$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa File: ea00a163-31aa-4894-aa58-c2946b21cd7e.roa (raw, json) Hash identifier: iocREZ3POujgymBq0tf/USz3yYzvsuR9/7RisYDSKKU= Subject key identifier: F6:FF:04:2A:BC:39:8D:6E:50:8C:77:72:F7:5E:A2:16:28:67:F1:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 546BC0C39244B97EB1D384CCCFA25E591A27DD94 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa Signing time: Mon 04 Aug 2025 15:00:34 +0000 ROA not before: Mon 04 Aug 2025 15:00:34 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 00:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:6b:c0:c3:92:44:b9:7e:b1:d3:84:cc:cf:a2:5e:59:1a:27:dd:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 4 15:00:34 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=3e6d594857972d9b9dbade65e9d4a8241ce38971af2ac861e8762e32e72a3454, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fe:4c:43:13:eb:6c:c0:81:fa:1d:46:0f:b0:ed: 85:56:41:79:6e:a6:e2:fd:8f:ad:f3:f3:98:70:e9: d2:0f:10:5e:0a:c6:4b:af:ad:92:ce:9c:79:43:6f: 08:d5:31:63:d6:2e:e8:91:22:d2:c3:f7:8c:49:c0: 83:5b:cd:4a:60:30:0d:84:81:e7:7c:e5:9b:82:de: b3:e9:60:32:a7:fc:2c:c8:51:fa:02:ca:e8:59:03: 85:09:22:fe:98:af:5c:36:71:1c:6b:29:0f:a3:b6: 65:e5:07:2d:33:8d:89:d4:2f:0e:63:42:68:4a:3d: f8:61:f0:07:a2:3f:4a:3c:75:83:e1:1f:a6:29:6d: 69:bf:9e:5a:84:6b:7e:42:a7:d6:d4:44:5f:99:5b: 65:7f:56:78:47:22:ab:4f:a4:06:8d:55:c1:15:e1: ef:51:0f:75:18:b8:3f:a3:c1:4f:1a:e5:35:01:c5: 35:6d:71:98:a1:82:6a:ac:c8:74:fd:0a:73:3e:03: 56:ab:5b:7b:47:d7:ce:5d:65:5c:7a:14:ac:b5:91: 83:07:ee:76:35:75:b7:2a:b8:46:9b:db:2a:21:04: 71:cf:a5:be:6d:36:c9:d8:15:e2:b1:1a:62:6d:10: e3:ec:30:fb:4e:05:fe:8f:3f:b2:fa:9e:52:b2:b3: fa:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:FF:04:2A:BC:39:8D:6E:50:8C:77:72:F7:5E:A2:16:28:67:F1:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea00a163-31aa-4894-aa58-c2946b21cd7e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.60.0/24 Signature Algorithm: sha256WithRSAEncryption 66:d8:ca:fb:6d:10:b5:93:6e:7f:ea:96:ba:5e:bc:35:bb:aa: 7e:f8:2b:b4:da:e1:db:5f:c8:88:d1:d0:ef:aa:a3:f0:19:5b: 5f:2c:75:6d:04:fa:d2:db:59:50:64:da:0b:9a:6f:da:64:4e: 67:cd:7a:f8:3d:18:ab:a4:32:ca:eb:b3:63:6a:4d:bf:6f:68: 52:cf:9a:36:6b:c0:16:31:08:74:7c:2d:24:64:a7:6e:15:b7: 21:bd:9b:86:e1:7f:aa:e8:21:11:2b:99:9e:fc:0d:6c:fb:7c: 76:47:64:da:ef:3c:96:fa:6a:26:2b:56:b1:01:98:15:05:16: c0:c1:41:d9:c6:6d:48:9a:82:f7:d9:56:f8:cc:f4:6a:61:c2: c3:4e:bd:d8:5f:d2:bd:c8:58:e3:a5:c6:42:52:77:e4:24:8d: 84:f7:ae:54:96:18:39:95:17:42:02:39:be:a5:5e:10:cc:45: 2b:83:e3:ad:c8:4a:3f:e3:0d:46:7b:9d:d0:72:a8:7d:3b:5c: fd:4a:69:03:37:4f:44:03:07:41:42:ee:f5:e0:6b:b7:30:5a: d4:af:16:0a:d6:f1:4c:4f:9a:5b:7f:79:70:6b:af:d0:af:49: 86:a4:2d:86:d7:d9:84:ec:e8:a6:fd:83:70:00:4d:80:c8:93: ea:b3:65:bb -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVGvAw5JEuX6x04TMz6JeWRon3ZQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwNDE1MDAzNFoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAM2U2ZDU5NDg1Nzk3MmQ5YjlkYmFk ZTY1ZTlkNGE4MjQxY2UzODk3MWFmMmFjODYxZTg3NjJlMzJlNzJhMzQ1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/kxDE+tswIH6HUYPsO2FVkF5bqbi /Y+t8/OYcOnSDxBeCsZLr62Szpx5Q28I1TFj1i7okSLSw/eMScCDW81KYDANhIHn fOWbgt6z6WAyp/wsyFH6AsroWQOFCSL+mK9cNnEcaykPo7Zl5QctM42J1C8OY0Jo Sj34YfAHoj9KPHWD4R+mKW1pv55ahGt+QqfW1ERfmVtlf1Z4RyKrT6QGjVXBFeHv UQ91GLg/o8FPGuU1AcU1bXGYoYJqrMh0/QpzPgNWq1t7R9fOXWVcehSstZGDB+52 NXW3KrhGm9sqIQRxz6W+bTbJ2BXisRpibRDj7DD7TgX+jz+y+p5SsrP66wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPb/BCq8OY1uUIx3cvdeohYoZ/F0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhMDBhMTYzLTMxYWEtNDg5NC1hYTU4LWMyOTQ2YjIxY2Q3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A8MA0GCSqGSIb3DQEBCwUAA4IBAQBm2Mr7bRC1k25/6pa6Xrw1 u6p++Cu02uHbX8iI0dDvqqPwGVtfLHVtBPrS21lQZNoLmm/aZE5nzXr4PRirpDLK 67Njak2/b2hSz5o2a8AWMQh0fC0kZKduFbchvZuG4X+q6CERK5me/A1s+3x2R2Ta 7zyW+momK1axAZgVBRbAwUHZxm1ImoL32Vb4zPRqYcLDTr3YX9K9yFjjpcZCUnfk JI2E965Ulhg5lRdCAjm+pV4QzEUrg+OtyEo/4w1Ge53Qcqh9O1z9SmkDN09EAwdB Qu714Gu3MFrUrxYK1vFMT5pbf3lwa6/Qr0mGpC2G19mE7Oim/YNwAE2AyJPqs2W7 -----END CERTIFICATE-----Generated at Thu Aug 7 04:44:30 2025 by rpki-client