$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa File: 0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa (raw, json) Hash identifier: TV0qEF4Oja2d8xINR9HWxc/R06A66UfvLHDLzmF2XAU= Subject key identifier: 9F:F2:00:5D:05:36:5B:A2:42:B4:0D:45:27:58:81:9E:88:9C:35:2D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7A2F939B0D6177E99AC318043FAE15E132850DE5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa Signing time: Mon 18 Aug 2025 15:00:50 +0000 ROA not before: Mon 18 Aug 2025 15:00:50 +0000 ROA not after: Mon 22 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:2f:93:9b:0d:61:77:e9:9a:c3:18:04:3f:ae:15:e1:32:85:0d:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 18 15:00:50 2025 GMT Not After : Sep 22 23:59:59 2025 GMT Subject: serialNumber=40e2301a7ddfa6e9da02a113e188e232c9321666ebd65272641de418265ef2dd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:55:09:e3:ca:cc:81:53:6f:8f:c0:4f:34:30: f3:4f:90:6c:35:90:62:39:88:e4:df:84:fd:37:4f: 2e:e5:f9:41:70:0b:52:7d:0f:29:9f:c0:68:63:f9: 07:92:1d:13:b2:d0:d8:4d:f9:29:4d:a9:80:97:81: f4:71:e8:72:19:13:d9:8e:51:26:3f:c7:1a:d4:1f: bf:70:49:32:56:56:29:6d:07:d8:ef:5b:0d:be:be: 12:d3:04:56:b2:21:18:1e:35:28:66:01:b0:75:b6: 1b:eb:31:e7:66:8d:8d:57:33:4b:d5:00:69:df:77: 78:7c:0d:30:71:0b:c0:c1:34:b7:33:c4:89:9e:19: b3:b8:cc:5f:47:1f:30:27:09:02:e3:50:1d:b3:24: 79:c5:20:f0:96:18:ee:07:b9:b8:07:6e:c3:27:23: 87:d5:db:2e:67:25:3c:fb:4d:f0:20:b1:07:ce:7a: 80:a8:08:5b:b5:ef:d8:af:c0:bc:3b:4b:52:47:93: 37:b1:93:87:19:11:ab:a7:69:b9:58:7d:4e:59:26: 41:90:39:a3:bf:9a:07:1d:e6:9f:98:2e:7a:24:6e: 37:e3:9c:3e:17:64:bd:36:32:de:eb:0e:8f:7d:d2: 58:58:e0:23:49:b6:11:0c:db:19:52:c6:6d:0e:25: 98:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:F2:00:5D:05:36:5B:A2:42:B4:0D:45:27:58:81:9E:88:9C:35:2D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e19dc7f-7a49-4d2e-840b-9f3162a4af2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.66.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:e3:bb:7a:d4:43:c5:5d:f0:6b:1c:1f:4f:39:79:f8:48:ed: e2:aa:17:37:96:19:d4:35:31:54:22:38:1b:de:f6:f6:3b:cb: 86:68:52:14:5b:f3:30:4e:8f:d1:67:9a:37:31:78:66:e9:ad: 05:71:70:cd:74:06:e5:03:2c:90:8e:3b:68:ab:a7:20:70:30: 10:79:2d:38:29:e7:db:0c:9e:69:4c:0a:2b:ab:89:34:2d:c5: 5e:d1:c1:5d:4d:6b:0d:c5:1b:df:b8:1a:f3:0f:90:11:7e:1b: 17:55:42:07:6a:b0:d5:0c:4c:7f:9e:fb:ee:2c:be:bf:58:ef: 3e:f8:08:57:04:42:57:69:a7:bf:24:d4:07:c0:b0:87:97:33: 9d:c8:cb:7f:b2:57:b6:17:50:a1:5d:bc:0c:c1:af:4d:b5:ec: 9b:de:68:26:35:64:45:b7:43:7c:88:41:b1:71:10:c3:d9:75: 50:be:2e:e7:bc:a6:cb:80:6f:ea:77:da:f0:d3:e5:c1:c0:4a: 4f:fb:e1:b0:35:8e:8d:b8:fa:b2:12:83:c4:a0:b2:ea:92:09: ab:17:89:90:2f:15:26:1f:2c:df:58:73:17:91:43:8f:b2:65: 46:12:99:97:80:b1:5a:1d:92:23:cf:4f:45:1a:e2:c2:58:a1: c5:ab:16:40 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUei+Tmw1hd+mawxgEP64V4TKFDeUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxODE1MDA1MFoX DTI1MDkyMjIzNTk1OVowejFJMEcGA1UEBRNANDBlMjMwMWE3ZGRmYTZlOWRhMDJh MTEzZTE4OGUyMzJjOTMyMTY2NmViZDY1MjcyNjQxZGU0MTgyNjVlZjJkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlUJ48rMgVNvj8BPNDDzT5BsNZBi OYjk34T9N08u5flBcAtSfQ8pn8BoY/kHkh0TstDYTfkpTamAl4H0cehyGRPZjlEm P8ca1B+/cEkyVlYpbQfY71sNvr4S0wRWsiEYHjUoZgGwdbYb6zHnZo2NVzNL1QBp 33d4fA0wcQvAwTS3M8SJnhmzuMxfRx8wJwkC41AdsyR5xSDwlhjuB7m4B27DJyOH 1dsuZyU8+03wILEHznqAqAhbte/Yr8C8O0tSR5M3sZOHGRGrp2m5WH1OWSZBkDmj v5oHHeafmC56JG4345w+F2S9NjLe6w6PfdJYWOAjSbYRDNsZUsZtDiWY+QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJ/yAF0FNluiQrQNRSdYgZ6InDUtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBlMTlkYzdmLTdhNDktNGQyZS04NDBiLTlmMzE2MmE0YWYyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RCMA0GCSqGSIb3DQEBCwUAA4IBAQAa47t61EPFXfBrHB9POXn4 SO3iqhc3lhnUNTFUIjgb3vb2O8uGaFIUW/MwTo/RZ5o3MXhm6a0FcXDNdAblAyyQ jjtoq6cgcDAQeS04KefbDJ5pTAorq4k0LcVe0cFdTWsNxRvfuBrzD5ARfhsXVUIH arDVDEx/nvvuLL6/WO8++AhXBEJXaae/JNQHwLCHlzOdyMt/sle2F1ChXbwMwa9N teyb3mgmNWRFt0N8iEGxcRDD2XVQvi7nvKbLgG/qd9rw0+XBwEpP++GwNY6NuPqy EoPEoLLqkgmrF4mQLxUmHyzfWHMXkUOPsmVGEpmXgLFaHZIjz09FGuLCWKHFqxZA -----END CERTIFICATE-----Generated at Sat Aug 23 08:09:28 2025 by rpki-client