$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa File: 0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa (raw, json) Hash identifier: fs2YIwrUugRheBeW76QaFuEMUQ6xwM5r304PEJet/XE= Subject key identifier: 13:74:9B:3A:F8:95:8F:E0:DB:55:BE:51:D1:0A:BF:05:C3:61:9C:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A5E401AA1AB3EE006A9F3290497D297B3A7D693 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa Signing time: Fri 20 Jun 2025 00:00:08 +0000 ROA not before: Fri 20 Jun 2025 00:00:08 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:5e:40:1a:a1:ab:3e:e0:06:a9:f3:29:04:97:d2:97:b3:a7:d6:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 20 00:00:08 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=889f6d0865e89bdd849a4396264b32368619d86e3051bcd07d99ee98eb219409, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a8:09:7a:90:e7:dc:b4:30:8b:4c:36:6e:80: ad:4d:e6:42:30:10:6c:43:aa:cc:99:73:c9:73:cf: c1:8d:a4:39:1a:2c:75:00:17:1d:04:98:76:18:68: 77:12:f7:77:43:ca:b7:eb:a5:e5:be:0b:4d:be:ff: b4:75:f9:87:d8:a5:0f:33:97:6b:9e:fc:ed:2d:ca: 7c:ac:3e:38:7e:1d:83:19:71:00:e1:80:c6:f3:c8: 61:e0:e3:03:48:f5:28:fd:f9:44:9f:14:e2:5a:aa: 4f:6b:70:0a:a8:0f:fd:23:2e:1b:48:41:58:06:90: f1:05:b0:e7:3e:54:f5:38:e2:e5:60:5f:92:10:b5: d6:02:08:d2:3e:c2:9a:8d:1b:36:cf:1c:1e:58:b7: d7:1c:c4:76:90:6a:23:6e:5b:fc:99:f2:9f:40:84: 1f:43:c9:dc:4d:b2:2c:46:b0:fb:3a:a2:f0:93:c0: fa:c3:d0:16:cf:f7:87:07:4f:3e:b3:ea:a7:41:5d: 2d:6a:27:64:64:5e:6a:e2:82:40:fc:5c:66:5a:c7: 0c:05:3d:ee:2b:8d:0a:ab:a3:2f:51:6e:77:08:81: 76:7b:8c:7b:be:b4:76:06:4c:a8:d9:c0:0a:5a:1e: 87:39:a0:a3:b1:8c:9f:74:ef:6a:de:bb:23:c8:ce: 28:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:74:9B:3A:F8:95:8F:E0:DB:55:BE:51:D1:0A:BF:05:C3:61:9C:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.0.0/15 Signature Algorithm: sha256WithRSAEncryption b5:32:d9:ad:b0:ab:2d:39:fd:bd:02:5c:b0:db:1f:7a:8d:80: 92:6b:5c:01:c1:fa:51:95:70:20:c6:12:d0:7c:bb:bd:6b:13: a1:18:cd:b9:69:bc:51:15:d0:e2:a8:05:68:ef:36:67:0f:a8: c3:91:95:36:d2:ef:e4:85:38:9e:20:87:f9:92:ef:08:19:77: eb:90:84:41:72:cf:7c:0a:b8:b4:f4:2e:05:c5:37:3e:e3:07: 0d:b5:59:16:94:5d:86:61:8c:ce:7a:65:fc:a9:b3:64:8d:bf: 8d:10:2c:f8:34:80:6b:5b:45:21:2e:75:d9:7f:fb:39:bf:7a: 0f:2e:2d:62:dc:56:66:c1:ff:31:2a:1a:a5:b6:6a:9b:06:84: 96:9e:88:7d:89:22:d1:5b:13:56:88:6d:63:75:02:49:fb:f8: 00:97:03:6d:81:50:78:1b:71:ce:b6:13:03:2c:a3:aa:92:b6: 6f:f6:e5:2b:e4:49:aa:8f:4c:41:ec:2b:ea:a9:69:2b:a3:d2: 46:91:62:c3:2e:50:30:3c:d2:b1:cf:2d:a7:eb:44:e2:a7:27: e0:f0:7f:ac:73:92:86:44:b9:16:e6:0d:b8:90:99:81:99:59: 86:19:22:ff:bc:ee:78:3d:d2:2a:1a:36:f8:a2:ac:3d:75:c1: be:f3:ae:60 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUOl5AGqGrPuAGqfMpBJfSl7On1pMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyMDAwMDAwOFoX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNAODg5ZjZkMDg2NWU4OWJkZDg0OWE0 Mzk2MjY0YjMyMzY4NjE5ZDg2ZTMwNTFiY2QwN2Q5OWVlOThlYjIxOTQwOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxagJepDn3LQwi0w2boCtTeZCMBBs Q6rMmXPJc8/BjaQ5Gix1ABcdBJh2GGh3Evd3Q8q366XlvgtNvv+0dfmH2KUPM5dr nvztLcp8rD44fh2DGXEA4YDG88hh4OMDSPUo/flEnxTiWqpPa3AKqA/9Iy4bSEFY BpDxBbDnPlT1OOLlYF+SELXWAgjSPsKajRs2zxweWLfXHMR2kGojblv8mfKfQIQf Q8ncTbIsRrD7OqLwk8D6w9AWz/eHB08+s+qnQV0taidkZF5q4oJA/FxmWscMBT3u K40Kq6MvUW53CIF2e4x7vrR2Bkyo2cAKWh6HOaCjsYyfdO9q3rsjyM4oFQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFBN0mzr4lY/g21W+UdEKvwXDYZxZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAzODRjOTQzLWQwYWMtNGQ0Yy1iNWMzLWE2NzBjN2UzM2M1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9gwDQYJKoZIhvcNAQELBQADggEBALUy2a2wqy05/b0CXLDbH3qN gJJrXAHB+lGVcCDGEtB8u71rE6EYzblpvFEV0OKoBWjvNmcPqMORlTbS7+SFOJ4g h/mS7wgZd+uQhEFyz3wKuLT0LgXFNz7jBw21WRaUXYZhjM56Zfyps2SNv40QLPg0 gGtbRSEuddl/+zm/eg8uLWLcVmbB/zEqGqW2apsGhJaeiH2JItFbE1aIbWN1Akn7 +ACXA22BUHgbcc62EwMso6qStm/25SvkSaqPTEHsK+qpaSuj0kaRYsMuUDA80rHP LafrROKnJ+Dwf6xzkoZEuRbmDbiQmYGZWYYZIv+87ng90ioaNviirD11wb7zrmA= -----END CERTIFICATE-----Generated at Sun Jun 29 03:07:04 2025 by rpki-client