$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: WZEBUYJ8tacARmr4fleo5f2OpBdK8KyouIR8J9T3D1E= Subject key identifier: 35:CB:BF:C4:78:E6:4D:98:33:12:41:7A:B3:70:E2:87:3E:28:4D:8C Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 41F4DE5B31422C0DEF884388FE272FF4B6AB4E7E Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Sat 09 Aug 2025 00:00:05 +0000 ROA not before: Sat 09 Aug 2025 00:00:05 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:04:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:f4:de:5b:31:42:2c:0d:ef:88:43:88:fe:27:2f:f4:b6:ab:4e:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Aug 9 00:00:05 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=120912ddce33d814a72152fe9c5f266e43f93317fa98e3d26772de95ec0727d9, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:d5:a1:22:ae:1c:37:82:32:b2:68:28:b7:9d: b2:6b:6e:53:d6:18:1d:a4:d7:20:4e:53:87:10:fb: ea:d3:e4:63:94:8f:32:72:0e:ee:0c:f4:11:0f:aa: 3d:ef:ba:b3:27:79:89:fd:7d:89:5e:ec:f5:82:6f: b0:d7:72:21:1f:e7:3d:4b:d0:ba:f0:b5:7d:23:3b: 2f:f3:9b:43:00:a4:e1:46:f5:e0:50:a6:27:1a:01: 71:5d:ac:3c:64:93:bf:68:d8:ba:f3:21:d6:7b:8a: af:3e:4a:72:ce:53:e3:4f:31:6f:df:bf:06:ab:11: 14:be:0e:cb:fa:c0:f5:1e:88:09:bb:35:c1:ca:9b: 0e:93:37:d9:4f:73:56:4e:b6:44:39:c4:d7:4a:9b: aa:b5:df:1c:30:16:64:c9:56:d6:f6:88:d0:20:63: fb:fb:a9:0e:37:d1:56:f9:f7:ac:04:ac:5c:53:f8: a7:b5:bb:9e:d0:5a:1e:fa:eb:b6:76:70:47:39:33: 37:2e:cb:8b:4d:b2:eb:88:8f:98:b9:62:5d:bc:77: 58:eb:c8:14:b8:e1:55:23:4a:9d:57:ac:ef:3f:92: c4:5a:ee:bb:2e:e6:a5:3b:67:49:81:d3:74:7f:0f: 1c:f8:d7:45:d2:52:74:ba:89:fc:4c:68:29:4c:dd: c4:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:CB:BF:C4:78:E6:4D:98:33:12:41:7A:B3:70:E2:87:3E:28:4D:8C X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:42:15:a8:6a:b4:33:39:2b:89:ef:de:30:1a:56:73:7f:04: 4e:b2:c0:6d:f9:f9:22:d9:30:1e:c4:ba:3a:cc:ec:c1:c1:de: f4:af:e5:33:c9:3c:b8:2c:5a:a6:d2:b6:9f:6a:fc:48:2c:96: 9e:33:a9:22:d9:c8:47:c7:af:72:90:a5:d8:1c:a1:1d:5e:20: da:e8:b3:9b:d3:a9:ba:3f:bf:93:6d:10:48:6c:a1:55:dc:b7: 9e:1c:e1:7d:8b:59:e7:df:34:79:a7:72:8f:cc:a1:b1:60:ea: 9e:59:4d:fc:59:5e:47:e0:36:b6:f9:c3:ab:6d:fe:8b:1d:1d: a9:01:c4:8c:27:dd:05:75:24:79:ce:52:ed:07:80:15:57:52: 7d:ee:6b:0e:db:56:79:c9:4e:30:5e:cd:44:34:cf:36:70:c0: 18:09:58:7d:38:19:c0:4c:0f:14:07:de:f5:30:8c:5f:bc:88: 67:61:e7:90:fe:0b:70:da:6d:c4:8c:f6:68:81:fc:8c:7d:22: 0a:a0:96:71:47:36:7e:99:d6:25:63:da:d9:9e:5c:63:15:80: 10:ae:cb:18:0f:24:64:10:2c:33:98:fe:a4:0d:a7:85:4c:9b: bd:1e:7c:d1:d2:b6:ac:7b:4b:ed:eb:4c:af:7e:57:12:ce:b9: c2:3e:7c:e4 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQfTeWzFCLA3viEOI/icv9LarTn4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDgwOTAwMDAwNVoX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNAMTIwOTEyZGRjZTMzZDgxNGE3MjE1 MmZlOWM1ZjI2NmU0M2Y5MzMxN2ZhOThlM2QyNjc3MmRlOTVlYzA3MjdkOTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9WhIq4cN4Iysmgot52ya25T1hgd pNcgTlOHEPvq0+RjlI8ycg7uDPQRD6o977qzJ3mJ/X2JXuz1gm+w13IhH+c9S9C6 8LV9Izsv85tDAKThRvXgUKYnGgFxXaw8ZJO/aNi68yHWe4qvPkpyzlPjTzFv378G qxEUvg7L+sD1HogJuzXBypsOkzfZT3NWTrZEOcTXSpuqtd8cMBZkyVbW9ojQIGP7 +6kON9FW+fesBKxcU/intbue0Foe+uu2dnBHOTM3LsuLTbLriI+YuWJdvHdY68gU uOFVI0qdV6zvP5LEWu67LualO2dJgdN0fw8c+NdF0lJ0uon8TGgpTN3EUwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDXLv8R45k2YMxJBerNw4oc+KE2MMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBqQhWoarQzOSuJ794wGlZz fwROssBt+fki2TAexLo6zOzBwd70r+UzyTy4LFqm0rafavxILJaeM6ki2chHx69y kKXYHKEdXiDa6LOb06m6P7+TbRBIbKFV3LeeHOF9i1nn3zR5p3KPzKGxYOqeWU38 WV5H4Da2+cOrbf6LHR2pAcSMJ90FdSR5zlLtB4AVV1J97msO21Z5yU4wXs1ENM82 cMAYCVh9OBnATA8UB971MIxfvIhnYeeQ/gtw2m3EjPZogfyMfSIKoJZxRzZ+mdYl Y9rZnlxjFYAQrssYDyRkECwzmP6kDaeFTJu9HnzR0rase0vt60yvflcSzrnCPnzk -----END CERTIFICATE-----Generated at Sat Aug 23 19:48:26 2025 by rpki-client