$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa File: 25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa (raw, json) Hash identifier: FcgFmvoaSCY7n8aHq1rb9m4WUzEofXb+UTnUuaecrGc= Subject key identifier: 5C:A0:0F:65:A0:CD:44:22:74:98:C7:F3:6A:F3:27:25:04:87:B3:6A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6180C1B3B7A6B183830F7BADDEB077789B915E95 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa Signing time: Sat 28 Jun 2025 00:00:22 +0000 ROA not before: Sat 28 Jun 2025 00:00:22 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:80:c1:b3:b7:a6:b1:83:83:0f:7b:ad:de:b0:77:78:9b:91:5e:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:22 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=29c9c91210d28d85ec4b63a6c5dd42d072148a9bbe38d6a4b7eb9d0d967d8b99, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:86:33:a6:e0:b2:43:28:21:0f:92:3a:da:2a: ac:0f:fa:61:7b:cf:dd:53:b9:63:59:2c:00:e2:98: 8f:3d:7a:41:fb:68:c4:16:38:24:86:63:44:47:1c: 1c:b2:ac:52:af:e5:ea:e4:e6:82:2a:cf:2c:08:c4: c1:66:51:59:3a:8d:bd:2d:b2:24:ea:ef:c8:4d:4b: ce:8a:09:43:00:00:80:b3:01:86:fc:a8:5e:d1:7d: ca:d7:9c:59:70:06:9c:d4:d3:b9:28:23:15:d5:34: f6:5f:24:cc:07:63:29:6f:8a:11:e0:ac:b1:02:d9: d5:5e:a3:d4:3d:4a:4b:d7:58:8d:4b:19:d3:5b:cc: 6c:68:d7:cb:21:23:dd:e1:a4:e9:84:21:7e:dd:e6: bf:f6:19:5e:fb:29:d7:63:6f:d4:66:d0:2e:76:14: c0:e3:a1:a0:bd:18:39:13:64:ab:0c:c9:91:fc:c9: 6b:61:29:3e:dd:fb:cb:6c:9c:35:71:5c:f3:a9:8e: d9:c1:9d:5f:df:39:63:79:8f:5f:b5:b3:f3:e0:a8: 13:17:47:a3:ed:a6:17:98:b7:97:c3:d6:2f:f0:a8: d1:fb:a6:de:17:fa:a9:02:51:d8:c1:b5:e6:05:65: b4:0b:f8:cc:0e:43:28:4f:5e:55:37:1f:bc:09:35: 46:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:A0:0F:65:A0:CD:44:22:74:98:C7:F3:6A:F3:27:25:04:87:B3:6A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.70.0/24 Signature Algorithm: sha256WithRSAEncryption ca:9b:66:c0:05:a3:1d:ac:04:c7:4c:54:88:53:8f:9f:9a:44: 44:db:6f:f0:42:ab:5c:18:1f:47:da:df:e3:79:b5:d0:90:05: ff:a0:01:51:02:8c:b5:1a:fd:66:c4:8f:28:90:00:e0:a4:f3: 3b:b8:51:31:1f:e5:66:04:d3:3b:0d:b0:6d:31:d9:8e:d0:03: fc:01:3c:b6:7c:33:63:07:45:be:49:a0:c3:0d:19:12:3e:cf: 40:74:e8:06:90:52:b1:c2:5f:43:dd:ce:3f:7b:c5:d2:e0:c9: bf:ce:16:b6:0d:d2:17:82:ee:a4:fb:85:61:68:ba:74:8e:f5: 5f:1d:ca:1d:63:e9:3c:3b:43:7e:ec:29:1f:2f:b9:0c:67:14: 0d:62:2f:8c:61:9a:4f:b5:2a:a3:f2:6a:07:cb:53:83:b4:86: a2:f7:9e:e3:09:88:0e:a2:ff:ef:89:f9:ca:69:0f:ea:98:ed: 32:21:49:7d:d7:fc:62:24:40:0d:24:c5:40:68:61:10:10:4e: 3f:7f:f4:7b:a8:c6:27:84:f9:fd:c1:4f:3e:b7:51:f6:99:bb: 3d:1f:2c:f7:28:13:5a:cc:bc:8a:97:4e:a6:d0:46:45:b3:ed: d5:b8:56:1e:91:b1:11:a3:1a:31:0e:a0:49:a1:47:3e:42:c0: 59:1f:60:22 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYYDBs7emsYODD3ut3rB3eJuRXpUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDAyMloX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAMjljOWM5MTIxMGQyOGQ4NWVjNGI2 M2E2YzVkZDQyZDA3MjE0OGE5YmJlMzhkNmE0YjdlYjlkMGQ5NjdkOGI5OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIYzpuCyQyghD5I62iqsD/phe8/d U7ljWSwA4piPPXpB+2jEFjgkhmNERxwcsqxSr+Xq5OaCKs8sCMTBZlFZOo29LbIk 6u/ITUvOiglDAACAswGG/Khe0X3K15xZcAac1NO5KCMV1TT2XyTMB2Mpb4oR4Kyx AtnVXqPUPUpL11iNSxnTW8xsaNfLISPd4aTphCF+3ea/9hle+ynXY2/UZtAudhTA 46GgvRg5E2SrDMmR/MlrYSk+3fvLbJw1cVzzqY7ZwZ1f3zljeY9ftbPz4KgTF0ej 7aYXmLeXw9Yv8KjR+6beF/qpAlHYwbXmBWW0C/jMDkMoT15VNx+8CTVGtQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFygD2WgzUQidJjH82rzJyUEh7NqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1ZTA0YzVkLTRhZTktNDQ3MC04MTM4LWRlYTFlOGIzMTYwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RGMA0GCSqGSIb3DQEBCwUAA4IBAQDKm2bABaMdrATHTFSIU4+f mkRE22/wQqtcGB9H2t/jebXQkAX/oAFRAoy1Gv1mxI8okADgpPM7uFExH+VmBNM7 DbBtMdmO0AP8ATy2fDNjB0W+SaDDDRkSPs9AdOgGkFKxwl9D3c4/e8XS4Mm/zha2 DdIXgu6k+4VhaLp0jvVfHcodY+k8O0N+7CkfL7kMZxQNYi+MYZpPtSqj8moHy1OD tIai957jCYgOov/vifnKaQ/qmO0yIUl91/xiJEANJMVAaGEQEE4/f/R7qMYnhPn9 wU8+t1H2mbs9Hyz3KBNazLyKl06m0EZFs+3VuFYekbERoxoxDqBJoUc+QsBZH2Ai -----END CERTIFICATE-----Generated at Sun Jun 29 04:46:29 2025 by rpki-client