$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa File: 0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa (raw, json) Hash identifier: 8d7VQ3PBpHm44/wpehsB6kmmSs8vtomgOF8r2r+AehI= Subject key identifier: EC:85:AB:A9:CE:78:DF:6E:3E:2C:45:BF:09:BF:CF:FB:BA:90:55:57 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 50C43D765745385EAE50DAA3CA23B26DFCC3F979 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa Signing time: Sat 09 Aug 2025 00:00:17 +0000 ROA not before: Sat 09 Aug 2025 00:00:17 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:c4:3d:76:57:45:38:5e:ae:50:da:a3:ca:23:b2:6d:fc:c3:f9:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 9 00:00:17 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=e6ce1ae3fa9b6dbe9ca07a18d6c001f1acffb62992f9d5ed93f86e002aa87134, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7a:be:8d:b7:be:9c:b1:c6:1a:5f:d1:66:31: 54:da:c7:af:db:42:59:f8:33:96:c1:2c:e5:6c:31: 87:79:aa:fb:9d:21:96:83:2e:81:f3:a7:72:ad:32: db:82:04:e2:ba:56:6f:cb:c0:b8:34:0a:b2:85:7c: 3b:33:8e:19:45:1d:61:2d:61:44:db:9a:03:3a:2f: 7b:8f:d4:9e:0d:a7:6d:e6:92:da:0a:54:6a:36:b4: 26:e6:43:46:00:f8:b6:77:5d:91:d5:a9:5d:5a:59: 4f:c1:57:50:d7:24:c1:6c:25:8a:f0:64:2f:36:8a: 5f:ed:bb:8d:43:48:a0:41:69:b1:e6:b0:99:88:8a: be:58:b6:e2:86:d9:44:1e:6c:44:61:05:0f:40:f4: db:6e:ee:6a:6f:e6:59:40:35:c9:04:83:82:72:5a: 13:c6:49:97:c9:79:16:c5:03:e0:f8:84:72:8b:36: 6a:3e:dd:ab:3c:d9:2b:9d:c1:f5:b2:42:f1:2d:71: 76:2d:fe:d3:6f:a9:5e:6a:54:ab:54:69:b1:c6:76: e5:b0:55:22:4c:fa:fc:18:98:0c:d9:c7:a6:ef:db: 4c:50:fc:ba:db:3c:5a:5f:86:d5:ba:e2:f3:9f:a0: 64:99:67:e4:5e:6f:21:12:c2:82:74:cb:b2:96:b9: 43:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:85:AB:A9:CE:78:DF:6E:3E:2C:45:BF:09:BF:CF:FB:BA:90:55:57 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.0.0/15 Signature Algorithm: sha256WithRSAEncryption 98:dc:f9:5b:7d:5c:ea:ee:bd:41:1b:d6:cb:87:63:9f:ee:68: c4:6a:47:7a:51:c2:62:06:6a:3e:5c:eb:3e:c2:84:74:22:d8: ab:5b:2a:a3:83:a7:53:5f:c1:e0:ef:cd:b2:11:f9:09:1f:14: fc:7a:fc:56:f7:55:5e:48:f1:8e:da:11:f9:b6:14:ba:ca:f2: 09:d8:5b:d4:1e:64:7f:7d:7e:35:4b:5d:3f:f0:1d:f2:a9:0e: 24:60:55:13:83:fa:e2:43:84:cb:d5:df:74:2c:93:40:a7:98: a5:3d:e5:1c:a3:69:06:7a:46:81:93:78:5e:b1:3c:18:63:ad: d9:9f:fb:3d:1a:37:fe:87:04:d3:0d:cd:6b:85:bb:c1:73:5a: e3:fc:94:4f:1a:2c:1a:bd:14:a7:f4:0e:db:74:4d:da:5c:7a: e3:25:5f:60:a1:e7:26:4f:e8:b3:a5:e4:7d:87:51:84:b2:2b: d5:a9:f7:63:60:32:d6:cb:9e:6f:e1:b3:89:f7:95:ed:35:92: 19:65:cf:5a:2e:c4:ba:97:d5:05:75:9f:cd:4a:21:2f:46:f7: 1e:eb:66:e2:e9:c0:c8:45:05:e6:28:82:ea:6a:ad:4b:20:a4: b0:c5:01:1c:ae:7c:33:25:0a:7c:79:ba:d6:3c:1c:7a:fd:f4: 59:e2:4e:f4 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUUMQ9dldFOF6uUNqjyiOybfzD+XkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwOTAwMDAxN1oX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNAZTZjZTFhZTNmYTliNmRiZTljYTA3 YTE4ZDZjMDAxZjFhY2ZmYjYyOTkyZjlkNWVkOTNmODZlMDAyYWE4NzEzNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3q+jbe+nLHGGl/RZjFU2sev20JZ +DOWwSzlbDGHear7nSGWgy6B86dyrTLbggTiulZvy8C4NAqyhXw7M44ZRR1hLWFE 25oDOi97j9SeDadt5pLaClRqNrQm5kNGAPi2d12R1aldWllPwVdQ1yTBbCWK8GQv Nopf7buNQ0igQWmx5rCZiIq+WLbihtlEHmxEYQUPQPTbbu5qb+ZZQDXJBIOCcloT xkmXyXkWxQPg+IRyizZqPt2rPNkrncH1skLxLXF2Lf7Tb6lealSrVGmxxnblsFUi TPr8GJgM2cem79tMUPy62zxaX4bVuuLzn6BkmWfkXm8hEsKCdMuylrlDXQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFOyFq6nOeN9uPixFvwm/z/u6kFVXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAzODRjOTQzLWQwYWMtNGQ0Yy1iNWMzLWE2NzBjN2UzM2M1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9gwDQYJKoZIhvcNAQELBQADggEBAJjc+Vt9XOruvUEb1suHY5/u aMRqR3pRwmIGaj5c6z7ChHQi2KtbKqODp1NfweDvzbIR+QkfFPx6/Fb3VV5I8Y7a Efm2FLrK8gnYW9QeZH99fjVLXT/wHfKpDiRgVROD+uJDhMvV33Qsk0CnmKU95Ryj aQZ6RoGTeF6xPBhjrdmf+z0aN/6HBNMNzWuFu8FzWuP8lE8aLBq9FKf0Dtt0Tdpc euMlX2Ch5yZP6LOl5H2HUYSyK9Wp92NgMtbLnm/hs4n3le01khllz1ouxLqX1QV1 n81KIS9G9x7rZuLpwMhFBeYogupqrUsgpLDFARyufDMlCnx5utY8HHr99FniTvQ= -----END CERTIFICATE-----Generated at Sat Aug 23 06:44:35 2025 by rpki-client