c:17:0d:c4:3e:76:5a:89:99: 52:8b:24:d6:92:87:e0:56:95:a1:b0:1a:e8:f5:64: 92:ce:03:e9:e1:71:78:34:3e:81:f5:7b:0f:d8:9f: 3a:66:e6:2e:4d:20:ec:b1:ae:c4:70:44:db:7b:6b: d4:1f:4c:5d:23:1e:8a:e4:38:c6:4f:ae:2a:b7:85: 50:42:88:53:f9:50:3f:86:e8:a6:8c:d6:c8:d1:cd: cc:55:18:44:75:0d:a5:bb:0d:6a:4b:98:3e:8b:b8: 58:bb:47:53:76:51:07:5f:63:3f:13:36:98:f2:eb: 61:13:e7:01:fb:54:53:50:a9:d6:3f:71:e5:c9:fc: de:80:bc:b6:9e:e6:b2:af:40:27:d4:b3:9c:9f:61: 5b:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:29:69:00:06:CB:49:DE:B2:6F:0D:26:D1:02:1D:35:F8:79:2F:19 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.158.0/23 Signature Algorithm: sha256WithRSAEncryption 6b:fb:a4:e6:89:cb:72:9c:ba:9f:25:77:fd:33:1e:4a:b3:e1: 8b:a1:f7:04:6d:d7:d7:39:9e:5a:61:3c:e4:fd:c8:9f:c1:00: 77:e5:94:b8:54:b7:50:0b:c1:97:b9:88:ab:c6:76:79:9c:b3: bf:ef:bc:55:5f:88:e4:f5:0e:fc:69:b7:35:a1:82:62:04:f5: 17:5f:47:7e:8e:45:e9:c6:f2:9e:3c:19:dd:30:f4:9a:af:a5: 3b:37:05:73:6f:5b:ff:22:a2:d3:6a:65:c1:cf:10:82:3b:db: 64:e7:d0:2c:0b:f0:a0:cb:2a:10:27:e0:95:64:3f:ab:b9:6f: d3:a3:66:8d:95:f5:f6:9b:5a:e3:a7:98:25:c6:02:72:11:5a: 3d:7e:b5:12:ee:f3:5c:56:03:09:0f:91:33:ef:7a:49:66:00: 22:ca:aa:c0:04:50:4c:88:98:74:90:04:f5:1f:d5:0e:b1:f8: 29:d5:8c:0b:3c:c1:1c:59:17:7c:ac:8a:f9:61:0a:e4:c8:16: 76:60:b8:bd:fd:d6:c5:8a:c2:11:19:22:2c:60:2f:8d:49:20: da:30:11:75:e5:72:d6:31:9a:16:f5:a5:39:f7:e8:e8:da:74: 46:17:16:8d:40:b4:91:d7:fc:aa:76:c5:89:48:b3:6e:56:02: 87:7c:2b:be -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUKuBHTEDeC8kS2/D9wCoKUMTYou4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMjAwMDA1OVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAYTZiNWUxZmM2MmI5MjYzNGE5MmUx YTI3OTgzOGExMmNlYzdlOTJmOWYzNTRiYzlhNWRmMWVhODI3NDExM2ViOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bNKw6pv9h+Rw4GiNl8jSmfKI89l olL1ngBgXggy7UjA2/ZPR029SosiYOPrwRvG2xDZlqV6w9AbiheUZAQA7g66xG6z 29RjRdcVXVV2xdk/KG5Rg7Bk8fsT0Uf/553uv+yfsXA3p5EVl0+1eOBMFw3EPnZa iZlSiyTWkofgVpWhsBro9WSSzgPp4XF4ND6B9XsP2J86ZuYuTSDssa7EcETbe2vU H0xdIx6K5DjGT64qt4VQQohT+VA/huimjNbI0c3MVRhEdQ2luw1qS5g+i7hYu0dT dlEHX2M/EzaY8uthE+cB+1RTUKnWP3HlyfzegLy2nuayr0An1LOcn2FbUwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFB0paQAGy0nesm8NJtECHTX4eS8ZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZTA3MzVkLWE5MWUtNDc4ZC04MmQyLWEzZjA0ZWU0MzVkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9qeMA0GCSqGSIb3DQEBCwUAA4IBAQBr+6TmictynLqfJXf9Mx5K s+GLofcEbdfXOZ5aYTzk/cifwQB35ZS4VLdQC8GXuYirxnZ5nLO/77xVX4jk9Q78 abc1oYJiBPUXX0d+jkXpxvKePBndMPSar6U7NwVzb1v/IqLTamXBzxCCO9tk59As C/CgyyoQJ+CVZD+ruW/To2aNlfX2m1rjp5glxgJyEVo9frUS7vNcVgMJD5Ez73pJ ZgAiyqrABFBMiJh0kAT1H9UOsfgp1YwLPMEcWRd8rIr5YQrkyBZ2YLi9/dbFisIR GSIsYC+NSSDaMBF15XLWMZoW9aU59+jo2nRGFxaNQLSR1/yqdsWJSLNuVgKHfCu+ -----END CERTIFICATE-----Generated at Mon Aug 4 14:22:42 2025 by rpki-client