$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: kW8NYWZj/E/StIyQluPL3r9uG3u0JJiZgUJ+lQnOSEY= Subject key identifier: 93:72:99:6A:9E:D0:E2:5A:B0:E9:58:7E:BF:C3:15:8F:C9:DF:55:46 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 699FBC97232D1A34015656E0090BC70DC9E4B588 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Fri 22 Aug 2025 00:00:03 +0000 ROA not before: Fri 22 Aug 2025 00:00:03 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:9f:bc:97:23:2d:1a:34:01:56:56:e0:09:0b:c7:0d:c9:e4:b5:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 22 00:00:03 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=8c89c1d4ee2e06d38f1d47ade430d862a6584045f26d40406407b40c0e66bddd, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:10:bb:f3:c9:11:2a:5c:3f:1d:d3:53:b1:f3: 83:7f:27:17:6b:fb:74:ac:5f:0a:4e:84:5d:21:81: 8f:3c:12:71:84:15:81:7a:9e:23:f2:d9:23:ec:91: 0b:73:aa:4b:0f:f7:b7:2b:3a:80:da:5d:d4:a9:1f: 4d:c1:5c:0e:a7:31:d3:77:15:b2:50:95:4b:a9:c6: 1a:ab:9a:88:5d:ab:e4:a2:ff:00:e7:13:c0:0c:5e: 7a:5a:2e:d9:3e:3c:4f:aa:6a:56:d3:4d:61:5b:0a: 5a:f2:ed:c2:57:d0:3f:42:a3:0e:2c:3a:78:b3:f6: e3:7b:89:35:8c:74:39:da:69:92:67:4c:46:6f:0e: fd:2f:51:ec:97:a7:f8:50:67:8c:7d:ff:56:1e:38: 64:01:23:88:5b:9d:5f:bf:07:ef:fe:d2:99:1b:ba: 22:5b:d2:68:58:3a:c5:2e:01:9c:89:91:8d:ce:eb: d6:6d:98:28:92:cf:fb:ad:88:6e:0e:5c:9f:d8:ff: 51:4a:48:90:7e:55:be:11:5b:16:2b:a5:d2:b6:38: a0:01:7d:10:17:4f:3f:2c:42:ff:13:28:4a:6c:a0: 40:25:c3:6d:2e:1c:2d:e2:27:d6:9f:9f:10:d9:7e: 36:b3:30:df:63:91:bd:28:c1:0a:3f:3b:c7:e1:6c: 27:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:72:99:6A:9E:D0:E2:5A:B0:E9:58:7E:BF:C3:15:8F:C9:DF:55:46 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 88:7c:5f:9e:a8:4d:67:45:b9:4c:f7:42:0c:73:91:5d:e0:df: a3:4b:eb:d5:6e:72:4a:2f:ce:c4:39:85:5f:ee:9f:98:55:4a: 23:60:42:cd:79:18:aa:cb:0d:87:98:46:db:b9:6f:ab:29:0a: a9:1b:7c:96:c8:94:0a:d3:9f:07:f9:0b:8d:85:72:f4:99:c9: e7:31:03:71:4f:1e:62:a1:b1:cb:18:f7:d8:31:fd:3a:9a:72: 53:f4:63:d9:55:66:1e:48:2b:81:78:0c:0e:24:f6:3b:43:c1: 54:64:5c:8f:83:9c:cd:da:38:fa:88:b6:fd:dc:f2:48:8b:04: 1b:09:15:a4:91:75:9c:f0:4e:41:59:ee:aa:0d:63:f3:87:8c: 80:09:26:c9:0d:16:2a:e6:a8:5a:65:b3:95:21:a9:6f:f4:c4: a7:72:19:7c:c1:03:2f:16:49:b5:78:dd:38:2d:ab:40:70:88: ea:0a:26:61:f9:35:5e:f9:fb:f8:7b:aa:40:3c:30:19:b7:ab: 37:fb:fc:f2:8f:62:2b:ce:42:32:fc:dd:0e:a6:b9:0a:28:a2: d3:23:2b:91:a2:e7:cf:03:0a:8d:31:f2:d4:39:57:96:27:a5: 26:03:de:37:e1:69:fc:a5:0d:8f:63:03:c5:f7:ee:e2:50:83: c6:6c:24:1e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUaZ+8lyMtGjQBVlbgCQvHDcnktYgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgyMjAwMDAwM1oX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAOGM4OWMxZDRlZTJlMDZkMzhmMWQ0 N2FkZTQzMGQ4NjJhNjU4NDA0NWYyNmQ0MDQwNjQwN2I0MGMwZTY2YmRkZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBC788kRKlw/HdNTsfODfycXa/t0 rF8KToRdIYGPPBJxhBWBep4j8tkj7JELc6pLD/e3KzqA2l3UqR9NwVwOpzHTdxWy UJVLqcYaq5qIXavkov8A5xPADF56Wi7ZPjxPqmpW001hWwpa8u3CV9A/QqMOLDp4 s/bje4k1jHQ52mmSZ0xGbw79L1Hsl6f4UGeMff9WHjhkASOIW51fvwfv/tKZG7oi W9JoWDrFLgGciZGNzuvWbZgoks/7rYhuDlyf2P9RSkiQflW+EVsWK6XStjigAX0Q F08/LEL/EyhKbKBAJcNtLhwt4ifWn58Q2X42szDfY5G9KMEKPzvH4WwnPwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJNymWqe0OJasOlYfr/DFY/J31VGMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQCIfF+eqE1nRblM90IMc5Fd 4N+jS+vVbnJKL87EOYVf7p+YVUojYELNeRiqyw2HmEbbuW+rKQqpG3yWyJQK058H +QuNhXL0mcnnMQNxTx5iobHLGPfYMf06mnJT9GPZVWYeSCuBeAwOJPY7Q8FUZFyP g5zN2jj6iLb93PJIiwQbCRWkkXWc8E5BWe6qDWPzh4yACSbJDRYq5qhaZbOVIalv 9MSnchl8wQMvFkm1eN04LatAcIjqCiZh+TVe+fv4e6pAPDAZt6s3+/zyj2IrzkIy /N0OprkKKKLTIyuRoufPAwqNMfLUOVeWJ6UmA9434Wn8pQ2PYwPF9+7iUIPGbCQe -----END CERTIFICATE-----Generated at Sat Aug 23 08:11:43 2025 by rpki-client