$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: Q0EtPntghfx8+ADDUWnuWTFrTDM7wTJyYoojeo1TxHI= Subject key identifier: BC:AF:FB:EA:4C:3B:22:D2:DA:EF:62:41:0E:39:83:E7:81:AB:03:F9 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4D47F946882F6EF6F95D7A04AE1D2C70BD9195F7 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Mon 28 Jul 2025 15:00:03 +0000 ROA not before: Mon 28 Jul 2025 15:00:03 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:47:f9:46:88:2f:6e:f6:f9:5d:7a:04:ae:1d:2c:70:bd:91:95:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Jul 28 15:00:03 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=79af84c3a603296fbf624fbf7f604b3606643b722c40c45446b9cb4be307fb55, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d8:fa:a6:60:36:7d:de:0c:6f:9c:50:33:8c: f0:e9:dd:4a:12:31:18:7b:12:8f:f8:d4:ab:a5:87: 31:b5:6b:5b:ff:8d:8e:ba:95:a0:4b:6b:11:51:15: c6:90:66:0a:e2:be:db:9c:61:be:70:d1:17:91:5b: bc:b8:d2:a3:e0:98:a5:1a:83:b2:9e:03:d1:7a:1f: 9a:03:0b:47:6d:78:26:22:02:7b:f4:3e:f0:e1:8d: f7:c2:e4:14:be:0a:09:74:37:35:01:eb:31:a4:61: df:e3:94:05:9e:80:c1:89:0f:9b:df:8a:89:fc:28: 20:1b:f7:ef:49:57:88:4e:7d:65:25:aa:4a:93:55: a9:42:79:05:4c:0b:17:7e:5e:67:5d:83:e4:37:95: 81:fb:6b:d1:88:e2:00:96:b3:5f:1e:1b:7e:3e:3f: 32:b0:f5:d6:9f:5c:ef:fe:ea:d3:17:9a:c3:71:c5: d6:3a:8e:d4:61:c1:49:bd:f4:d4:45:48:2c:2a:a6: 9a:97:03:3e:71:bb:bf:e2:f2:fe:67:53:bb:56:ab: 3b:39:f1:da:ea:6f:a9:38:02:41:70:aa:9d:e9:94: f3:a8:be:a2:e1:45:a1:b8:ce:7f:ed:a0:ae:91:86: 17:d8:48:cc:84:70:c2:d4:e0:46:3c:d1:21:a4:4b: e1:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:AF:FB:EA:4C:3B:22:D2:DA:EF:62:41:0E:39:83:E7:81:AB:03:F9 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption ce:4b:3b:9f:fe:14:bc:a5:3b:5f:ee:e1:3b:70:54:d5:99:af: 51:3b:a4:92:6f:d4:13:1d:76:0f:b9:98:65:02:af:84:a5:af: 7d:60:4b:72:17:05:a1:8e:bd:59:2b:50:ef:e2:13:5a:47:85: 17:97:5b:3d:68:13:87:d1:64:1c:49:82:f5:62:44:45:d2:72: aa:3c:57:45:c9:2a:2c:4a:05:d5:90:b9:5c:ae:8d:9a:99:80: 19:68:9d:5c:98:e8:ce:2c:0f:d8:53:f1:47:85:2f:e9:ff:b9: 0e:41:09:cd:45:29:5d:f6:6d:32:bd:8c:87:f8:10:76:60:b4: 77:9e:bf:89:70:dd:50:d8:e3:07:b6:75:15:c6:0c:a9:1c:54: 3a:c2:66:ac:ff:94:d5:de:8f:79:a4:fa:9f:37:59:08:21:9c: fe:a8:a2:dc:54:39:b6:41:b6:58:72:58:5d:df:cf:26:a5:73: 9c:f0:69:68:dc:10:92:10:c1:c8:a0:d6:e1:14:73:e0:5d:fc: 90:56:9d:8c:d7:13:40:74:2e:e1:ff:0f:91:ab:5b:4a:6b:14: 39:e9:74:48:94:aa:c1:7d:bf:b9:24:5e:64:4f:c1:ad:51:69: e7:e0:91:5b:4c:f7:52:98:4b:09:9c:02:80:80:59:bc:a5:8c: 86:61:c5:8b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTUf5Rogvbvb5XXoErh0scL2RlfcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDcyODE1MDAwM1oX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNANzlhZjg0YzNhNjAzMjk2ZmJmNjI0 ZmJmN2Y2MDRiMzYwNjY0M2I3MjJjNDBjNDU0NDZiOWNiNGJlMzA3ZmI1NTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutj6pmA2fd4Mb5xQM4zw6d1KEjEY exKP+NSrpYcxtWtb/42OupWgS2sRURXGkGYK4r7bnGG+cNEXkVu8uNKj4JilGoOy ngPReh+aAwtHbXgmIgJ79D7w4Y33wuQUvgoJdDc1AesxpGHf45QFnoDBiQ+b34qJ /CggG/fvSVeITn1lJapKk1WpQnkFTAsXfl5nXYPkN5WB+2vRiOIAlrNfHht+Pj8y sPXWn1zv/urTF5rDccXWOo7UYcFJvfTURUgsKqaalwM+cbu/4vL+Z1O7Vqs7OfHa 6m+pOAJBcKqd6ZTzqL6i4UWhuM5/7aCukYYX2EjMhHDC1OBGPNEhpEvhOwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLyv++pMOyLS2u9iQQ45g+eBqwP5MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQDOSzuf/hS8pTtf7uE7cFTV ma9RO6SSb9QTHXYPuZhlAq+Epa99YEtyFwWhjr1ZK1Dv4hNaR4UXl1s9aBOH0WQc SYL1YkRF0nKqPFdFySosSgXVkLlcro2amYAZaJ1cmOjOLA/YU/FHhS/p/7kOQQnN RSld9m0yvYyH+BB2YLR3nr+JcN1Q2OMHtnUVxgypHFQ6wmas/5TV3o95pPqfN1kI IZz+qKLcVDm2QbZYclhd388mpXOc8Glo3BCSEMHIoNbhFHPgXfyQVp2M1xNAdC7h /w+Rq1tKaxQ56XRIlKrBfb+5JF5kT8GtUWnn4JFbTPdSmEsJnAKAgFm8pYyGYcWL -----END CERTIFICATE-----Generated at Mon Aug 4 15:05:39 2025 by rpki-client