$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa File: 0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa (raw, json) Hash identifier: NXjWuIvuSJOy73V0qCyWA98FBfpRlmZReki46rZXBlA= Subject key identifier: 68:95:3C:0D:FA:47:25:FA:F6:74:FD:CD:38:2F:3B:5C:77:F3:6B:F9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2C02A96031AC5409A8B2C423DA0289F7255B5368 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa Signing time: Sat 28 Jun 2025 00:00:24 +0000 ROA not before: Sat 28 Jun 2025 00:00:24 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:02:a9:60:31:ac:54:09:a8:b2:c4:23:da:02:89:f7:25:5b:53:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:24 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=196171abf1ebfa7c309b01b37ba278dc0086a04ee2d98d4e33ab470a86c73c02, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:37:e3:ee:d8:eb:6d:09:a1:36:87:6d:50:04: 62:47:4d:10:98:3b:fe:9e:b8:e1:24:ae:74:e1:8e: a4:5e:c3:07:a5:0b:5d:5c:4f:9f:28:3b:15:eb:91: 46:1c:b6:22:07:56:40:48:a2:c4:cf:3a:2b:fd:6d: 69:6d:98:3b:bd:1f:62:e5:58:35:e4:b0:e0:10:5d: 55:c1:aa:fc:03:a9:e8:3f:cc:4c:eb:99:00:eb:36: e4:80:01:ee:83:8c:9d:c8:b8:85:64:6d:b2:ae:b6: de:d5:19:f8:8c:53:13:00:a1:ea:80:20:0a:82:ac: ce:2d:a0:77:87:16:ce:69:8d:07:8e:cb:d7:a7:b0: 82:35:f5:85:d5:14:b7:f2:b1:39:6d:be:2c:15:81: 33:3e:59:d8:fb:b9:5e:e1:7b:1a:15:8f:24:df:6a: 61:5c:41:b8:71:c0:c9:99:a6:8e:d9:76:9c:b0:0f: 66:0b:e2:18:ad:25:96:34:57:4e:c0:c4:db:3f:ce: 5c:7a:23:48:e0:e0:e3:b1:83:b9:7a:89:0c:7e:37: c6:14:bb:18:73:0c:60:7f:5d:66:50:6c:34:70:21: 42:44:57:76:61:12:c4:2a:9f:1f:85:0c:ed:18:e1: 9a:f9:4b:81:ea:28:15:dc:d6:02:06:14:f4:31:ee: 02:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:95:3C:0D:FA:47:25:FA:F6:74:FD:CD:38:2F:3B:5C:77:F3:6B:F9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.66.0/24 Signature Algorithm: sha256WithRSAEncryption 4c:22:9d:70:d9:74:ab:17:5c:3a:1b:af:10:31:9b:b6:00:27: 12:a3:24:00:50:92:7c:3c:94:cb:84:d4:89:b2:6e:eb:6d:e9: 04:50:43:d2:ad:8a:20:ca:4f:d9:b4:db:c8:1f:91:b6:bc:00: 0c:ec:e8:4e:81:6a:e4:0e:40:4e:6e:7c:7a:35:b2:ec:ef:5b: 00:95:5b:e0:22:8a:8c:21:30:f7:22:77:77:4d:80:6a:17:92: ab:22:da:13:00:ad:68:57:9e:1c:5b:49:c3:a8:71:84:98:29: 9c:60:96:0b:59:ad:3c:89:1d:30:06:5e:04:ed:df:50:2f:65: 74:7c:12:f3:8d:58:96:14:87:8c:de:85:a6:57:a8:e6:fe:29: af:b6:11:fa:14:14:b1:fd:f1:43:ad:07:d3:e7:b6:58:e1:9c: 18:04:ff:31:67:0a:7f:37:71:6c:cb:04:a6:5d:f1:ac:a2:ac: 22:b3:c7:a7:6f:2e:ee:f1:0b:00:ef:de:43:2c:be:b8:1e:a9: e5:c9:13:3a:65:0e:60:e2:8b:a9:a4:6c:91:1c:88:08:64:63: 69:93:c5:c1:3c:b9:7e:b6:c9:85:9c:a9:d6:77:b7:5b:5a:9b: d0:5a:d6:a7:86:07:ed:3d:f2:47:7e:66:3d:24:2b:e6:c9:64: 76:dd:57:fc -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULAKpYDGsVAmossQj2gKJ9yVbU2gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDAyNFoX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAMTk2MTcxYWJmMWViZmE3YzMwOWIw MWIzN2JhMjc4ZGMwMDg2YTA0ZWUyZDk4ZDRlMzNhYjQ3MGE4NmM3M2MwMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDfj7tjrbQmhNodtUARiR00QmDv+ nrjhJK504Y6kXsMHpQtdXE+fKDsV65FGHLYiB1ZASKLEzzor/W1pbZg7vR9i5Vg1 5LDgEF1Vwar8A6noP8xM65kA6zbkgAHug4ydyLiFZG2yrrbe1Rn4jFMTAKHqgCAK gqzOLaB3hxbOaY0HjsvXp7CCNfWF1RS38rE5bb4sFYEzPlnY+7le4XsaFY8k32ph XEG4ccDJmaaO2XacsA9mC+IYrSWWNFdOwMTbP85ceiNI4ODjsYO5eokMfjfGFLsY cwxgf11mUGw0cCFCRFd2YRLEKp8fhQztGOGa+UuB6igV3NYCBhT0Me4CCQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGiVPA36RyX69nT9zTgvO1x382v5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBlMTlkYzdmLTdhNDktNGQyZS04NDBiLTlmMzE2MmE0YWYyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RCMA0GCSqGSIb3DQEBCwUAA4IBAQBMIp1w2XSrF1w6G68QMZu2 ACcSoyQAUJJ8PJTLhNSJsm7rbekEUEPSrYogyk/ZtNvIH5G2vAAM7OhOgWrkDkBO bnx6NbLs71sAlVvgIoqMITD3Ind3TYBqF5KrItoTAK1oV54cW0nDqHGEmCmcYJYL Wa08iR0wBl4E7d9QL2V0fBLzjViWFIeM3oWmV6jm/imvthH6FBSx/fFDrQfT57ZY 4ZwYBP8xZwp/N3FsywSmXfGsoqwis8enby7u8QsA795DLL64HqnlyRM6ZQ5g4oup pGyRHIgIZGNpk8XBPLl+tsmFnKnWd7dbWpvQWtanhgftPfJHfmY9JCvmyWR23Vf8 -----END CERTIFICATE-----Generated at Sun Jun 29 04:18:21 2025 by rpki-client