$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa File: 4eebfe87-ebaa-4640-b26f-714c512d27da.roa (raw, json) Hash identifier: dKfBkWQQ2a4w4pBSWwxEcFhAlloyKM6y+zCyjhHaRpQ= Subject key identifier: B7:F5:73:E7:8F:14:51:D8:94:DD:D6:8F:66:B3:7C:39:59:B8:54:BB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 594BBB97CCB6B42029F9BC87554DC0CE34381767 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa Signing time: Fri 20 Jun 2025 00:00:09 +0000 ROA not before: Fri 20 Jun 2025 00:00:09 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.217.174.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:4b:bb:97:cc:b6:b4:20:29:f9:bc:87:55:4d:c0:ce:34:38:17:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 20 00:00:09 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=473354fedb7fb3459e16cff61d3bcf0f0cdc04b4e8136b3f2113a4ac1b72d641, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:84:f8:2b:2d:18:25:a4:6e:35:68:80:a6:e4: f9:18:9d:2e:5f:3b:8b:e5:71:8a:a8:9c:8a:63:d8: 90:7f:1a:05:be:f8:bb:ff:44:53:03:79:6a:50:7d: ec:13:fa:01:98:25:b7:84:eb:cd:a3:2f:8e:b5:d6: 2f:f3:8f:e5:50:74:8b:b0:45:27:2d:10:4c:b5:72: 7d:18:09:5d:02:f5:db:7a:07:f0:02:a5:03:91:eb: 19:38:bc:d9:f7:cf:22:39:88:22:57:0e:7b:29:f4: b6:5e:9b:1c:1d:aa:4a:7a:e2:b1:a7:82:5c:56:49: 87:a0:b9:9e:e6:60:95:e9:72:e4:7c:5d:69:cc:b9: 7e:90:c2:1c:d5:54:bd:fa:71:c1:8f:87:68:06:3f: e4:d8:82:79:c1:95:9c:6f:62:49:82:c5:b2:15:82: 11:3e:46:71:6e:2d:4b:9a:5c:e5:ae:36:9e:9d:0b: 3d:20:e8:5f:de:4f:4c:ed:c4:39:8f:42:5d:2d:b0: 4f:84:c8:98:12:46:38:ad:21:2a:a6:02:a2:cd:91: 09:47:6b:a2:82:ff:10:a5:b9:12:22:6b:2e:f7:cf: b5:11:89:39:46:6b:a3:d3:96:de:2e:d3:c1:09:af: e7:77:a4:83:a7:9f:9a:ac:dc:75:00:e1:86:86:7b: 68:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:F5:73:E7:8F:14:51:D8:94:DD:D6:8F:66:B3:7C:39:59:B8:54:BB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.217.174.0/23 Signature Algorithm: sha256WithRSAEncryption 17:ee:5c:b4:f9:ff:2f:b1:81:85:ad:b3:32:88:77:09:ba:19: 12:dd:51:3a:c7:a4:52:bc:e2:bc:d3:90:ee:64:e6:6f:2b:5a: 8e:60:00:26:e3:dd:b9:1a:8d:22:38:e7:08:e7:78:cc:74:7b: be:e2:2f:f0:67:b5:f9:ae:03:68:0e:09:02:72:fe:5c:ce:7d: 17:7d:96:ac:56:16:17:5d:c0:ab:b6:d4:92:45:4c:78:40:39: e3:7d:a9:d4:dd:34:42:41:61:55:b6:cf:29:16:99:97:5c:c6: 65:c3:f8:e3:75:40:29:d6:37:99:0a:a0:33:b0:32:b0:c8:3f: d4:76:ca:92:c8:69:0a:13:b8:67:0a:23:04:10:6d:66:2a:51: d8:65:28:1b:f4:18:e1:80:e1:73:cf:a4:49:8e:14:02:26:6e: 62:a7:ab:92:94:da:24:d7:00:17:11:0b:e5:c4:23:21:c5:79: 5c:87:f2:17:08:c7:a3:ee:86:58:70:62:29:4d:1d:e5:80:63: c3:c6:4c:d1:bf:cb:c0:f9:e0:99:69:72:c7:74:19:96:06:e0: 4f:76:d3:6e:6f:31:93:10:99:ad:f7:b9:3a:b3:a0:84:48:8d: 02:82:d6:d0:ad:d3:fc:63:6e:e0:3d:43:c6:0c:d6:ac:50:fe: c9:3a:49:ca -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUWUu7l8y2tCAp+byHVU3AzjQ4F2cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyMDAwMDAwOVoX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNANDczMzU0ZmVkYjdmYjM0NTllMTZj ZmY2MWQzYmNmMGYwY2RjMDRiNGU4MTM2YjNmMjExM2E0YWMxYjcyZDY0MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroT4Ky0YJaRuNWiApuT5GJ0uXzuL 5XGKqJyKY9iQfxoFvvi7/0RTA3lqUH3sE/oBmCW3hOvNoy+OtdYv84/lUHSLsEUn LRBMtXJ9GAldAvXbegfwAqUDkesZOLzZ988iOYgiVw57KfS2XpscHapKeuKxp4Jc VkmHoLme5mCV6XLkfF1pzLl+kMIc1VS9+nHBj4doBj/k2IJ5wZWcb2JJgsWyFYIR PkZxbi1LmlzlrjaenQs9IOhf3k9M7cQ5j0JdLbBPhMiYEkY4rSEqpgKizZEJR2ui gv8QpbkSImsu98+1EYk5Rmuj05beLtPBCa/nd6SDp5+arNx1AOGGhntoVwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLf1c+ePFFHYlN3Wj2azfDlZuFS7MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlZWJmZTg3LWViYWEtNDY0MC1iMjZmLTcxNGM1MTJkMjdkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9muMA0GCSqGSIb3DQEBCwUAA4IBAQAX7ly0+f8vsYGFrbMyiHcJ uhkS3VE6x6RSvOK805DuZOZvK1qOYAAm4925Go0iOOcI53jMdHu+4i/wZ7X5rgNo DgkCcv5czn0XfZasVhYXXcCrttSSRUx4QDnjfanU3TRCQWFVts8pFpmXXMZlw/jj dUAp1jeZCqAzsDKwyD/UdsqSyGkKE7hnCiMEEG1mKlHYZSgb9BjhgOFzz6RJjhQC Jm5ip6uSlNok1wAXEQvlxCMhxXlch/IXCMej7oZYcGIpTR3lgGPDxkzRv8vA+eCZ aXLHdBmWBuBPdtNubzGTEJmt97k6s6CESI0CgtbQrdP8Y27gPUPGDNasUP7JOknK -----END CERTIFICATE-----Generated at Mon Jun 30 21:47:40 2025 by rpki-client