$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: 8jtITmxQcgFTuPUfGNxD1XR3U6nEqKJ9eCaGL9uv2iI= Subject key identifier: 15:C9:C6:D4:A5:49:41:D1:B8:53:E0:28:93:AC:B9:7B:70:3E:AD:C1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 16DD6C4CE30E9BDA90AEDF0EF150F5C706CAC154 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Wed 16 Jul 2025 00:00:04 +0000 ROA not before: Wed 16 Jul 2025 00:00:04 +0000 ROA not after: Wed 20 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:dd:6c:4c:e3:0e:9b:da:90:ae:df:0e:f1:50:f5:c7:06:ca:c1:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jul 16 00:00:04 2025 GMT Not After : Aug 20 23:59:59 2025 GMT Subject: serialNumber=c2b9aa80b82cd2517e86720647e631e76576ccf95c7a299a851978666d0d8cc2, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:a1:d1:65:bd:af:94:04:0f:b0:fd:b3:d5:fa: 3a:09:89:a7:52:1f:93:ca:37:2f:58:61:58:fd:1e: 50:41:08:03:e8:c9:95:d6:15:87:ec:90:31:b6:a0: 70:04:f0:0a:1c:15:5f:30:c2:8f:4f:39:04:32:42: 22:36:00:c1:d6:4f:31:73:45:56:aa:41:40:0a:b9: 83:8d:40:38:7d:2a:cc:af:92:f9:c4:90:44:14:0a: c9:13:94:c3:4c:5f:db:f2:97:52:9b:1c:cc:a9:87: d2:b1:0b:65:7b:d3:39:7c:74:b4:8c:1e:87:37:67: d2:3b:3c:1c:e9:3e:9e:c5:16:11:11:c6:e1:46:e1: fd:5e:98:15:1e:df:f7:2f:a8:e3:4e:55:03:18:66: 08:51:0d:ef:80:48:c2:e0:97:9a:c4:9b:46:a2:e7: ea:4f:f7:9a:6b:b6:7b:52:65:e5:cf:f0:48:dc:10: e3:3d:78:47:e6:98:d0:f0:c1:85:12:8c:b9:0e:fe: 72:71:32:d0:99:b9:e4:b2:6b:f4:ed:1d:7c:04:e0: c9:9a:b1:ec:df:62:20:64:79:2b:01:50:3e:c2:b5: a2:31:52:46:e3:67:77:32:b2:6b:1d:3a:ef:28:a8: eb:f4:55:7e:9e:98:85:12:16:04:79:18:5a:76:c3: f1:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:C9:C6:D4:A5:49:41:D1:B8:53:E0:28:93:AC:B9:7B:70:3E:AD:C1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 4c:1d:ea:0c:0b:ec:b6:5f:d2:5c:16:ed:e3:07:ad:6b:a0:76: 9e:7c:2e:ac:6c:f2:f6:c2:72:99:5f:d4:2e:6a:86:c8:62:f9: b0:ea:5f:96:d3:a7:f4:62:e0:51:13:d7:5d:1c:f0:64:31:15: 7b:84:5e:ae:c3:5e:c2:21:8b:1a:d1:9b:1d:4d:10:73:39:47: 68:fb:29:ea:49:ed:0c:fb:03:b8:ad:ac:93:e8:dd:d1:24:7d: bc:78:1a:52:22:51:53:85:3c:43:4f:9f:16:90:3b:28:55:23: 55:f8:72:9d:33:5f:59:1e:6b:c3:b8:62:1c:71:a8:d1:53:a9: 08:43:86:60:58:e7:ba:b7:1b:9f:06:14:8f:58:09:79:6b:5e: df:85:34:48:0e:71:f8:ac:ef:1e:d9:3c:e5:c2:6f:37:0a:d0: 58:76:c5:bc:73:72:8e:a1:72:3b:ea:4d:37:00:b3:b6:8d:e9: ad:3a:b1:1f:55:82:27:9e:96:9a:79:42:a9:95:0b:a3:3a:20: 0f:5e:ee:fa:86:32:64:aa:72:f5:58:75:55:8c:76:0d:b5:d6: 23:29:64:08:a7:71:60:ce:51:05:bc:f7:bc:f6:d8:16:3d:37: d3:43:59:af:c0:a7:72:3d:d9:05:fc:cf:43:43:00:34:0c:6c: 6d:75:f7:2b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFt1sTOMOm9qQrt8O8VD1xwbKwVQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDcxNjAwMDAwNFoX DTI1MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAYzJiOWFhODBiODJjZDI1MTdlODY3 MjA2NDdlNjMxZTc2NTc2Y2NmOTVjN2EyOTlhODUxOTc4NjY2ZDBkOGNjMjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaHRZb2vlAQPsP2z1fo6CYmnUh+T yjcvWGFY/R5QQQgD6MmV1hWH7JAxtqBwBPAKHBVfMMKPTzkEMkIiNgDB1k8xc0VW qkFACrmDjUA4fSrMr5L5xJBEFArJE5TDTF/b8pdSmxzMqYfSsQtle9M5fHS0jB6H N2fSOzwc6T6exRYREcbhRuH9XpgVHt/3L6jjTlUDGGYIUQ3vgEjC4JeaxJtGoufq T/eaa7Z7UmXlz/BI3BDjPXhH5pjQ8MGFEoy5Dv5ycTLQmbnksmv07R18BODJmrHs 32IgZHkrAVA+wrWiMVJG42d3MrJrHTrvKKjr9FV+npiFEhYEeRhadsPxNwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBXJxtSlSUHRuFPgKJOsuXtwPq3BMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQBMHeoMC+y2X9JcFu3jB61r oHaefC6sbPL2wnKZX9QuaobIYvmw6l+W06f0YuBRE9ddHPBkMRV7hF6uw17CIYsa 0ZsdTRBzOUdo+ynqSe0M+wO4rayT6N3RJH28eBpSIlFThTxDT58WkDsoVSNV+HKd M19ZHmvDuGIccajRU6kIQ4ZgWOe6txufBhSPWAl5a17fhTRIDnH4rO8e2Tzlwm83 CtBYdsW8c3KOoXI76k03ALO2jemtOrEfVYInnpaaeUKplQujOiAPXu76hjJkqnL1 WHVVjHYNtdYjKWQIp3FgzlEFvPe89tgWPTfTQ1mvwKdyPdkF/M9DQwA0DGxtdfcr -----END CERTIFICATE-----Generated at Mon Aug 4 21:37:34 2025 by rpki-client