$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json) Hash identifier: V/7m5yE+CCJeT/nKdukf9a+x/FN2cTA8qHx6R6yG9Jc= Subject key identifier: 2A:3F:C8:F1:E8:FF:D2:8C:1A:D1:08:1C:1C:80:FF:33:82:9E:C8:DF Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 527C076D1FCC565204BC87361F7B7AFA16FC0011 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa Signing time: Sat 02 Aug 2025 00:00:04 +0000 ROA not before: Sat 02 Aug 2025 00:00:04 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:7c:07:6d:1f:cc:56:52:04:bc:87:36:1f:7b:7a:fa:16:fc:00:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:04 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=71c3c4d0c755e9c5be22c6c96b196dafe453ac6811d7f719ec242ac16019f4ec, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:ce:19:79:c2:d6:eb:44:d1:9e:4d:eb:2f:4b: 1c:f3:1d:49:1e:b2:bc:fc:b7:d8:ef:28:d7:d1:0c: 16:51:07:c9:fb:fd:5c:ad:3a:d5:4d:8a:53:95:1c: fb:e6:4d:56:6c:34:91:1b:f4:e7:94:04:d2:af:21: f7:e4:ba:c4:fb:cc:c2:b7:fd:47:fc:c3:d9:1c:c2: 22:7c:54:f8:63:d1:d6:60:01:3d:eb:a4:9f:e0:e9: ef:c0:af:04:ec:98:43:6a:4c:cf:13:aa:1f:98:e0: 67:b8:6e:91:a4:53:16:90:f9:79:85:07:3f:0d:2a: 50:6e:4a:50:3e:79:15:ce:30:32:ac:a0:66:39:d0: cb:ea:52:5b:74:b0:04:dc:fa:a8:a3:3e:65:ac:34: 20:98:d9:1a:fd:48:b2:ad:55:85:35:88:ee:47:2d: 94:7f:d0:a2:11:18:34:2a:d1:6e:86:c6:33:72:57: ad:d4:ce:4c:c5:36:8a:9c:17:28:7c:34:bb:6f:d6: 64:3e:27:c3:52:d8:73:f5:1b:31:38:f0:9d:38:61: e4:af:73:75:9e:33:f2:68:ed:0a:e0:e0:d7:d0:3d: 22:fa:19:da:92:0b:cc:d2:7f:bd:04:79:2d:65:4a: 05:cd:94:99:55:f5:14:6d:78:57:db:c1:e3:e0:b7: 63:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:3F:C8:F1:E8:FF:D2:8C:1A:D1:08:1C:1C:80:FF:33:82:9E:C8:DF X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 36:9f:d5:58:38:1e:e7:54:06:3c:8b:7c:a8:55:7e:b2:dd:6b: 09:71:c6:9b:ca:f0:0d:0f:76:fc:46:d8:9b:87:6e:a6:34:80: df:ab:00:35:b2:f8:f5:b5:16:4d:87:18:ac:bc:7b:72:ef:e2: 8c:9d:28:fe:17:75:88:3d:d8:8d:5e:00:10:2b:53:16:79:97: a2:20:4c:78:ee:53:63:39:8c:61:2f:d4:de:3f:fb:5e:75:59: 9a:40:3e:cc:1b:14:a8:98:20:e6:da:3a:6b:0a:39:95:44:56: a6:a4:89:e4:8f:d0:47:33:e7:c1:e7:9c:26:db:1f:ed:7e:d7: 99:2b:00:4a:4e:c4:a7:ec:52:51:6f:fa:48:c5:85:e8:a3:1f: c7:62:55:3e:eb:7e:f0:aa:6f:44:e4:59:ef:69:f5:21:4d:af: a0:18:9a:25:44:a4:c3:b3:ef:f2:cf:4c:a0:4c:ae:ad:d9:40: 9a:ce:8d:21:92:a9:1f:c6:58:f2:8f:b9:64:09:a4:b9:50:ba: 6d:62:7f:0c:7b:62:18:a4:6a:e0:65:fb:e7:99:90:f4:c8:62: 6c:70:6c:ab:61:b9:aa:45:fa:88:a4:5b:d2:1c:20:51:40:1c: 4f:08:4b:dc:21:ac:c6:a3:16:0f:80:cb:b9:0c:ca:23:df:80: 7a:e2:d0:11 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUnwHbR/MVlIEvIc2H3t6+hb8ABEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAwNFoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNANzFjM2M0ZDBjNzU1ZTljNWJlMjJj NmM5NmIxOTZkYWZlNDUzYWM2ODExZDdmNzE5ZWMyNDJhYzE2MDE5ZjRlYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA184ZecLW60TRnk3rL0sc8x1JHrK8 /LfY7yjX0QwWUQfJ+/1crTrVTYpTlRz75k1WbDSRG/TnlATSryH35LrE+8zCt/1H /MPZHMIifFT4Y9HWYAE966Sf4OnvwK8E7JhDakzPE6ofmOBnuG6RpFMWkPl5hQc/ DSpQbkpQPnkVzjAyrKBmOdDL6lJbdLAE3Pqooz5lrDQgmNka/UiyrVWFNYjuRy2U f9CiERg0KtFuhsYzclet1M5MxTaKnBcofDS7b9ZkPifDUthz9RsxOPCdOGHkr3N1 njPyaO0K4ODX0D0i+hnakgvM0n+9BHktZUoFzZSZVfUUbXhX28Hj4Ldj4wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCo/yPHo/9KMGtEIHByA/zOCnsjfMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQA2n9VYOB7nVAY8i3yoVX6y 3WsJccabyvAND3b8Rtibh26mNIDfqwA1svj1tRZNhxisvHty7+KMnSj+F3WIPdiN XgAQK1MWeZeiIEx47lNjOYxhL9TeP/tedVmaQD7MGxSomCDm2jprCjmVRFampInk j9BHM+fB55wm2x/tfteZKwBKTsSn7FJRb/pIxYXoox/HYlU+637wqm9E5FnvafUh Ta+gGJolRKTDs+/yz0ygTK6t2UCazo0hkqkfxljyj7lkCaS5ULptYn8Me2IYpGrg ZfvnmZD0yGJscGyrYbmqRfqIpFvSHCBRQBxPCEvcIazGoxYPgMu5DMoj34B64tAR -----END CERTIFICATE-----Generated at Mon Aug 4 14:42:07 2025 by rpki-client