$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa File: 9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa (raw, json) Hash identifier: 5v2YlSwv/wrSmEEOL1b81kDfnrPjIc4+jjLbMG9ZEiQ= Subject key identifier: E4:0B:18:BC:97:EA:46:E1:6E:6C:52:F5:22:B1:48:22:74:04:BB:56 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 047204E76DF9B2B47E106F2DF7AF01EF5F6A906D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa Signing time: Mon 16 Jun 2025 15:00:22 +0000 ROA not before: Mon 16 Jun 2025 15:00:22 +0000 ROA not after: Mon 21 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.210.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:72:04:e7:6d:f9:b2:b4:7e:10:6f:2d:f7:af:01:ef:5f:6a:90:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 16 15:00:22 2025 GMT Not After : Jul 21 23:59:59 2025 GMT Subject: serialNumber=9a89f81558a51643325d45f124e365690adc45f84d973af79a3aee49e161ef5a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e8:16:21:c1:97:85:8c:9b:70:c2:7f:1e:ac: 8d:fb:b5:36:37:ef:c6:46:ae:47:d5:24:10:ac:d5: 4f:ae:32:ce:1e:9b:54:c8:ef:00:82:f1:f8:b4:12: 2c:2d:b4:e1:f1:20:d1:88:81:87:30:c7:25:40:2e: e8:f0:38:ef:80:df:be:72:df:ec:a5:66:04:2e:42: b6:54:c2:13:36:d2:76:5f:fc:61:15:5c:49:a2:a1: d0:ba:31:1d:c5:d5:ab:18:72:fa:8d:1f:9b:fc:6f: da:1f:cd:e0:c6:37:ca:2f:9b:d9:da:35:0d:82:f5: 53:f6:0a:80:ef:5e:ca:0b:89:3b:d3:39:b7:7d:95: 67:fb:36:9b:c9:0f:aa:0d:61:bd:fb:5d:53:78:ce: 1b:65:3a:8b:04:dc:15:37:ee:55:ef:a3:08:7c:a5: 52:64:71:5b:f5:1b:11:06:54:80:30:30:05:b1:ad: 96:6c:0b:06:55:e2:73:35:18:d9:db:7a:fc:8c:d1: 4a:30:8d:c5:aa:ef:04:9f:3d:bf:04:07:e3:af:88: f6:3f:9e:f6:4c:84:ab:0f:a8:90:64:7b:d9:4a:51: 2d:44:1e:3d:14:78:c1:5c:a7:fe:16:b7:73:f1:2d: 98:f9:38:69:33:91:8c:74:10:d6:0e:fc:58:77:63: 94:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:0B:18:BC:97:EA:46:E1:6E:6C:52:F5:22:B1:48:22:74:04:BB:56 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.210.0.0/15 Signature Algorithm: sha256WithRSAEncryption ca:84:c5:cd:50:e6:1e:4f:f0:32:10:41:18:08:33:6d:81:6b: 00:5d:9e:38:b8:a8:1d:b1:5c:f9:77:66:98:07:93:e3:bc:ec: e9:f2:54:ad:e0:5d:7f:20:48:ec:2c:15:d6:ed:bf:1f:f2:cc: fa:07:31:32:76:d8:16:26:23:3c:b8:98:ac:d2:56:a0:78:a5: 3f:5c:92:ef:fa:04:5b:14:50:68:24:c2:dd:65:e1:3d:af:c6: 7c:44:41:1a:d2:5c:8c:4e:4f:c6:66:35:5f:25:17:44:08:ef: ba:8f:b0:91:07:b5:1a:1b:b5:ad:dc:47:ad:48:d8:90:4d:c7: 5a:2a:76:12:1b:7c:d9:b7:20:29:90:84:f5:7e:17:ae:4a:a3: 00:3a:48:d2:c0:e0:bc:47:1c:76:71:8d:04:38:09:22:5b:88: 55:9f:b4:6b:af:d5:f0:76:e5:0d:66:cd:33:6f:36:2a:04:6c: 34:d4:8a:b1:50:42:87:f9:cf:6b:1a:d0:1b:5a:c2:f9:06:6a: 87:a0:25:35:b1:55:a3:8b:28:ba:fd:63:d7:c3:8f:87:8a:5d: a6:f7:1a:4f:86:bc:07:c0:41:36:07:9c:75:67:72:c8:64:be: e8:8d:0c:86:20:ad:1a:82:89:b7:2d:dd:ff:ae:58:81:b7:f3: 93:f1:8f:06 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUBHIE5235srR+EG8t968B719qkG0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNjE1MDAyMloX DTI1MDcyMTIzNTk1OVowejFJMEcGA1UEBRNAOWE4OWY4MTU1OGE1MTY0MzMyNWQ0 NWYxMjRlMzY1NjkwYWRjNDVmODRkOTczYWY3OWEzYWVlNDllMTYxZWY1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqegWIcGXhYybcMJ/HqyN+7U2N+/G Rq5H1SQQrNVPrjLOHptUyO8AgvH4tBIsLbTh8SDRiIGHMMclQC7o8DjvgN++ct/s pWYELkK2VMITNtJ2X/xhFVxJoqHQujEdxdWrGHL6jR+b/G/aH83gxjfKL5vZ2jUN gvVT9gqA717KC4k70zm3fZVn+zabyQ+qDWG9+11TeM4bZTqLBNwVN+5V76MIfKVS ZHFb9RsRBlSAMDAFsa2WbAsGVeJzNRjZ23r8jNFKMI3Fqu8Enz2/BAfjr4j2P572 TISrD6iQZHvZSlEtRB49FHjBXKf+Frdz8S2Y+ThpM5GMdBDWDvxYd2OUhwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFOQLGLyX6kbhbmxS9SKxSCJ0BLtWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhODRjNWZiLWQwNzUtNDBhZS1hZmFkLWFkNTliM2UyZWJmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9IwDQYJKoZIhvcNAQELBQADggEBAMqExc1Q5h5P8DIQQRgIM22B awBdnji4qB2xXPl3ZpgHk+O87OnyVK3gXX8gSOwsFdbtvx/yzPoHMTJ22BYmIzy4 mKzSVqB4pT9cku/6BFsUUGgkwt1l4T2vxnxEQRrSXIxOT8ZmNV8lF0QI77qPsJEH tRobta3cR61I2JBNx1oqdhIbfNm3ICmQhPV+F65KowA6SNLA4LxHHHZxjQQ4CSJb iFWftGuv1fB25Q1mzTNvNioEbDTUirFQQof5z2sa0BtawvkGaoegJTWxVaOLKLr9 Y9fDj4eKXab3Gk+GvAfAQTYHnHVncshkvuiNDIYgrRqCibct3f+uWIG385PxjwY= -----END CERTIFICATE-----Generated at Sun Jun 29 05:18:12 2025 by rpki-client