$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: IYHRgJxoeEsXLVEiHIFbV73CkeECzOHou2wNUc0dx3s= Subject key identifier: 34:EB:1D:36:5A:D7:79:63:01:2F:2E:2B:99:36:95:3D:84:26:BD:6F Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 67F449C82C2605DB6581A4568A4B28C5AC2F6745 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Fri 20 Jun 2025 00:00:03 +0000 ROA not before: Fri 20 Jun 2025 00:00:03 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:f4:49:c8:2c:26:05:db:65:81:a4:56:8a:4b:28:c5:ac:2f:67:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jun 20 00:00:03 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=c63e3b99ac5abfe661c959fe6ee9e1b25d9dd81753376e7f0549c0df3ec5ad0d, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:41:c7:b0:82:25:84:2d:7f:27:f5:00:21:7d: c7:5c:4e:cc:aa:06:cb:44:d3:18:ff:ef:a8:5a:27: 66:07:e7:5e:d1:c3:7d:03:d2:e0:d9:fb:ae:15:d9: 08:5b:bd:c8:1a:cc:1f:c1:99:99:ec:b5:5f:bf:5c: 19:0b:eb:87:e9:5f:19:01:22:b2:b9:59:a7:3c:ca: de:56:3f:20:91:de:a6:33:45:e6:60:f3:d7:6c:8b: 0c:ac:26:8e:fc:09:93:c0:14:ca:92:e5:62:a4:0b: 93:84:a4:8e:0c:a6:d4:ca:ee:14:06:77:63:c3:ac: 01:40:2b:cb:9b:d6:af:b0:6f:25:cc:e1:05:f2:51: c5:29:09:d1:a0:f5:cc:e5:81:c8:16:a1:c8:77:4b: 6a:1b:82:c3:a0:71:f0:67:ca:54:8f:f1:03:19:e8: fd:7a:04:5b:61:14:01:5a:ba:3a:06:a3:6e:5e:c5: d6:b4:e6:8e:63:39:18:32:5f:ff:08:46:01:11:07: eb:77:f7:3e:e7:53:9f:6e:8d:78:e3:c9:23:46:85: 73:03:bf:2e:d9:6a:61:51:90:11:e1:06:f6:72:2a: d0:3a:15:c1:f0:5f:13:3f:e9:19:cf:ae:8a:c2:75: e2:ef:6b:f1:64:95:4f:ac:90:49:00:17:de:f1:8b: 74:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:EB:1D:36:5A:D7:79:63:01:2F:2E:2B:99:36:95:3D:84:26:BD:6F X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 45:12:37:ed:d6:09:4d:87:cf:27:3c:2e:c3:8b:51:21:3f:97: f7:f8:5c:a5:69:a4:91:15:91:38:41:93:0b:99:6b:cf:a8:6f: b8:a0:6f:28:76:fd:7d:11:f6:20:7d:da:d0:a0:f4:6e:b2:7c: e3:e6:21:b2:9b:6f:29:83:df:64:c1:0b:4e:e9:5e:58:c2:2e: a5:32:24:51:40:0a:b5:38:64:bd:0e:73:8b:aa:84:32:b9:b0: 81:78:df:31:3a:49:0d:f1:9e:24:97:8d:d4:8e:6f:fc:f9:87: 36:39:6d:4a:26:db:66:d6:44:7e:40:7a:e6:23:c6:83:37:0d: 31:0b:da:f1:fd:75:2b:ff:c3:2b:28:84:50:e9:b4:61:96:a9: 5b:e5:68:57:39:34:55:42:bc:58:b8:08:bf:a7:7c:9d:2f:93: 00:e4:93:8c:e6:3f:00:46:27:b0:ef:89:31:88:0f:66:b0:c6: 5f:e4:3d:6c:34:53:61:a1:2e:e6:8e:ee:e4:a5:98:eb:fc:ec: cf:06:ce:af:29:0f:3a:5c:db:b3:f5:d0:b6:cb:3b:b4:39:01: 2c:b7:c9:a5:9d:73:b4:52:83:54:4b:0c:43:91:dd:3a:17:d0: ee:c0:1f:5e:03:0d:17:e4:5b:d6:10:d6:a0:bf:41:f4:33:e1: c2:7a:69:9b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZ/RJyCwmBdtlgaRWiksoxawvZ0UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDYyMDAwMDAwM1oX DTI1MDcyNTIzNTk1OVowejFJMEcGA1UEBRNAYzYzZTNiOTlhYzVhYmZlNjYxYzk1 OWZlNmVlOWUxYjI1ZDlkZDgxNzUzMzc2ZTdmMDU0OWMwZGYzZWM1YWQwZDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUHHsIIlhC1/J/UAIX3HXE7MqgbL RNMY/++oWidmB+de0cN9A9Lg2fuuFdkIW73IGswfwZmZ7LVfv1wZC+uH6V8ZASKy uVmnPMreVj8gkd6mM0XmYPPXbIsMrCaO/AmTwBTKkuVipAuThKSODKbUyu4UBndj w6wBQCvLm9avsG8lzOEF8lHFKQnRoPXM5YHIFqHId0tqG4LDoHHwZ8pUj/EDGej9 egRbYRQBWro6BqNuXsXWtOaOYzkYMl//CEYBEQfrd/c+51Ofbo1448kjRoVzA78u 2WphUZAR4Qb2cirQOhXB8F8TP+kZz66KwnXi72vxZJVPrJBJABfe8Yt0uwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDTrHTZa13ljAS8uK5k2lT2EJr1vMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBFEjft1glNh88nPC7Di1Eh P5f3+FylaaSRFZE4QZMLmWvPqG+4oG8odv19EfYgfdrQoPRusnzj5iGym28pg99k wQtO6V5Ywi6lMiRRQAq1OGS9DnOLqoQyubCBeN8xOkkN8Z4kl43Ujm/8+Yc2OW1K Jttm1kR+QHrmI8aDNw0xC9rx/XUr/8MrKIRQ6bRhlqlb5WhXOTRVQrxYuAi/p3yd L5MA5JOM5j8ARiew74kxiA9msMZf5D1sNFNhoS7mju7kpZjr/OzPBs6vKQ86XNuz 9dC2yzu0OQEst8mlnXO0UoNUSwxDkd06F9DuwB9eAw0X5FvWENagv0H0M+HCemmb -----END CERTIFICATE-----Generated at Sun Jun 29 12:19:12 2025 by rpki-client