$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7c0696d-ba0c-47de-9916-42ee007b9201.roa File: b7c0696d-ba0c-47de-9916-42ee007b9201.roa (raw, json) Hash identifier: vSysdMgIyM1WfbKn9ZfZ0jvacvflisCE2kgaaG044s4= Subject key identifier: 63:83:35:A8:27:75:CE:02:AE:C9:DF:3D:CE:A2:6D:6C:B3:23:A1:09 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27DF47160EB22740A257EBC34EF3D0066C9047 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7c0696d-ba0c-47de-9916-42ee007b9201.roa Signing time: Wed 06 Aug 2025 06:37:01 +0000 ROA not before: Wed 06 Aug 2025 06:37:01 +0000 ROA not after: Wed 10 Sep 2025 23:59:59 +0000 asID: 14618 IP address blocks: 43.221.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:df:47:16:0e:b2:27:40:a2:57:eb:c3:4e:f3:d0:06:6c:90:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 6 06:37:01 2025 GMT Not After : Sep 10 23:59:59 2025 GMT Subject: serialNumber=9003cc690ce7f0beef9d144114fd90ec33dc85f33121dc1bda9a5910ad000eaf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:90:9f:8a:d0:87:63:40:b9:63:45:1b:7f:c8: de:e8:b7:fc:73:62:3d:41:b5:15:ad:d8:dd:b7:8b: 81:d6:7a:25:d2:94:19:29:b0:82:de:7b:73:02:8e: dd:e4:f5:53:60:dd:34:14:93:b6:51:05:7a:10:bd: 56:9c:d0:da:14:87:89:97:e3:f5:dc:a6:f4:30:18: da:d1:57:ca:35:35:b8:3d:2f:75:73:af:ad:68:74: 60:6c:c7:9e:b6:88:ee:a6:da:c0:9c:bf:d2:dc:f2: 49:78:fa:7b:e9:fa:35:ad:b9:67:8a:95:99:19:0b: bf:51:a3:f6:e8:a5:f5:73:23:98:bd:f4:44:51:e9: 53:08:b3:84:6e:d4:52:43:62:09:59:64:be:36:eb: ac:7a:2c:1a:73:f3:03:e7:47:ea:47:d2:1f:72:88: f2:4b:11:c7:ba:ca:f7:7b:d1:1e:62:b1:7d:bc:c1: 79:38:1e:cb:30:1a:5d:16:67:2d:e9:8b:d0:c7:f2: 4c:53:75:ec:8e:59:72:7b:51:63:76:be:f2:84:ff: 73:6b:e4:ed:2a:b9:3e:7e:ad:9a:64:7d:14:a7:1d: c5:56:62:41:1b:f7:9b:df:fd:e4:b0:ea:2f:23:54: 77:55:ac:e3:c5:88:74:aa:a8:5c:1b:8e:cf:40:9f: 9c:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:83:35:A8:27:75:CE:02:AE:C9:DF:3D:CE:A2:6D:6C:B3:23:A1:09 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7c0696d-ba0c-47de-9916-42ee007b9201.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.221.0.0/16 Signature Algorithm: sha256WithRSAEncryption bf:da:1e:f6:74:ea:c8:d2:ea:4c:6c:2c:95:8f:13:81:c5:c7: 6e:99:d5:5e:ae:c7:1b:14:13:e7:2e:34:a6:20:e5:28:60:c7: d4:48:50:7e:8d:b5:5f:95:8e:a6:80:eb:82:2f:0f:7b:a4:ee: cd:8f:58:d1:08:ae:62:e3:a6:11:8a:9d:38:c1:89:3f:93:fa: 6d:a2:d2:ea:30:ac:f4:25:c3:90:c4:60:76:20:70:c3:13:ad: d4:f5:fb:67:8d:fa:d1:71:96:29:2f:2f:35:b8:28:0f:f7:43: de:61:95:17:40:4e:96:55:2c:88:ba:f5:9c:88:c5:84:c8:19: 44:74:fa:07:1c:d2:da:01:8e:68:89:9d:26:f2:eb:c7:c8:3e: 41:24:d5:8b:06:33:9b:8c:f5:55:05:ac:dc:66:fc:96:6d:4f: ea:db:2c:02:d5:0a:80:4a:b6:a8:51:ba:56:ba:4d:fa:f9:f7: 23:59:a9:4b:8c:a1:b3:97:3d:6d:e9:01:21:91:2b:94:7d:72: d9:c3:9e:b9:50:05:36:c6:73:fa:02:8d:e5:ef:78:5a:79:99: 95:11:e8:46:37:2b:0b:ff:2a:4b:37:0c:df:1c:e7:a1:a0:d0: 62:92:62:36:a1:91:69:d3:39:6f:eb:7b:bd:e8:6f:5c:10:c8: 61:31:7b:15 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgITJ99HFg6yJ0CiV+vDTvPQBmyQRzANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwODA2MDYzNzAxWhcN MjUwOTEwMjM1OTU5WjB6MUkwRwYDVQQFE0A5MDAzY2M2OTBjZTdmMGJlZWY5ZDE0 NDExNGZkOTBlYzMzZGM4NWYzMzEyMWRjMWJkYTlhNTkxMGFkMDAwZWFmMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6kJ+K0IdjQLljRRt/yN7ot/xzYj1B tRWt2N23i4HWeiXSlBkpsILee3MCjt3k9VNg3TQUk7ZRBXoQvVac0NoUh4mX4/Xc pvQwGNrRV8o1Nbg9L3Vzr61odGBsx562iO6m2sCcv9Lc8kl4+nvp+jWtuWeKlZkZ C79Ro/bopfVzI5i99ERR6VMIs4Ru1FJDYglZZL4266x6LBpz8wPnR+pH0h9yiPJL Ece6yvd70R5isX28wXk4HsswGl0WZy3pi9DH8kxTdeyOWXJ7UWN2vvKE/3Nr5O0q uT5+rZpkfRSnHcVWYkEb95vf/eSw6i8jVHdVrOPFiHSqqFwbjs9An5zzAgMBAAGj ggJHMIICQzAdBgNVHQ4EFgQUY4M1qCd1zgKuyd89zqJtbLMjoQkwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv YjdjMDY5NmQtYmEwYy00N2RlLTk5MTYtNDJlZTAwN2I5MjAxLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsE AgABMAUDAwAr3TANBgkqhkiG9w0BAQsFAAOCAQEAv9oe9nTqyNLqTGwslY8TgcXH bpnVXq7HGxQT5y40piDlKGDH1EhQfo21X5WOpoDrgi8Pe6TuzY9Y0QiuYuOmEYqd OMGJP5P6baLS6jCs9CXDkMRgdiBwwxOt1PX7Z4360XGWKS8vNbgoD/dD3mGVF0BO llUsiLr1nIjFhMgZRHT6BxzS2gGOaImdJvLrx8g+QSTViwYzm4z1VQWs3Gb8lm1P 6tssAtUKgEq2qFG6VrpN+vn3I1mpS4yhs5c9bekBIZErlH1y2cOeuVAFNsZz+gKN 5e94WnmZlRHoRjcrC/8qSzcM3xznoaDQYpJiNqGRadM5b+t7vehvXBDIYTF7FQ== -----END CERTIFICATE-----Generated at Sat Aug 23 08:11:34 2025 by rpki-client