$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa File: 5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa (raw, json) Hash identifier: V5rQA61dL4I3yHQotAR6XdYeBJHWCeKKFepBsgfZygQ= Subject key identifier: 05:3D:04:AB:EC:2D:02:ED:DB:E2:39:46:51:99:AE:84:A3:D4:1C:82 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1DF8DD5291E5E9915D28863EB525022C21659C85 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa Signing time: Mon 18 Aug 2025 15:00:47 +0000 ROA not before: Mon 18 Aug 2025 15:00:47 +0000 ROA not after: Mon 22 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.0.0/13 maxlen: 13 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:f8:dd:52:91:e5:e9:91:5d:28:86:3e:b5:25:02:2c:21:65:9c:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 18 15:00:47 2025 GMT Not After : Sep 22 23:59:59 2025 GMT Subject: serialNumber=624d1f8aafdb00c2d02a6353b675fc4cf34f1d6d09e1800f63d4cb58e7d3d3a2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:42:d9:a1:65:a9:fd:18:11:1b:1f:fd:fe:5f: d9:33:6f:12:38:46:45:f1:ba:26:53:db:4a:1e:27: 30:b9:87:72:93:cb:a9:56:09:63:27:3a:85:83:28: 9b:d3:d6:78:8a:7e:66:d9:f6:90:d4:9e:03:cd:b0: 9e:16:c9:a0:c4:3e:f2:0c:29:1c:20:88:7e:64:f2: 16:bf:f2:9c:1f:23:8c:d2:d3:bc:d2:ab:06:87:5c: 5e:e4:a3:7b:18:47:c4:eb:76:a3:1f:f1:51:e5:32: 27:0e:3d:e6:0b:43:f5:94:75:64:94:14:d4:f8:4a: 05:df:b0:de:00:33:9c:72:33:44:91:08:02:2c:ee: 9c:81:d1:9f:1b:fd:82:c9:9a:14:05:ce:50:21:ac: 1d:c7:73:44:22:dc:e9:c8:c2:dc:65:9c:91:be:3b: f5:cd:a1:7a:14:17:3c:7b:65:ec:59:63:38:61:25: 62:2a:42:b1:b5:a3:49:a5:ee:b3:97:4b:2e:61:9e: bf:57:cd:74:0a:71:1f:82:ff:05:a7:cb:a3:16:08: 78:e3:0b:ad:00:49:ca:ac:09:12:94:3f:42:f0:2a: 43:2f:ea:fb:17:57:9f:73:74:61:b8:3b:f6:d6:bf: 3c:47:1f:b7:ff:9e:eb:19:68:13:df:ec:88:a7:0b: f2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:3D:04:AB:EC:2D:02:ED:DB:E2:39:46:51:99:AE:84:A3:D4:1C:82 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.0.0/13 Signature Algorithm: sha256WithRSAEncryption 43:ed:99:97:af:07:a9:c2:72:4d:f3:35:4d:fc:c9:cb:f9:26: 13:b7:e2:f1:34:91:18:82:42:31:84:0e:ff:3b:e3:4c:24:90: c0:fb:47:43:1a:99:96:eb:1a:0d:18:70:31:11:11:72:1a:b1: 9c:89:c8:63:ad:a3:d3:7e:52:d7:fe:cb:3c:4a:51:84:45:84: 66:1b:ba:88:24:3a:fa:29:56:cd:c2:10:1a:a1:d8:c0:e1:8f: 0e:98:fd:2a:c8:76:cb:b6:13:ff:b9:61:1a:06:14:f2:9e:94: bf:fa:c0:fa:75:bf:ec:78:f1:92:01:11:a1:75:d7:37:7f:a8: fd:07:07:cc:86:27:a6:c6:a0:bb:0c:f4:85:66:ae:5f:f9:b9: ec:53:35:81:c9:62:5d:f2:db:8d:0e:b7:3f:6d:34:04:63:7d: 0b:01:4d:7c:08:5c:e5:31:56:7f:06:c4:c1:0f:c9:4c:cf:71: 4d:de:48:59:28:5b:e8:84:7a:61:f6:c1:d7:3e:87:85:12:40: f5:60:f4:b1:10:2f:f4:93:46:af:0d:d3:c3:46:a7:3b:30:0a: ec:8f:20:fe:97:b8:98:f7:ec:a5:1d:ea:f3:84:90:8f:84:32: 78:f7:5f:f5:3a:5b:1b:e5:20:95:a0:b0:5f:1a:0f:57:52:6f: 17:f7:f8:9a -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUHfjdUpHl6ZFdKIY+tSUCLCFlnIUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxODE1MDA0N1oX DTI1MDkyMjIzNTk1OVowejFJMEcGA1UEBRNANjI0ZDFmOGFhZmRiMDBjMmQwMmE2 MzUzYjY3NWZjNGNmMzRmMWQ2ZDA5ZTE4MDBmNjNkNGNiNThlN2QzZDNhMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhELZoWWp/RgRGx/9/l/ZM28SOEZF 8bomU9tKHicwuYdyk8upVgljJzqFgyib09Z4in5m2faQ1J4DzbCeFsmgxD7yDCkc IIh+ZPIWv/KcHyOM0tO80qsGh1xe5KN7GEfE63ajH/FR5TInDj3mC0P1lHVklBTU +EoF37DeADOccjNEkQgCLO6cgdGfG/2CyZoUBc5QIawdx3NEItzpyMLcZZyRvjv1 zaF6FBc8e2XsWWM4YSViKkKxtaNJpe6zl0suYZ6/V810CnEfgv8Fp8ujFgh44wut AEnKrAkSlD9C8CpDL+r7F1efc3RhuDv21r88Rx+3/57rGWgT3+yIpwvyvQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFAU9BKvsLQLt2+I5RlGZroSj1ByCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzViZjRkMjlkLWI3NTUtNDVlOS1hZDEyLWNhZDhiODhiMDFiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK9AwDQYJKoZIhvcNAQELBQADggEBAEPtmZevB6nCck3zNU38ycv5 JhO34vE0kRiCQjGEDv8740wkkMD7R0MamZbrGg0YcDEREXIasZyJyGOto9N+Utf+ yzxKUYRFhGYbuogkOvopVs3CEBqh2MDhjw6Y/SrIdsu2E/+5YRoGFPKelL/6wPp1 v+x48ZIBEaF11zd/qP0HB8yGJ6bGoLsM9IVmrl/5uexTNYHJYl3y240Otz9tNARj fQsBTXwIXOUxVn8GxMEPyUzPcU3eSFkoW+iEemH2wdc+h4USQPVg9LEQL/STRq8N 08NGpzswCuyPIP6XuJj37KUd6vOEkI+EMnj3X/U6WxvlIJWgsF8aD1dSbxf3+Jo= -----END CERTIFICATE-----Generated at Sat Aug 23 17:47:35 2025 by rpki-client