$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa File: 5496107b-eefe-4905-9cf9-59440b1209c9.roa (raw, json) Hash identifier: Qi2EqbQy5dDI5skXRlcuxJHl+bSUonAOssJr7YQrCRg= Subject key identifier: 3C:AE:CD:3B:1E:B0:EB:75:5C:96:47:19:81:CB:04:4E:A8:EE:51:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5589927722F3917E1BECFD7388C0DAF03B408419 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa Signing time: Sat 09 Aug 2025 00:00:15 +0000 ROA not before: Sat 09 Aug 2025 00:00:15 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:89:92:77:22:f3:91:7e:1b:ec:fd:73:88:c0:da:f0:3b:40:84:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 9 00:00:15 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=20e7f44407d3825cf5c500c8bdc79cabf52998ff9a17c3e16dc5916425e3ab8e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a2:3f:f9:5b:70:96:58:d3:1d:c8:24:fc:09: 62:15:41:11:ad:69:29:e3:94:67:7c:85:d0:1f:7f: 94:a8:01:c6:8f:0c:55:73:ce:92:c0:d1:66:37:22: df:7d:be:91:0d:1b:97:28:be:c1:29:53:0e:b9:4d: 78:ec:6f:c7:ef:dc:46:74:de:99:74:fa:16:57:4a: 11:6f:a2:4e:b6:75:3c:8f:6c:59:5b:e8:7f:88:42: 0f:87:6a:38:87:5a:a1:bb:76:ba:56:ed:87:e4:cb: 84:91:3c:dc:ee:8d:45:b3:38:a9:a3:e6:ba:fb:ea: 34:c1:ca:f8:45:60:fb:40:7b:07:bb:7b:09:b3:8f: eb:63:02:bb:7b:95:15:cf:01:2a:c2:30:b8:80:8e: ee:68:c9:77:3b:f1:16:c9:96:85:50:2f:81:8a:01: e8:27:ff:13:0d:8d:9a:67:e7:8d:22:8f:a5:3c:cd: e1:28:5c:17:78:9f:54:b3:27:57:04:a1:57:e2:6b: 69:4b:2a:fd:ef:b9:7a:c0:f9:1f:4d:4d:e8:70:12: 27:31:e1:4d:87:d2:fa:e4:bf:21:3a:2e:24:f5:9b: b6:22:07:15:3e:d4:cc:67:cf:96:ed:4e:cf:69:ee: 7a:2b:6c:26:e9:23:8c:5a:2b:f6:d7:5a:92:42:13: a0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:AE:CD:3B:1E:B0:EB:75:5C:96:47:19:81:CB:04:4E:A8:EE:51:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.62.0/24 Signature Algorithm: sha256WithRSAEncryption 80:3e:33:7c:48:ea:2b:8e:2c:80:99:60:03:69:b6:35:27:fb: 11:29:26:47:b7:1c:ec:39:25:14:93:a6:d5:c0:ce:50:40:f5: f5:9b:3d:b2:9d:24:f0:e6:2b:ca:44:9e:fc:8b:c8:e1:a1:b9: 58:a1:2a:45:77:c7:8f:a6:d3:c8:6f:56:28:05:cb:07:98:eb: 5c:1c:7a:86:5b:60:58:33:ba:01:d3:bd:46:db:65:65:bc:b3: 2a:8b:64:f8:95:ce:80:47:51:90:80:5b:28:aa:bb:66:4c:ea: d8:9c:e8:0f:19:9c:66:fd:ac:d3:7d:c0:5f:fd:fd:42:c2:a1: ba:1c:e8:f5:bd:1f:23:93:9c:fb:5f:6d:3d:2c:f1:05:5d:a6: 76:0f:0d:31:1e:69:9c:89:83:9a:8a:fc:0a:41:9e:15:45:7c: 5e:01:c0:f1:9d:ba:12:6b:50:40:2f:a2:17:be:92:02:18:8b: 65:d6:57:b7:79:20:cd:b8:f6:a3:53:2e:1d:06:61:ec:fc:5b: 77:c7:bf:06:d5:38:b4:69:de:96:db:3a:86:d0:a0:ec:f6:35: 21:f4:49:d4:e9:54:a2:e2:f1:d2:2d:8a:56:65:98:32:55:5c: f1:70:9b:27:33:57:92:01:06:5d:fd:3d:fd:09:9b:a7:02:91: 54:01:a4:af -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVYmSdyLzkX4b7P1ziMDa8DtAhBkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwOTAwMDAxNVoX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNAMjBlN2Y0NDQwN2QzODI1Y2Y1YzUw MGM4YmRjNzljYWJmNTI5OThmZjlhMTdjM2UxNmRjNTkxNjQyNWUzYWI4ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6I/+VtwlljTHcgk/AliFUERrWkp 45RnfIXQH3+UqAHGjwxVc86SwNFmNyLffb6RDRuXKL7BKVMOuU147G/H79xGdN6Z dPoWV0oRb6JOtnU8j2xZW+h/iEIPh2o4h1qhu3a6Vu2H5MuEkTzc7o1Fszipo+a6 ++o0wcr4RWD7QHsHu3sJs4/rYwK7e5UVzwEqwjC4gI7uaMl3O/EWyZaFUC+BigHo J/8TDY2aZ+eNIo+lPM3hKFwXeJ9UsydXBKFX4mtpSyr977l6wPkfTU3ocBInMeFN h9L65L8hOi4k9Zu2IgcVPtTMZ8+W7U7Pae56K2wm6SOMWiv211qSQhOg0wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDyuzTsesOt1XJZHGYHLBE6o7lEcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0OTYxMDdiLWVlZmUtNDkwNS05Y2Y5LTU5NDQwYjEyMDljOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g+MA0GCSqGSIb3DQEBCwUAA4IBAQCAPjN8SOorjiyAmWADabY1 J/sRKSZHtxzsOSUUk6bVwM5QQPX1mz2ynSTw5ivKRJ78i8jhoblYoSpFd8ePptPI b1YoBcsHmOtcHHqGW2BYM7oB071G22VlvLMqi2T4lc6AR1GQgFsoqrtmTOrYnOgP GZxm/azTfcBf/f1CwqG6HOj1vR8jk5z7X209LPEFXaZ2Dw0xHmmciYOaivwKQZ4V RXxeAcDxnboSa1BAL6IXvpICGItl1le3eSDNuPajUy4dBmHs/Ft3x78G1Ti0ad6W 2zqG0KDs9jUh9EnU6VSi4vHSLYpWZZgyVVzxcJsnM1eSAQZd/T39CZunApFUAaSv -----END CERTIFICATE-----Generated at Sat Aug 23 06:52:30 2025 by rpki-client