$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: aRr48goc4jjT+XXiAlVza/pPkiRdouAcVnrQ9WsRqv0= Subject key identifier: 25:EE:81:50:A1:EB:DA:47:0B:5C:4F:1B:5B:2A:5F:D8:30:C2:7A:E3 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 12C8635E6E31BCAA6CF0BC77106A2E54C8B29F16 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Sat 21 Jun 2025 00:00:05 +0000 ROA not before: Sat 21 Jun 2025 00:00:05 +0000 ROA not after: Sat 26 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:c8:63:5e:6e:31:bc:aa:6c:f0:bc:77:10:6a:2e:54:c8:b2:9f:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 21 00:00:05 2025 GMT Not After : Jul 26 23:59:59 2025 GMT Subject: serialNumber=d13c17690096b2827b4b6f1da5f5e6817296daff488da5b0c415c63174444fad, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:e7:ef:c7:69:aa:77:79:df:fb:d5:f3:30:ba: 4c:f5:72:3f:05:6d:0a:18:00:ea:ea:e9:a8:62:bf: 0d:9d:be:2b:09:cf:2f:9a:2a:3a:24:b1:b6:39:c8: d9:91:5c:ed:0d:7d:e0:51:1a:b0:99:3e:1b:bb:e7: 18:9c:29:ce:9f:63:ec:c3:87:de:1b:db:2b:b4:86: 89:17:84:9f:1a:82:e6:3b:c2:90:f3:d0:27:27:42: ad:11:ec:29:19:53:b6:33:60:9d:12:f9:ae:24:a9: e0:69:69:e9:e8:df:9e:09:a1:1f:4d:11:d6:8c:a0: 53:b2:36:bf:c3:f0:03:7c:96:7e:e2:1d:a7:8e:d1: 9d:90:4d:5d:53:7f:4b:52:55:a1:f9:13:8d:9b:46: 99:e2:7f:7f:e9:25:5d:36:6f:a5:44:11:53:80:d7: eb:14:74:cf:10:32:cd:33:57:6a:cc:a5:c7:fe:82: 19:70:e2:49:3a:34:03:38:1a:d0:a7:99:c3:a4:b4: 1f:40:e5:d6:1e:df:25:8f:6a:aa:15:63:92:63:cb: d2:08:e3:11:e1:d6:7a:b1:70:21:f3:78:b2:7a:90: 6b:39:c1:fc:1f:f2:c5:5e:8c:57:01:aa:e6:43:a0: df:ad:f9:cb:4d:eb:15:02:19:1d:6d:a2:2b:f3:6f: 67:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:EE:81:50:A1:EB:DA:47:0B:5C:4F:1B:5B:2A:5F:D8:30:C2:7A:E3 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 7b:82:db:1a:7d:05:c6:25:ca:cb:85:74:08:66:a8:c4:de:51: 59:f7:0f:49:e3:b8:ca:03:61:0f:c7:00:e4:dc:7b:e8:ac:93: c9:75:52:c6:e2:d5:36:7c:fb:27:2f:01:d6:56:06:4e:b1:5a: 06:6d:e2:c3:3d:4d:6e:95:99:49:13:b3:11:79:30:32:09:44: 89:26:98:eb:8c:c9:28:5f:25:fd:b8:8b:a7:63:fe:e1:3e:26: 29:22:3a:40:d8:eb:05:2e:56:7e:58:2b:0d:ff:b8:15:00:97: e8:08:d3:f8:d9:c0:fd:59:4a:20:87:20:a1:66:c9:32:b5:27: 62:e0:0b:b0:99:04:e6:9a:34:63:1d:e4:2f:99:92:e6:92:67: ca:2f:8f:1e:06:e1:3e:24:58:a7:a5:a2:fb:a3:fd:ab:38:ce: 9e:70:be:a4:7a:ef:67:06:6c:29:66:5a:b7:8f:4c:28:cc:2d: 15:b3:33:14:a4:c7:6d:e5:07:9b:97:ab:f7:ad:d5:64:e4:8e: 4f:91:57:65:bc:87:2f:22:04:37:32:8e:5c:83:f4:93:a3:e0: 94:bd:20:dc:22:af:8f:ef:0d:c2:ba:5a:2d:bb:54:b0:c3:5f: 35:87:00:89:55:43:88:bb:70:cf:e7:3c:58:0b:8d:fc:e7:27: 63:6a:d5:62 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEshjXm4xvKps8Lx3EGouVMiynxYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYyMTAwMDAwNVoX DTI1MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAZDEzYzE3NjkwMDk2YjI4MjdiNGI2 ZjFkYTVmNWU2ODE3Mjk2ZGFmZjQ4OGRhNWIwYzQxNWM2MzE3NDQ0NGZhZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOfvx2mqd3nf+9XzMLpM9XI/BW0K GADq6umoYr8Nnb4rCc8vmio6JLG2OcjZkVztDX3gURqwmT4bu+cYnCnOn2Psw4fe G9srtIaJF4SfGoLmO8KQ89AnJ0KtEewpGVO2M2CdEvmuJKngaWnp6N+eCaEfTRHW jKBTsja/w/ADfJZ+4h2njtGdkE1dU39LUlWh+RONm0aZ4n9/6SVdNm+lRBFTgNfr FHTPEDLNM1dqzKXH/oIZcOJJOjQDOBrQp5nDpLQfQOXWHt8lj2qqFWOSY8vSCOMR 4dZ6sXAh83iyepBrOcH8H/LFXoxXAarmQ6DfrfnLTesVAhkdbaIr829nawIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCXugVCh69pHC1xPG1sqX9gwwnrjMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQB7gtsafQXGJcrLhXQIZqjE 3lFZ9w9J47jKA2EPxwDk3HvorJPJdVLG4tU2fPsnLwHWVgZOsVoGbeLDPU1ulZlJ E7MReTAyCUSJJpjrjMkoXyX9uIunY/7hPiYpIjpA2OsFLlZ+WCsN/7gVAJfoCNP4 2cD9WUoghyChZskytSdi4AuwmQTmmjRjHeQvmZLmkmfKL48eBuE+JFinpaL7o/2r OM6ecL6keu9nBmwpZlq3j0wozC0VszMUpMdt5Qebl6v3rdVk5I5PkVdlvIcvIgQ3 Mo5cg/STo+CUvSDcIq+P7w3Culotu1Sww181hwCJVUOIu3DP5zxYC4385ydjatVi -----END CERTIFICATE-----Generated at Sun Jun 29 02:52:24 2025 by rpki-client