$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: I34NDbIviyeDaZZj7AqLe/6mj41B8r3FkTZrCBuwyDQ= Subject key identifier: 66:14:F2:24:5E:1A:99:6E:9D:14:AD:FA:BB:73:65:E4:BB:A3:E7:D2 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 5FE43AC271ED367437E39C84C54ACB323D1FCD1B Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Sat 09 Aug 2025 00:00:29 +0000 ROA not before: Sat 09 Aug 2025 00:00:29 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:03:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:e4:3a:c2:71:ed:36:74:37:e3:9c:84:c5:4a:cb:32:3d:1f:cd:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 9 00:00:29 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=f9a3719c0f1202bacf31c7ad1aa0f180de279a08bfcad39702635a8eedf450dc, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:eb:44:78:35:51:7f:42:86:b2:df:72:44:18: 79:49:00:41:d3:5b:4f:18:f2:52:03:61:76:90:ab: 8b:b7:9a:83:87:a9:0d:69:22:27:ee:0c:b6:e9:15: 7f:71:e3:d7:e6:f7:4f:0a:47:ff:b1:00:9a:d2:4a: 66:ef:6f:f9:c8:ae:89:f2:78:ef:a9:7a:c8:f5:c9: 2c:c1:19:b6:a0:e1:21:60:83:45:8b:7b:4f:46:48: 8a:a6:df:f8:4d:5a:c5:51:fe:a5:6e:e1:b3:92:b6: ac:ea:12:bd:5b:49:88:10:fa:86:7e:32:96:70:d1: e7:34:40:cb:56:f2:be:d6:ef:e8:e0:44:bd:f4:ef: 60:88:30:23:38:01:85:ce:36:92:78:a8:e1:f1:fa: 7b:0a:74:fc:4d:58:aa:e8:c9:38:35:ff:0a:f9:cc: c0:d2:05:72:82:83:13:14:ec:ec:5c:a4:71:b5:95: 3a:2a:6f:e2:ad:4d:ee:66:ee:4f:eb:42:a8:85:de: 18:ea:c2:d2:0a:2d:b6:c1:ef:d5:b1:5d:14:2d:27: a3:79:a8:45:29:61:b6:d3:ef:f7:19:e7:b4:3c:5c: c4:c3:54:28:3e:35:dc:46:b9:a1:42:57:19:a8:d0: 52:c4:4f:c7:c8:32:37:b3:d9:28:ff:2b:45:8f:d8: 6a:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:14:F2:24:5E:1A:99:6E:9D:14:AD:FA:BB:73:65:E4:BB:A3:E7:D2 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 4b:c8:6a:b8:2e:0b:99:7f:74:04:0f:34:ff:40:5c:85:69:7b: 76:60:36:70:24:f9:4d:f2:7b:61:45:7c:39:da:39:b6:6b:33: 17:bf:c5:cb:be:59:5a:68:f1:92:54:40:b5:54:fc:01:f6:e5: 4e:33:c1:ea:05:4d:54:4f:f5:84:35:e2:5a:66:d1:eb:ef:71: 1a:2b:9d:b7:73:95:f7:10:6e:01:1b:8f:c5:96:31:41:f5:e8: 41:5a:5a:f4:1c:15:c1:fb:53:44:60:5d:32:c9:5f:0b:78:ca: 0d:3a:25:1f:45:f7:8b:57:97:18:30:98:de:9d:07:00:35:44: d0:03:70:83:0e:c4:81:28:f3:cc:07:47:40:b4:d4:e4:78:05: 72:d1:95:b1:e2:71:71:c4:36:60:20:03:1f:46:dd:a6:eb:76: 91:d7:f3:7e:73:53:2b:32:81:6a:f6:14:49:59:79:ef:8b:b7: dd:5e:3a:44:69:2d:b0:c2:0e:83:00:4a:3c:6c:ab:b1:fb:2f: 83:99:15:56:02:88:71:d3:90:7a:77:eb:e2:2f:e4:81:e2:af: 41:0d:a2:87:26:34:f8:b4:2f:0a:f9:df:e1:ad:8f:64:6f:84: 82:d1:c8:44:e7:c7:fa:f9:d9:9f:7e:9f:5b:3a:23:d3:7f:c4: 88:cc:bf:88 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUX+Q6wnHtNnQ345yExUrLMj0fzRswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwOTAwMDAyOVoX DTI1MDkxMzIzNTk1OVowejFJMEcGA1UEBRNAZjlhMzcxOWMwZjEyMDJiYWNmMzFj N2FkMWFhMGYxODBkZTI3OWEwOGJmY2FkMzk3MDI2MzVhOGVlZGY0NTBkYzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0etEeDVRf0KGst9yRBh5SQBB01tP GPJSA2F2kKuLt5qDh6kNaSIn7gy26RV/cePX5vdPCkf/sQCa0kpm72/5yK6J8njv qXrI9ckswRm2oOEhYINFi3tPRkiKpt/4TVrFUf6lbuGzkras6hK9W0mIEPqGfjKW cNHnNEDLVvK+1u/o4ES99O9giDAjOAGFzjaSeKjh8fp7CnT8TViq6Mk4Nf8K+czA 0gVygoMTFOzsXKRxtZU6Km/irU3uZu5P60Kohd4Y6sLSCi22we/VsV0ULSejeahF KWG20+/3Gee0PFzEw1QoPjXcRrmhQlcZqNBSxE/HyDI3s9ko/ytFj9hqywIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGYU8iReGplunRSt+rtzZeS7o+fSMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBLyGq4LguZf3QEDzT/QFyF aXt2YDZwJPlN8nthRXw52jm2azMXv8XLvllaaPGSVEC1VPwB9uVOM8HqBU1UT/WE NeJaZtHr73EaK523c5X3EG4BG4/FljFB9ehBWlr0HBXB+1NEYF0yyV8LeMoNOiUf RfeLV5cYMJjenQcANUTQA3CDDsSBKPPMB0dAtNTkeAVy0ZWx4nFxxDZgIAMfRt2m 63aR1/N+c1MrMoFq9hRJWXnvi7fdXjpEaS2wwg6DAEo8bKux+y+DmRVWAohx05B6 d+viL+SB4q9BDaKHJjT4tC8K+d/hrY9kb4SC0chE58f6+dmffp9bOiPTf8SIzL+I -----END CERTIFICATE-----Generated at Sat Aug 23 20:50:31 2025 by rpki-client