$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa File: 5496107b-eefe-4905-9cf9-59440b1209c9.roa (raw, json) Hash identifier: 0x8gOTDMqFSaQf8AFX3LHVhk6BD2dydOUNIbrpk4r5I= Subject key identifier: 47:C4:0E:40:77:AE:ED:BA:AC:41:D1:72:ED:A3:35:4D:7B:F7:34:97 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2ADAB36B56CC6690FAA183B8C52605418F137F62 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa Signing time: Fri 20 Jun 2025 00:00:07 +0000 ROA not before: Fri 20 Jun 2025 00:00:07 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:da:b3:6b:56:cc:66:90:fa:a1:83:b8:c5:26:05:41:8f:13:7f:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 20 00:00:07 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=a4d899e808ac6f2d86c08cd3473e9b4e4f0ebb4de49a682c4e4b07ac4f85b1c8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:8d:fd:9b:d5:c2:5c:6f:7a:e1:ec:5c:10:a5: 7e:bd:40:62:69:fa:e5:30:73:a6:6c:d3:59:1c:43: c0:99:0b:59:0a:3f:cd:0d:da:85:d5:ab:f5:1b:a4: 0d:e2:f4:a1:a9:cf:a2:5b:70:ef:15:3a:db:d7:1f: 84:5c:7b:48:96:a0:23:7d:87:ef:0d:e3:ff:fb:1d: 41:47:05:05:1e:78:8e:22:fe:bb:a7:d5:63:4c:07: b9:36:f1:3b:7c:57:60:f9:a1:60:ba:aa:45:1b:4f: 64:70:c9:c1:f8:ca:c3:07:7a:91:85:f9:bd:7a:09: f4:30:6d:e5:a5:6a:57:ef:b8:f5:d9:3f:58:3f:69: a0:0a:11:6c:69:9e:0e:6b:c2:8f:61:cb:32:d3:53: 9e:e4:05:e9:50:60:d2:20:4b:b4:be:c4:a7:93:31: a0:b0:5d:a9:5c:f6:cc:1a:40:7a:66:b4:08:c9:f0: ea:89:f0:1d:03:4d:73:03:93:fc:2d:45:0d:00:6a: 44:a3:1e:09:bf:73:70:29:8e:fe:24:8e:dd:2f:9f: 8b:42:1c:e9:b8:0f:15:40:2b:0b:c4:fc:72:00:3c: 9d:f4:c2:02:4b:5f:64:3d:7c:30:72:26:31:34:48: 6b:5a:a5:bd:97:86:c0:8c:df:00:23:3f:20:01:a7: 5a:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:C4:0E:40:77:AE:ED:BA:AC:41:D1:72:ED:A3:35:4D:7B:F7:34:97 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.62.0/24 Signature Algorithm: sha256WithRSAEncryption 71:a6:8a:e0:1c:43:94:60:64:9d:0d:af:4d:88:b1:5a:5e:a4: 1c:8c:fe:96:ca:96:68:c4:83:f8:f8:bb:83:76:81:f0:23:b9: d8:3f:44:ce:67:33:d8:34:67:ff:6a:5f:22:28:9e:3b:05:c6: f4:93:6c:79:f1:98:39:0a:3a:25:fd:e4:e1:a2:e1:3b:18:04: 89:bc:8f:b8:a1:85:e8:00:85:d5:19:d3:03:c7:48:c4:55:e6: cf:78:d1:6c:9b:2f:3c:46:b7:c9:be:b6:69:11:82:55:5f:9d: e3:5a:76:cf:a6:d2:6e:e2:c7:60:5e:d8:c8:f6:fd:e0:9d:11: e3:a0:87:b0:98:50:33:07:4e:2c:c2:bc:1d:59:50:33:14:45: 77:4b:18:18:04:88:52:67:ba:d9:e2:d1:28:53:e6:de:c4:63: 04:86:c7:e8:ec:8d:1e:b2:b7:d8:7e:3d:46:0f:76:bd:bf:e5: 35:a4:55:88:5c:b3:55:7f:59:e5:08:37:1a:4b:1b:5a:1e:7a: ec:38:d6:40:b3:44:eb:bd:92:71:a9:cd:8f:b3:83:f9:2f:23: eb:c8:06:29:69:1e:75:f0:35:8d:af:04:15:b7:6c:1d:67:bd: dd:95:31:67:10:9e:c5:fc:a6:fc:89:4a:1d:f1:3c:3a:c4:1b: f5:d9:79:7d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUKtqza1bMZpD6oYO4xSYFQY8Tf2IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyMDAwMDAwN1oX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNAYTRkODk5ZTgwOGFjNmYyZDg2YzA4 Y2QzNDczZTliNGU0ZjBlYmI0ZGU0OWE2ODJjNGU0YjA3YWM0Zjg1YjFjODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo39m9XCXG964excEKV+vUBiafrl MHOmbNNZHEPAmQtZCj/NDdqF1av1G6QN4vShqc+iW3DvFTrb1x+EXHtIlqAjfYfv DeP/+x1BRwUFHniOIv67p9VjTAe5NvE7fFdg+aFguqpFG09kcMnB+MrDB3qRhfm9 egn0MG3lpWpX77j12T9YP2mgChFsaZ4Oa8KPYcsy01Oe5AXpUGDSIEu0vsSnkzGg sF2pXPbMGkB6ZrQIyfDqifAdA01zA5P8LUUNAGpEox4Jv3NwKY7+JI7dL5+LQhzp uA8VQCsLxPxyADyd9MICS19kPXwwciYxNEhrWqW9l4bAjN8AIz8gAadaBQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEfEDkB3ru26rEHRcu2jNU179zSXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0OTYxMDdiLWVlZmUtNDkwNS05Y2Y5LTU5NDQwYjEyMDljOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g+MA0GCSqGSIb3DQEBCwUAA4IBAQBxporgHEOUYGSdDa9NiLFa XqQcjP6WypZoxIP4+LuDdoHwI7nYP0TOZzPYNGf/al8iKJ47Bcb0k2x58Zg5Cjol /eThouE7GASJvI+4oYXoAIXVGdMDx0jEVebPeNFsmy88RrfJvrZpEYJVX53jWnbP ptJu4sdgXtjI9v3gnRHjoIewmFAzB04swrwdWVAzFEV3SxgYBIhSZ7rZ4tEoU+be xGMEhsfo7I0esrfYfj1GD3a9v+U1pFWIXLNVf1nlCDcaSxtaHnrsONZAs0TrvZJx qc2Ps4P5LyPryAYpaR518DWNrwQVt2wdZ73dlTFnEJ7F/Kb8iUod8Tw6xBv12Xl9 -----END CERTIFICATE-----Generated at Tue Jul 1 00:53:59 2025 by rpki-client