$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa File: 0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa (raw, json) Hash identifier: Ab7l6dIu98aMmg37PJkJaTx8hWHKI5nl+vcHEoiRRQ4= Subject key identifier: 9C:16:91:57:C3:7F:81:9C:6B:B5:F2:D5:A7:E7:3C:11:12:FD:02:50 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49C4F091E05F870920D03E04CB46801FF271A96B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa Signing time: Fri 17 Oct 2025 00:02:16 +0000 ROA not before: Fri 17 Oct 2025 00:02:16 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:c4:f0:91:e0:5f:87:09:20:d0:3e:04:cb:46:80:1f:f2:71:a9:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:02:16 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=aad4d346f8026b9d9b386ee04bd2779a50eb4e78f28d1315851470a0466b966f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:7a:86:cc:b0:63:7d:04:84:fb:84:c2:ee:20: 1e:f3:03:fc:ca:4d:2d:89:74:42:44:f5:41:0b:c0: ac:81:3d:3b:ca:48:4a:71:ed:d1:3d:ac:3a:22:3a: 30:d8:7e:66:01:19:18:77:06:c9:15:86:6d:fe:65: 4e:9c:9c:ea:9c:d7:62:83:5e:f8:15:62:7f:fc:95: f2:20:0f:cc:ab:ab:b0:6e:88:3b:e6:bd:0c:68:d8: cc:e9:b0:01:f6:4c:df:2a:20:5d:1e:0e:11:d3:5a: 6f:5b:0d:2e:14:27:5f:3d:78:ad:89:27:ba:71:7c: 64:72:78:41:17:ab:72:f5:35:cf:8e:ea:e1:61:a8: 0d:72:26:11:3e:c2:80:58:d7:31:e4:f7:50:c4:d0: d6:2f:91:a4:aa:68:8b:7f:e3:ab:e2:fd:b9:74:92: 85:b8:08:97:79:c6:b9:20:0e:4f:ee:82:fb:00:b0: ec:fd:ea:ec:a0:f4:9f:1b:1b:e7:ff:d8:ed:3d:91: 28:75:db:f2:e3:d0:04:66:ab:30:b1:07:98:81:01: f8:95:f9:c9:9f:bd:cb:6f:9f:85:ce:7b:56:57:a0: 84:a7:a4:af:50:2e:f6:52:59:29:39:d3:95:78:b9: 9e:b6:72:8f:b5:95:7a:8f:f1:8d:fc:06:1c:2a:99: 64:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:16:91:57:C3:7F:81:9C:6B:B5:F2:D5:A7:E7:3C:11:12:FD:02:50 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0384c943-d0ac-4d4c-b5c3-a670c7e33c51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7d:32:77:9c:b9:fe:e1:a6:52:2b:59:e8:8f:75:ef:77:81:59: 3a:78:1e:bf:8f:35:ea:d0:db:ca:56:cc:6d:3b:80:a6:e3:e8: 4b:82:62:54:9b:0c:56:d3:b9:80:be:98:c5:4c:16:e9:b4:c4: 73:31:88:0e:08:0c:39:e8:77:3c:0a:82:3a:eb:64:07:d5:65: f9:f6:e3:1d:5c:5d:9e:b3:61:d0:6d:22:1f:f3:59:79:68:9b: 08:52:ef:86:03:19:08:52:2a:e4:9a:e3:36:9d:f0:05:1f:fc: 20:36:b6:ff:61:da:e1:4d:b0:63:f5:74:7f:53:3a:ae:33:f9: 9f:49:7d:6e:5c:8b:41:f3:2a:e2:7b:14:5c:fd:68:6a:9b:b0: b3:3b:35:8d:5c:a7:b1:c2:96:81:3b:98:99:8b:02:fd:e9:84: 8d:08:06:75:45:2c:3d:35:9c:0e:8f:87:f8:3b:33:e1:a2:3b: 32:b1:a4:f0:90:ce:46:e2:7e:f8:ef:59:02:f8:25:9d:8e:a3: b5:14:73:45:c4:2a:b5:b2:2e:7d:09:ab:f0:93:28:f3:76:63: ae:f3:7b:01:65:17:a7:bf:bb:18:69:7a:d2:4c:fc:f0:8a:92: 13:d7:76:69:00:98:a5:93:ac:20:ee:69:c1:2b:5a:77:ad:04: df:01:46:b4 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUScTwkeBfhwkg0D4Ey0aAH/JxqWswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDIxNloX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAYWFkNGQzNDZmODAyNmI5ZDliMzg2 ZWUwNGJkMjc3OWE1MGViNGU3OGYyOGQxMzE1ODUxNDcwYTA0NjZiOTY2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXqGzLBjfQSE+4TC7iAe8wP8yk0t iXRCRPVBC8CsgT07ykhKce3RPaw6Ijow2H5mARkYdwbJFYZt/mVOnJzqnNdig174 FWJ//JXyIA/Mq6uwbog75r0MaNjM6bAB9kzfKiBdHg4R01pvWw0uFCdfPXitiSe6 cXxkcnhBF6ty9TXPjurhYagNciYRPsKAWNcx5PdQxNDWL5GkqmiLf+Or4v25dJKF uAiXeca5IA5P7oL7ALDs/ersoPSfGxvn/9jtPZEoddvy49AEZqswsQeYgQH4lfnJ n73Lb5+FzntWV6CEp6SvUC72UlkpOdOVeLmetnKPtZV6j/GN/AYcKplkqQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFJwWkVfDf4Gca7Xy1afnPBES/QJQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAzODRjOTQzLWQwYWMtNGQ0Yy1iNWMzLWE2NzBjN2UzM2M1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9gwDQYJKoZIhvcNAQELBQADggEBAH0yd5y5/uGmUitZ6I9173eB WTp4Hr+PNerQ28pWzG07gKbj6EuCYlSbDFbTuYC+mMVMFum0xHMxiA4IDDnodzwK gjrrZAfVZfn24x1cXZ6zYdBtIh/zWXlomwhS74YDGQhSKuSa4zad8AUf/CA2tv9h 2uFNsGP1dH9TOq4z+Z9JfW5ci0HzKuJ7FFz9aGqbsLM7NY1cp7HCloE7mJmLAv3p hI0IBnVFLD01nA6Ph/g7M+GiOzKxpPCQzkbifvjvWQL4JZ2Oo7UUc0XEKrWyLn0J q/CTKPN2Y67zewFlF6e/uxhpetJM/PCKkhPXdmkAmKWTrCDuacErWnetBN8BRrQ= -----END CERTIFICATE-----Generated at Mon Oct 20 07:24:52 2025 by rpki-client