$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: gZg05veLlxnjeSzm9ZcxJK7VEcNF/WOJb9FwgblxY74= Subject key identifier: 9E:41:28:7A:F7:E7:E2:82:EC:49:85:D5:76:5C:D9:8B:9B:64:21:BE Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 313F645C8F501C7BA8D5868DF493C141FEF8A610 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Sat 07 Jun 2025 00:00:05 +0000 ROA not before: Sat 07 Jun 2025 00:00:05 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:3f:64:5c:8f:50:1c:7b:a8:d5:86:8d:f4:93:c1:41:fe:f8:a6:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jun 7 00:00:05 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=202d8366f8a2f40a421cefe3184d36bd66a1582d0db2b958d7574f6199324f9d, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:49:49:98:8b:de:ae:10:97:40:5a:32:a8:41: 98:37:66:6f:86:9c:ff:76:14:ac:e4:b7:7b:df:49: 2c:fd:43:e9:23:26:e6:de:38:ce:9d:b1:48:7a:cd: 92:75:4a:cf:60:a6:a6:e0:54:15:fa:0f:be:4b:66: 67:0f:c0:d9:4e:91:14:01:dc:8c:16:3d:56:61:15: bc:c9:ec:77:38:41:1f:61:f9:10:f8:49:38:a1:37: 77:a1:6f:fc:5c:39:07:60:0b:58:5d:f6:bc:db:48: 80:c9:1b:80:d1:66:b7:6f:4c:a4:e5:92:a9:4f:fa: 59:43:50:0f:a2:60:bc:7e:71:e6:f7:a0:24:64:ad: 97:d0:19:d6:50:d3:ff:d3:c2:d2:14:88:47:5e:a7: 23:99:19:00:e5:22:58:5c:6b:95:3d:c0:f4:dc:cb: 26:54:93:d4:9f:8b:2a:7e:e7:0c:5b:2b:8f:42:ed: 0d:e9:21:fe:d1:06:6d:6a:fe:b2:a3:e5:66:e9:c2: d3:56:71:8b:fa:04:d7:3c:e0:4f:c4:72:68:65:18: 57:1d:02:8f:c7:56:d6:73:29:34:d0:1c:fb:67:b0: 5f:e8:af:9c:ac:7f:98:42:03:6f:35:a3:87:8d:ed: 3d:9f:af:5c:95:39:5b:c2:35:c9:e6:52:ce:61:cb: 9d:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:41:28:7A:F7:E7:E2:82:EC:49:85:D5:76:5C:D9:8B:9B:64:21:BE X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption d6:68:6b:8f:d7:98:3b:70:2c:13:01:d7:50:91:dc:14:ce:3e: 0f:1b:84:ab:af:f7:af:e0:cf:52:a8:77:87:0c:7c:6b:91:a4: f6:85:ac:b8:b8:05:7c:a6:23:23:fd:98:9f:d4:fd:b8:12:37: 20:17:06:05:70:48:4a:18:28:11:90:d7:79:67:eb:82:57:4e: f4:9e:ae:9e:72:c3:39:ad:11:2a:70:9c:31:6d:af:c6:29:80: a2:95:3f:94:89:5d:80:d6:57:8e:da:7f:39:70:88:45:8a:54: 76:0e:6f:8c:8c:47:89:7c:4d:f4:22:ff:ec:49:a9:5c:2b:46: 1e:64:b3:aa:db:da:8e:92:c8:45:90:bf:bc:95:6a:c8:64:3a: 54:83:d6:10:a0:a8:ce:e6:c8:cb:5c:1b:82:4a:6c:ad:f9:94: 09:50:cd:4a:13:1d:75:b2:94:b3:0b:26:56:9b:25:a9:a8:96: d6:d4:d2:8d:b1:f0:ce:81:49:6b:f0:59:50:fb:56:48:c6:8c: f2:9c:ea:49:dd:4d:ea:9e:b9:6e:09:00:5d:d9:38:40:19:e7: 96:e0:cb:cd:5f:6d:4d:30:b6:c5:98:6d:b8:e3:a0:ff:2d:73: 2f:e6:9a:3d:6d:39:49:01:6a:28:bc:42:83:49:ea:68:67:02: 58:e8:50:1b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMT9kXI9QHHuo1YaN9JPBQf74phAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDYwNzAwMDAwNVoX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAMjAyZDgzNjZmOGEyZjQwYTQyMWNl ZmUzMTg0ZDM2YmQ2NmExNTgyZDBkYjJiOTU4ZDc1NzRmNjE5OTMyNGY5ZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0lJmIverhCXQFoyqEGYN2Zvhpz/ dhSs5Ld730ks/UPpIybm3jjOnbFIes2SdUrPYKam4FQV+g++S2ZnD8DZTpEUAdyM Fj1WYRW8yex3OEEfYfkQ+Ek4oTd3oW/8XDkHYAtYXfa820iAyRuA0Wa3b0yk5ZKp T/pZQ1APomC8fnHm96AkZK2X0BnWUNP/08LSFIhHXqcjmRkA5SJYXGuVPcD03Msm VJPUn4sqfucMWyuPQu0N6SH+0QZtav6yo+Vm6cLTVnGL+gTXPOBPxHJoZRhXHQKP x1bWcyk00Bz7Z7Bf6K+crH+YQgNvNaOHje09n69clTlbwjXJ5lLOYcudgQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJ5BKHr35+KC7EmF1XZc2YubZCG+MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQDWaGuP15g7cCwTAddQkdwU zj4PG4Srr/ev4M9SqHeHDHxrkaT2hay4uAV8piMj/Zif1P24EjcgFwYFcEhKGCgR kNd5Z+uCV070nq6ecsM5rREqcJwxba/GKYCilT+UiV2A1leO2n85cIhFilR2Dm+M jEeJfE30Iv/sSalcK0YeZLOq29qOkshFkL+8lWrIZDpUg9YQoKjO5sjLXBuCSmyt +ZQJUM1KEx11spSzCyZWmyWpqJbW1NKNsfDOgUlr8FlQ+1ZIxozynOpJ3U3qnrlu CQBd2ThAGeeW4MvNX21NMLbFmG2446D/LXMv5po9bTlJAWoovEKDSepoZwJY6FAb -----END CERTIFICATE-----Generated at Sat Jun 14 06:19:16 2025 by rpki-client