$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa File: db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa (raw, json) Hash identifier: LhnNV9YrMMkpcCWPMKIEtojCCNMDjPWyWlMhGXY5ccE= Subject key identifier: C6:81:81:67:47:D9:DD:1D:75:34:02:53:5B:79:DB:62:51:84:F2:AF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2FCDB5FE72CFD27AE23D61E109C8460E396C07E6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa Signing time: Fri 13 Jun 2025 00:00:57 +0000 ROA not before: Fri 13 Jun 2025 00:00:57 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:cd:b5:fe:72:cf:d2:7a:e2:3d:61:e1:09:c8:46:0e:39:6c:07:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 13 00:00:57 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=be813ffa26f5cf36618cfde74f9bbcc577150f7c780f3adad94e009de3f70de7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:15:e1:fa:3f:df:61:fd:d3:a1:a4:d9:22:45: f5:eb:4d:e5:f9:5f:30:86:7f:7a:97:1e:49:7a:fc: 46:92:26:2f:89:dc:74:6a:e4:1b:d2:e8:e8:c3:d1: 2c:96:4f:a9:ff:d0:75:06:fb:3b:a0:07:94:79:a1: 3b:3f:da:da:31:c6:bd:22:46:f1:3f:2b:d1:1f:a0: b3:a6:e8:b2:8d:bb:19:1e:47:5d:fa:ea:56:48:02: 41:ae:e5:7d:10:19:40:15:3d:d0:1a:d2:e3:31:10: c2:2f:38:8d:c2:d7:3e:f1:30:6a:5e:a9:0b:9e:fc: 32:e6:88:76:50:81:89:2f:c0:c5:c4:2f:b7:55:db: 93:10:a7:d0:fa:a7:9d:54:5f:c8:54:fd:8b:20:27: ad:b6:b2:e7:40:f9:c3:46:fb:d2:d9:13:58:92:89: e5:12:b1:53:e8:b9:c2:98:d0:0d:d9:f4:78:f9:14: 57:79:24:7b:db:d2:ae:cb:93:3d:c0:04:91:72:36: 11:f3:11:64:e0:7a:32:44:16:ea:37:12:aa:44:ba: 2c:76:70:b8:04:da:81:c4:f4:a6:56:d9:60:29:8f: 65:25:a2:f5:b8:68:34:4f:9d:88:0e:44:c0:07:fe: 41:1a:1a:d6:f9:2c:e6:6b:85:68:b0:14:2f:c4:1c: 68:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:81:81:67:47:D9:DD:1D:75:34:02:53:5B:79:DB:62:51:84:F2:AF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.63.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:d3:a1:14:3f:5e:c2:30:f4:9a:4f:15:e0:a9:aa:ed:99:3e: 77:07:ae:9d:7e:69:2d:0c:64:c3:4f:5d:bb:3f:fc:48:c9:e4: 5e:9a:a5:2c:1c:76:39:f8:21:2e:d1:18:8e:3c:0e:6c:58:eb: f7:7b:a5:27:19:9e:7e:2b:d9:99:e2:02:57:f3:27:63:a3:14: 89:76:dc:f5:d4:53:ec:ea:d7:d8:d3:eb:f7:3d:09:7c:04:f6: 9a:42:65:fd:d0:ac:2d:bc:dd:63:be:f5:c5:6b:6b:43:06:16: 4e:88:86:84:36:cf:14:d9:38:a4:51:1f:a1:4e:87:fb:63:6f: 01:7b:2f:95:df:2b:78:21:c4:bc:06:58:29:36:9d:20:4c:af: 63:54:5d:b4:ad:52:ca:c5:6b:f1:38:fc:55:72:9e:aa:2b:9c: 02:66:e3:42:4d:ba:cb:9a:db:ee:da:61:77:d5:dd:9c:a3:1f: 5d:bc:d3:39:7b:6f:a5:61:93:ea:fe:cf:ad:d0:35:b5:23:4e: 1b:ab:97:7d:ea:e9:c4:f6:96:44:59:16:72:f5:20:1f:af:36: 62:20:72:fd:4b:be:41:e0:db:62:1e:48:cf:e5:81:3d:6c:6b: ed:8d:84:e6:fb:3f:84:10:a2:a7:74:5f:86:6f:2b:e6:20:dd: 98:68:34:65 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUL821/nLP0nriPWHhCchGDjlsB+YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMzAwMDA1N1oX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAYmU4MTNmZmEyNmY1Y2YzNjYxOGNm ZGU3NGY5YmJjYzU3NzE1MGY3Yzc4MGYzYWRhZDk0ZTAwOWRlM2Y3MGRlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhXh+j/fYf3ToaTZIkX1603l+V8w hn96lx5JevxGkiYvidx0auQb0ujow9Eslk+p/9B1Bvs7oAeUeaE7P9raMca9Ikbx PyvRH6CzpuiyjbsZHkdd+upWSAJBruV9EBlAFT3QGtLjMRDCLziNwtc+8TBqXqkL nvwy5oh2UIGJL8DFxC+3VduTEKfQ+qedVF/IVP2LICettrLnQPnDRvvS2RNYkonl ErFT6LnCmNAN2fR4+RRXeSR729Kuy5M9wASRcjYR8xFk4HoyRBbqNxKqRLosdnC4 BNqBxPSmVtlgKY9lJaL1uGg0T52IDkTAB/5BGhrW+Szma4VosBQvxBxovwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMaBgWdH2d0ddTQCU1t522JRhPKvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiMDgyNGJiLTcxYjItNGY2ZS1iOGVkLWMxMGVlM2Q0MjdhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g/MA0GCSqGSIb3DQEBCwUAA4IBAQCc06EUP17CMPSaTxXgqart mT53B66dfmktDGTDT127P/xIyeRemqUsHHY5+CEu0RiOPA5sWOv3e6UnGZ5+K9mZ 4gJX8ydjoxSJdtz11FPs6tfY0+v3PQl8BPaaQmX90KwtvN1jvvXFa2tDBhZOiIaE Ns8U2TikUR+hTof7Y28Bey+V3yt4IcS8BlgpNp0gTK9jVF20rVLKxWvxOPxVcp6q K5wCZuNCTbrLmtvu2mF31d2cox9dvNM5e2+lYZPq/s+t0DW1I04bq5d96unE9pZE WRZy9SAfrzZiIHL9S75B4NtiHkjP5YE9bGvtjYTm+z+EEKKndF+GbyvmIN2YaDRl -----END CERTIFICATE-----Generated at Sat Jun 14 06:04:19 2025 by rpki-client