$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8804dfec-79d7-4390-a6a3-68e44e2370c9.roa File: 8804dfec-79d7-4390-a6a3-68e44e2370c9.roa (raw, json) Hash identifier: LNJub4CRKjUb+m+NUgjZInRQOfD07GvW5GCcLzF7Wcg= Subject key identifier: 8C:18:4B:1B:24:AA:CF:F3:E3:42:4F:03:52:00:09:60:4D:F2:DC:26 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 35E03ABF3B4956CD9C83DDBFAB71E2274CBCD7A7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8804dfec-79d7-4390-a6a3-68e44e2370c9.roa Signing time: Mon 04 Aug 2025 15:00:35 +0000 ROA not before: Mon 04 Aug 2025 15:00:35 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.56.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:e0:3a:bf:3b:49:56:cd:9c:83:dd:bf:ab:71:e2:27:4c:bc:d7:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 4 15:00:35 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=e6067f7f82144837fbb4d932dbbd8950a256dae532cddfe0d5cda76d06d8a6af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:63:d2:14:39:4a:f8:62:f4:2a:e6:bb:f2:09: 1e:1d:28:99:ed:b8:eb:c1:6a:d1:ab:f1:e0:87:42: a0:53:ad:9d:23:fb:ad:aa:99:1a:43:44:af:6c:c7: c6:dd:78:d7:1f:0a:2f:9a:bc:f0:71:dc:bd:66:86: 87:4b:e8:0f:c7:68:6d:ac:13:8d:9e:ab:9a:2a:ae: 77:be:bd:eb:ca:45:d3:b9:26:f5:ff:4e:82:10:e6: 22:15:b3:36:09:0c:37:96:7b:dc:dd:92:7b:03:58: 50:e0:5f:e2:99:a6:2d:21:6c:a2:9e:14:96:23:33: c0:d6:fb:44:3a:51:9b:88:a4:4b:13:67:c4:8a:25: 0f:df:2f:e9:45:bf:ad:65:fe:66:97:e8:2a:e6:0d: 43:27:8d:af:c7:74:6b:3b:aa:7e:3a:8e:d1:8a:6f: d0:3e:2b:4d:8a:f2:cf:6b:cc:0e:a1:5d:60:08:64: 74:08:3b:2d:f3:e2:69:c5:3f:a3:e3:41:0c:ec:57: b4:b3:69:51:29:d6:68:82:ca:6c:12:ec:9c:ac:6e: d8:4b:c1:76:7c:d6:26:87:9c:4a:7c:70:1c:5b:44: fc:c3:a5:f1:b3:1b:62:f6:0f:63:56:11:1c:af:4f: 33:c4:07:e2:d7:b7:08:96:ad:22:57:06:93:4e:95: f2:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:18:4B:1B:24:AA:CF:F3:E3:42:4F:03:52:00:09:60:4D:F2:DC:26 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8804dfec-79d7-4390-a6a3-68e44e2370c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.56.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:96:aa:73:c2:77:85:2b:5b:3e:ba:8f:e0:01:2d:6f:58:cf: 8b:37:e1:3d:5e:ab:73:e9:ee:a2:15:b4:62:af:65:fc:c6:a8: 80:9e:22:69:54:42:d2:60:2a:88:6f:42:6f:be:47:ef:9b:3d: d5:70:65:84:34:65:55:ac:28:c9:cd:4e:7f:2a:3d:83:a1:e5: 50:8f:51:27:2c:4e:5a:c2:c5:2d:3a:c8:cf:ed:3e:05:21:d6: 8d:cb:dd:52:8c:60:78:be:b3:0e:e5:48:fc:2f:f4:4e:a7:bb: 96:9f:af:82:6b:55:ff:a6:85:ec:0c:f3:a2:30:bb:3c:da:05: 6e:74:03:3f:ed:70:8b:52:b8:10:cf:a1:6b:0f:9a:6e:f8:d9: 3e:38:fb:fc:01:c4:ed:a9:07:f5:89:17:4a:f0:47:ad:32:aa: 11:fe:3a:3e:1c:dc:2b:40:b8:e8:5d:d4:12:c4:77:fe:92:31: ed:2d:33:db:5e:72:cc:5b:1f:98:89:aa:7d:83:24:89:5f:e9: 19:c2:b9:ed:9d:28:a5:df:4b:7c:6c:7b:0b:7e:bb:c1:ad:cc: 30:ab:32:de:7a:57:28:75:3b:29:68:46:7d:78:49:16:25:25: 5f:e5:6e:9f:e1:7f:e2:c3:6b:f0:36:cd:4d:da:b0:6f:68:89: 5d:e7:4f:00 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUNeA6vztJVs2cg92/q3HiJ0y816cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwNDE1MDAzNVoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAZTYwNjdmN2Y4MjE0NDgzN2ZiYjRk OTMyZGJiZDg5NTBhMjU2ZGFlNTMyY2RkZmUwZDVjZGE3NmQwNmQ4YTZhZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2PSFDlK+GL0Kua78gkeHSiZ7bjr wWrRq/Hgh0KgU62dI/utqpkaQ0SvbMfG3XjXHwovmrzwcdy9ZoaHS+gPx2htrBON nquaKq53vr3rykXTuSb1/06CEOYiFbM2CQw3lnvc3ZJ7A1hQ4F/imaYtIWyinhSW IzPA1vtEOlGbiKRLE2fEiiUP3y/pRb+tZf5ml+gq5g1DJ42vx3RrO6p+Oo7Rim/Q PitNivLPa8wOoV1gCGR0CDst8+JpxT+j40EM7Fe0s2lRKdZogspsEuycrG7YS8F2 fNYmh5xKfHAcW0T8w6Xxsxti9g9jVhEcr08zxAfi17cIlq0iVwaTTpXySwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIwYSxskqs/z40JPA1IACWBN8twmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg4MDRkZmVjLTc5ZDctNDM5MC1hNmEzLTY4ZTQ0ZTIzNzBjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9A4MA0GCSqGSIb3DQEBCwUAA4IBAQB/lqpzwneFK1s+uo/gAS1v WM+LN+E9Xqtz6e6iFbRir2X8xqiAniJpVELSYCqIb0Jvvkfvmz3VcGWENGVVrCjJ zU5/Kj2DoeVQj1EnLE5awsUtOsjP7T4FIdaNy91SjGB4vrMO5Uj8L/ROp7uWn6+C a1X/poXsDPOiMLs82gVudAM/7XCLUrgQz6FrD5pu+Nk+OPv8AcTtqQf1iRdK8Eet MqoR/jo+HNwrQLjoXdQSxHf+kjHtLTPbXnLMWx+Yiap9gySJX+kZwrntnSil30t8 bHsLfrvBrcwwqzLeelcodTspaEZ9eEkWJSVf5W6f4X/iw2vwNs1N2rBvaIld508A -----END CERTIFICATE-----Generated at Sat Aug 23 08:13:47 2025 by rpki-client