$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa File: 9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa (raw, json) Hash identifier: fJdTHEyuBrOLry6Z/JcM6Hqma6KQl6b/l23lzT8KWYQ= Subject key identifier: E8:41:D0:7A:02:9D:ED:B1:4E:C7:06:04:A7:4E:D5:8A:06:12:33:66 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7ACAF0F8F4A5E053948DF3AD082487520ED6CF52 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa Signing time: Tue 05 Aug 2025 00:00:23 +0000 ROA not before: Tue 05 Aug 2025 00:00:23 +0000 ROA not after: Tue 09 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.210.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:ca:f0:f8:f4:a5:e0:53:94:8d:f3:ad:08:24:87:52:0e:d6:cf:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 5 00:00:23 2025 GMT Not After : Sep 9 23:59:59 2025 GMT Subject: serialNumber=7290b3f1506e30121bca0635a78b7c05a9554b4e248c2d42757516d3bb3902d4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:35:16:d3:35:33:d1:f7:e6:41:f1:a9:a5:b4: fd:c8:c4:40:0c:3a:14:75:9e:b3:62:b4:da:6d:88: dd:f0:d5:ed:96:51:54:a5:e9:86:89:56:16:fe:89: c4:ec:6f:76:21:d9:8f:64:7c:dd:ef:ed:13:ef:58: 31:62:65:4a:90:66:78:4b:7e:8c:00:78:01:c3:d5: 2f:30:ed:33:33:cb:ec:40:f9:8e:d5:b4:4d:95:b0: fb:3a:be:24:5e:1d:4b:b5:fb:fd:17:00:8a:5d:bd: a6:2a:7b:79:3f:d8:b6:ad:aa:24:f5:44:0a:c2:4c: 82:0b:3b:45:50:03:f7:f1:ec:2b:16:4d:3c:50:e9: 40:e7:5c:df:a0:36:f9:a4:d9:55:52:32:7c:f4:fd: e4:0f:44:f8:e5:bd:a4:3c:25:26:da:1c:7a:62:dd: 55:bd:4c:f7:12:7d:3f:89:06:c0:95:21:fe:1a:7d: 1e:5d:90:6b:53:a4:43:ed:2d:eb:69:39:03:bf:67: 13:f2:4f:9b:71:98:6d:88:ff:41:34:ab:7e:91:53: 1b:e9:03:54:c0:79:1e:98:04:3f:ef:40:5e:8f:02: e5:ce:bd:f7:8e:b8:60:0f:40:1c:89:d8:ef:4e:94: ad:f6:de:c9:21:e1:7c:36:a4:bf:3a:01:fe:7a:d3: c7:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:41:D0:7A:02:9D:ED:B1:4E:C7:06:04:A7:4E:D5:8A:06:12:33:66 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.210.0.0/15 Signature Algorithm: sha256WithRSAEncryption 12:1a:c0:c5:1e:bb:77:84:98:21:76:a8:1d:bd:55:13:1a:51: 03:5b:75:86:a4:0b:ad:e3:c0:52:32:d8:c3:3c:17:7f:86:1a: c6:1b:66:53:68:1e:f6:5d:58:49:a3:e1:33:70:64:9f:c4:1f: 7f:d1:5d:24:07:5d:c0:af:ef:6c:50:85:49:b8:bc:68:c0:6b: c5:eb:63:f6:26:1b:bc:a9:4b:63:78:7e:d1:40:48:38:91:11: eb:f8:a1:e8:54:34:7a:e4:0e:4a:5b:5b:10:1c:29:db:6b:6f: 1e:2e:f0:25:cf:5e:24:ea:b6:01:ed:86:b8:4e:1a:0a:59:05: af:77:65:ee:1a:e5:5f:2a:44:6a:df:5a:ff:1d:9d:b5:a6:db: d3:e2:19:03:e1:7c:e1:cf:02:38:85:31:0e:d7:d1:c9:67:63: 13:2e:ef:70:a0:57:05:7b:ef:4f:09:02:3e:79:32:79:71:72: 05:ec:ad:49:45:f9:8e:39:b1:1c:91:ef:fc:fa:41:67:78:6e: ff:94:e8:fd:5a:ae:b9:27:e7:53:38:4d:22:eb:ec:b0:97:3c: 34:a7:04:ec:a4:85:0e:52:74:e7:5f:e4:44:c4:8a:93:f7:cf: d1:86:34:cc:9e:8c:08:99:1e:b5:77:89:f0:8b:a4:d8:46:8e: d6:b4:72:2a -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUesrw+PSl4FOUjfOtCCSHUg7Wz1IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwNTAwMDAyM1oX DTI1MDkwOTIzNTk1OVowejFJMEcGA1UEBRNANzI5MGIzZjE1MDZlMzAxMjFiY2Ew NjM1YTc4YjdjMDVhOTU1NGI0ZTI0OGMyZDQyNzU3NTE2ZDNiYjM5MDJkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjUW0zUz0ffmQfGppbT9yMRADDoU dZ6zYrTabYjd8NXtllFUpemGiVYW/onE7G92IdmPZHzd7+0T71gxYmVKkGZ4S36M AHgBw9UvMO0zM8vsQPmO1bRNlbD7Or4kXh1Ltfv9FwCKXb2mKnt5P9i2raok9UQK wkyCCztFUAP38ewrFk08UOlA51zfoDb5pNlVUjJ89P3kD0T45b2kPCUm2hx6Yt1V vUz3En0/iQbAlSH+Gn0eXZBrU6RD7S3raTkDv2cT8k+bcZhtiP9BNKt+kVMb6QNU wHkemAQ/70BejwLlzr33jrhgD0AcidjvTpSt9t7JIeF8NqS/OgH+etPHGQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFOhB0HoCne2xTscGBKdO1YoGEjNmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhODRjNWZiLWQwNzUtNDBhZS1hZmFkLWFkNTliM2UyZWJmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9IwDQYJKoZIhvcNAQELBQADggEBABIawMUeu3eEmCF2qB29VRMa UQNbdYakC63jwFIy2MM8F3+GGsYbZlNoHvZdWEmj4TNwZJ/EH3/RXSQHXcCv72xQ hUm4vGjAa8XrY/YmG7ypS2N4ftFASDiREev4oehUNHrkDkpbWxAcKdtrbx4u8CXP XiTqtgHthrhOGgpZBa93Ze4a5V8qRGrfWv8dnbWm29PiGQPhfOHPAjiFMQ7X0cln YxMu73CgVwV7708JAj55MnlxcgXsrUlF+Y45sRyR7/z6QWd4bv+U6P1arrkn51M4 TSLr7LCXPDSnBOykhQ5SdOdf5ETEipP3z9GGNMyejAiZHrV3ifCLpNhGjta0cio= -----END CERTIFICATE-----Generated at Sat Aug 23 10:06:25 2025 by rpki-client