$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa File: db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa (raw, json) Hash identifier: Sz6mI4Xhe0mZPE7ABB4nke80uSMEfy53h4RJKotfQog= Subject key identifier: F4:51:94:5D:0B:67:77:59:F8:26:69:01:DF:9B:2F:80:3B:16:A9:64 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78A1AD3E3DC6307B75D85837E4B73A8E919152BD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa Signing time: Sat 02 Aug 2025 00:00:49 +0000 ROA not before: Sat 02 Aug 2025 00:00:49 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:a1:ad:3e:3d:c6:30:7b:75:d8:58:37:e4:b7:3a:8e:91:91:52:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 2 00:00:49 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=f5d29064f17981e3458cce07e1550035b682b76c559f6eda53be5433a9229d72, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:83:ee:81:82:1a:a1:45:25:21:0b:9d:1c:31: da:85:69:a2:88:10:eb:f4:95:58:46:93:e8:f5:b2: 43:42:71:4e:89:3f:28:36:ed:b1:f0:53:74:c1:6c: 7e:c2:a7:4e:6e:de:d3:05:73:fa:59:13:04:78:6c: 98:ea:dd:4c:5c:19:18:ba:0a:7b:b9:6a:e7:1a:01: c3:ec:a3:b3:af:77:f3:5c:47:f5:e2:a2:f8:eb:3f: cd:40:9d:2f:bd:19:a5:0c:24:24:ef:87:c8:5a:76: 50:66:e2:75:92:48:e0:7f:47:ac:ba:b3:0b:b6:d0: 28:15:c8:49:e2:49:d9:46:40:fb:96:2e:5a:c8:3a: 7b:c8:fc:d1:53:8f:55:9f:95:e1:11:8c:7a:aa:73: ac:4a:f0:6b:0b:84:53:af:0d:f0:43:9d:b0:46:e4: e8:de:0d:6a:71:99:a4:e1:13:26:d7:ab:49:87:92: 4d:7e:9d:3b:aa:74:67:e2:7a:49:c8:05:7a:62:97: 07:95:e5:d2:fb:b3:3a:61:d9:19:1d:e7:d2:2e:40: 4a:43:54:d7:96:02:84:72:60:ae:78:82:dc:84:65: 12:67:f3:f3:5c:ab:4c:02:55:c3:dd:1c:43:81:1c: 7f:dc:4a:e5:a6:0c:22:6e:9f:7d:07:31:23:0d:0e: fd:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:51:94:5D:0B:67:77:59:F8:26:69:01:DF:9B:2F:80:3B:16:A9:64 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.63.0/24 Signature Algorithm: sha256WithRSAEncryption 21:d1:cf:65:1c:2d:22:46:81:91:e3:c7:76:6f:77:2f:11:4d: 83:b9:2f:26:16:8d:02:c3:64:51:8b:0b:8c:9c:7f:fd:24:ea: 06:41:5e:85:73:f3:ef:2a:ab:e2:f6:a5:d3:65:5b:d8:4d:06: ef:1a:ec:f6:ca:96:fd:bf:98:e3:ed:2f:a7:7c:7a:5d:76:77: 00:86:91:3b:1b:70:41:f6:16:e0:a0:b2:c7:78:cd:82:c0:c9: 06:3a:2a:a7:a3:9a:a7:51:1c:04:93:c9:6f:98:67:97:c3:a2: 74:f3:ba:21:81:2b:09:77:bc:18:b9:3d:4d:ee:6d:c7:9a:e4: 5e:7f:e5:9c:50:04:68:58:a0:bc:21:c5:5a:41:00:07:47:87: 70:84:00:35:64:4e:65:57:68:ff:8c:a5:5d:a9:5e:ef:f4:76: 46:3c:96:ba:0e:9b:35:5e:64:e6:88:50:2d:d2:4e:fb:21:9c: 3c:1b:99:f7:8e:b1:c3:03:a6:30:f4:6b:81:d0:fc:fa:38:8c: 61:60:b8:66:8c:4a:13:16:47:07:7a:d6:b2:d1:af:a1:80:a4: 87:67:10:64:1b:d8:1a:70:7a:a6:a4:85:58:f0:fb:65:ca:cb: 13:77:8e:dc:87:25:e9:b0:03:f2:aa:fe:b1:ef:b4:4a:86:17: 92:52:13:e2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUeKGtPj3GMHt12Fg35Lc6jpGRUr0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMjAwMDA0OVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAZjVkMjkwNjRmMTc5ODFlMzQ1OGNj ZTA3ZTE1NTAwMzViNjgyYjc2YzU1OWY2ZWRhNTNiZTU0MzNhOTIyOWQ3MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoPugYIaoUUlIQudHDHahWmiiBDr 9JVYRpPo9bJDQnFOiT8oNu2x8FN0wWx+wqdObt7TBXP6WRMEeGyY6t1MXBkYugp7 uWrnGgHD7KOzr3fzXEf14qL46z/NQJ0vvRmlDCQk74fIWnZQZuJ1kkjgf0esurML ttAoFchJ4knZRkD7li5ayDp7yPzRU49Vn5XhEYx6qnOsSvBrC4RTrw3wQ52wRuTo 3g1qcZmk4RMm16tJh5JNfp07qnRn4npJyAV6YpcHleXS+7M6YdkZHefSLkBKQ1TX lgKEcmCueILchGUSZ/PzXKtMAlXD3RxDgRx/3Erlpgwibp99BzEjDQ79vwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPRRlF0LZ3dZ+CZpAd+bL4A7FqlkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiMDgyNGJiLTcxYjItNGY2ZS1iOGVkLWMxMGVlM2Q0MjdhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g/MA0GCSqGSIb3DQEBCwUAA4IBAQAh0c9lHC0iRoGR48d2b3cv EU2DuS8mFo0Cw2RRiwuMnH/9JOoGQV6Fc/PvKqvi9qXTZVvYTQbvGuz2ypb9v5jj 7S+nfHpddncAhpE7G3BB9hbgoLLHeM2CwMkGOiqno5qnURwEk8lvmGeXw6J087oh gSsJd7wYuT1N7m3HmuRef+WcUARoWKC8IcVaQQAHR4dwhAA1ZE5lV2j/jKVdqV7v 9HZGPJa6Dps1XmTmiFAt0k77IZw8G5n3jrHDA6Yw9GuB0Pz6OIxhYLhmjEoTFkcH etay0a+hgKSHZxBkG9gacHqmpIVY8PtlyssTd47chyXpsAPyqv6x77RKhheSUhPi -----END CERTIFICATE-----Generated at Mon Aug 4 14:16:58 2025 by rpki-client