$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: VLK1Slk4sk4kyjVWsEzazHy2jCsMG5RGcwfQjAiwLVA= Subject key identifier: 7F:B2:A5:74:1A:A8:D8:58:48:A7:7C:C2:BD:37:28:40:FC:BC:B2:36 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 130DCB7B1FBB14061ACC9C433E2C6D7255F37DA6 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Tue 15 Jul 2025 00:00:04 +0000 ROA not before: Tue 15 Jul 2025 00:00:04 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:51:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:0d:cb:7b:1f:bb:14:06:1a:cc:9c:43:3e:2c:6d:72:55:f3:7d:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Jul 15 00:00:04 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=899714c7d5662af7f2d1b71e20b4dbe6d836102240e57ba73546920d7625d5cf, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0e:fe:50:58:fd:92:23:fd:12:9a:8a:13:a5: d9:cc:09:c7:7a:3b:ee:4b:a9:38:63:a0:5c:7c:b5: 52:7c:2b:e8:18:bb:c9:2d:75:e6:f3:ac:7e:fa:c7: 79:39:e7:cf:7f:6a:3d:a8:c5:cc:46:0c:b7:7b:9f: e5:4b:75:4e:2c:ec:a7:90:94:a4:7d:8f:40:1c:ad: d4:e1:81:f6:79:0d:27:00:d9:eb:14:23:3a:24:7b: ab:48:cf:cc:23:b5:f8:ab:74:0d:5f:76:ef:4e:14: 78:17:cb:81:5c:87:44:b5:ce:e5:85:40:6f:5c:ed: ac:94:04:0e:ad:6e:07:86:62:9e:b9:72:90:66:40: 68:59:59:41:ce:1f:40:35:1d:a5:b8:0c:63:53:a7: 30:54:7d:64:e9:cb:1e:d4:78:58:ec:3c:a6:ab:f7: 95:e9:d6:db:34:55:06:52:fa:48:74:1d:e1:2b:91: b4:47:b2:ed:8b:25:1c:c4:fb:19:36:66:b3:97:3c: 33:26:e6:25:e1:16:eb:92:06:48:20:03:95:9e:91: 16:a3:73:6c:0d:01:b9:b7:c5:48:9e:43:d4:3b:b1: 3c:7e:a2:3f:a0:80:b6:c9:c3:36:c7:c2:b5:25:9d: 1a:62:43:8a:27:17:39:59:78:35:d4:c8:24:29:fa: 49:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:B2:A5:74:1A:A8:D8:58:48:A7:7C:C2:BD:37:28:40:FC:BC:B2:36 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 05:69:8f:7a:70:a4:42:40:61:8c:46:7b:45:b1:ca:8c:51:cc: 55:90:4d:43:7f:23:ac:49:00:11:bd:0c:7f:cc:27:01:bc:ec: 82:47:dc:4c:f7:b8:3d:60:59:3e:27:d4:ff:7a:75:e3:4c:ae: c1:85:89:67:04:63:b4:7e:46:c6:b2:b6:c1:79:db:be:99:31: 02:fc:83:9b:5d:84:d8:95:4b:eb:99:b2:bf:05:d3:54:ce:ae: 4b:02:10:02:c8:95:b0:43:6b:7e:d9:4e:fd:07:ef:5c:d3:22: 0e:55:88:8a:2b:56:58:38:63:f9:f6:61:a4:93:13:7f:bf:8c: d8:76:79:f2:16:85:60:a3:a3:d7:67:85:e7:e6:e8:9a:5f:f3: d2:11:b2:54:ab:76:5f:8c:a9:97:ec:08:a0:6c:df:4f:bd:b8: ce:9e:e8:33:d1:27:c1:4a:c1:bb:3f:ac:2c:7c:5b:63:cc:47: f9:5f:3e:9b:05:c7:cc:a7:ca:73:4e:f5:24:46:49:4c:38:79: 52:4d:0e:d1:47:51:5d:9c:c6:c9:7f:75:76:49:17:69:33:60: c7:27:14:73:c5:30:2d:8c:49:f4:61:d4:6b:2f:f4:da:ef:cc: 43:ce:00:2f:17:12:54:ab:46:47:bc:9b:25:ee:a7:46:0c:f2: f2:7c:f2:77 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEw3Lex+7FAYazJxDPixtclXzfaYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDcxNTAwMDAwNFoX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAODk5NzE0YzdkNTY2MmFmN2YyZDFi NzFlMjBiNGRiZTZkODM2MTAyMjQwZTU3YmE3MzU0NjkyMGQ3NjI1ZDVjZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw7+UFj9kiP9EpqKE6XZzAnHejvu S6k4Y6BcfLVSfCvoGLvJLXXm86x++sd5OefPf2o9qMXMRgy3e5/lS3VOLOynkJSk fY9AHK3U4YH2eQ0nANnrFCM6JHurSM/MI7X4q3QNX3bvThR4F8uBXIdEtc7lhUBv XO2slAQOrW4HhmKeuXKQZkBoWVlBzh9ANR2luAxjU6cwVH1k6cse1HhY7Dymq/eV 6dbbNFUGUvpIdB3hK5G0R7LtiyUcxPsZNmazlzwzJuYl4RbrkgZIIAOVnpEWo3Ns DQG5t8VInkPUO7E8fqI/oIC2ycM2x8K1JZ0aYkOKJxc5WXg11MgkKfpJ6QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFH+ypXQaqNhYSKd8wr03KED8vLI2MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQAFaY96cKRCQGGMRntFscqM UcxVkE1DfyOsSQARvQx/zCcBvOyCR9xM97g9YFk+J9T/enXjTK7BhYlnBGO0fkbG srbBedu+mTEC/IObXYTYlUvrmbK/BdNUzq5LAhACyJWwQ2t+2U79B+9c0yIOVYiK K1ZYOGP59mGkkxN/v4zYdnnyFoVgo6PXZ4Xn5uiaX/PSEbJUq3ZfjKmX7AigbN9P vbjOnugz0SfBSsG7P6wsfFtjzEf5Xz6bBcfMp8pzTvUkRklMOHlSTQ7RR1FdnMbJ f3V2SRdpM2DHJxRzxTAtjEn0YdRrL/Ta78xDzgAvFxJUq0ZHvJsl7qdGDPLyfPJ3 -----END CERTIFICATE-----Generated at Mon Aug 4 16:03:29 2025 by rpki-client