$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa File: 084fc721-60a4-414f-b72d-dc01788e0fc2.roa (raw, json) Hash identifier: Nfb6hh1u+mXTdOJkIwDz27kazQfznGRAneJ9BX2z65c= Subject key identifier: 0C:55:D3:15:6F:03:8E:C5:91:DD:71:E8:92:0B:EE:38:66:DD:85:48 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 603E64E609BAB1FF0119333D86243498ABA515B6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa Signing time: Fri 17 Oct 2025 00:02:19 +0000 ROA not before: Fri 17 Oct 2025 00:02:19 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:3e:64:e6:09:ba:b1:ff:01:19:33:3d:86:24:34:98:ab:a5:15:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:02:19 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=b62aef66307a0ca17b0a5fba2ada70328c9921bf2a763ea7887952d53e262a63, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:cd:dc:26:ce:8b:b2:72:8c:4b:ef:02:40:fc: 3e:36:b7:21:18:2a:5f:9c:38:48:44:aa:cf:9a:b1: d5:ed:0c:64:3b:64:1a:35:b4:a1:b9:d7:fe:72:17: de:bb:0e:af:fa:e7:19:60:ec:d5:5c:52:93:a4:72: c5:2f:1b:21:66:56:63:24:b5:fa:60:89:d7:a5:b1: 33:1f:db:0a:53:ff:97:5d:56:a6:e3:31:e1:70:d8: ad:21:2d:0e:16:18:9d:2c:98:94:89:eb:f1:e0:37: 7d:a7:f5:6a:b9:8f:6b:01:12:f5:84:17:73:8a:5b: af:4c:a8:1a:42:8b:d7:42:5b:f7:23:6a:16:8f:5e: f2:58:9d:db:16:e1:fe:1d:41:38:cc:06:e8:c2:37: 32:55:d6:67:ef:10:fe:91:58:0d:ba:a4:21:ac:4e: d3:eb:07:f0:18:0d:07:ca:e7:c3:60:ad:89:7d:ca: e8:82:63:8b:73:aa:71:12:c8:2e:70:5a:1c:4b:00: f9:89:58:a6:91:08:70:dc:c8:53:08:3d:b3:a8:e7: 86:d2:10:8c:aa:f0:3e:d3:50:bc:cf:da:c8:d3:5e: ea:c6:7b:ae:3a:57:ff:56:cc:12:77:2e:4c:d9:81: cc:cf:6b:ad:8e:f5:45:25:0a:b1:98:64:83:ac:85: 02:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:55:D3:15:6F:03:8E:C5:91:DD:71:E8:92:0B:EE:38:66:DD:85:48 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.61.0/24 Signature Algorithm: sha256WithRSAEncryption ca:5f:28:2c:49:66:c5:76:d0:3b:58:bb:ec:27:88:a7:52:f5: 3a:d0:3e:9e:8a:63:79:ac:dc:dd:13:23:bf:b6:c4:08:4a:94: 74:c9:d9:e4:4c:94:77:2a:e6:bc:95:02:92:92:10:96:72:d4: e1:5d:4b:c4:5d:05:11:62:a4:8e:bb:9b:e5:7d:0f:b4:ec:f2: 74:4a:a8:d0:8a:6d:fa:54:eb:c9:66:c7:12:fe:03:b5:4a:b2: a7:e8:13:0b:f1:bb:a9:a6:4b:79:da:35:b9:7a:25:91:0f:00: e5:6b:83:cd:80:7f:f2:ca:c7:89:37:00:bd:c8:84:1f:b4:1a: aa:a7:61:45:86:36:e9:42:cf:89:2e:de:28:8d:d6:86:ff:35: ff:91:1f:57:50:e7:a7:20:63:e6:54:72:fb:99:5d:87:76:64: ad:94:7f:e9:83:0f:7e:74:88:ef:f0:ad:62:78:f4:64:d6:a2: 7c:44:e5:01:7b:dd:f0:0a:0c:31:4e:0d:c0:2b:29:db:83:f0: db:8d:3b:e2:22:02:2e:ed:ff:cd:04:0c:50:d7:a6:d1:c9:31: da:07:26:75:1b:3a:27:bd:ca:67:e6:bb:8e:18:a0:11:90:8c: 64:9b:7b:1d:db:83:65:c1:e2:ac:c1:8b:9c:db:68:6b:99:f1: db:2e:c5:cf -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYD5k5gm6sf8BGTM9hiQ0mKulFbYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDIxOVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAYjYyYWVmNjYzMDdhMGNhMTdiMGE1 ZmJhMmFkYTcwMzI4Yzk5MjFiZjJhNzYzZWE3ODg3OTUyZDUzZTI2MmE2MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA283cJs6LsnKMS+8CQPw+NrchGCpf nDhIRKrPmrHV7QxkO2QaNbShudf+chfeuw6v+ucZYOzVXFKTpHLFLxshZlZjJLX6 YInXpbEzH9sKU/+XXVam4zHhcNitIS0OFhidLJiUievx4Dd9p/VquY9rARL1hBdz iluvTKgaQovXQlv3I2oWj17yWJ3bFuH+HUE4zAbowjcyVdZn7xD+kVgNuqQhrE7T 6wfwGA0HyufDYK2JfcrogmOLc6pxEsgucFocSwD5iVimkQhw3MhTCD2zqOeG0hCM qvA+01C8z9rI017qxnuuOlf/VswSdy5M2YHMz2utjvVFJQqxmGSDrIUCNwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAxV0xVvA47Fkd1x6JIL7jhm3YVIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4NGZjNzIxLTYwYTQtNDE0Zi1iNzJkLWRjMDE3ODhlMGZjMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g9MA0GCSqGSIb3DQEBCwUAA4IBAQDKXygsSWbFdtA7WLvsJ4in UvU60D6eimN5rNzdEyO/tsQISpR0ydnkTJR3Kua8lQKSkhCWctThXUvEXQURYqSO u5vlfQ+07PJ0SqjQim36VOvJZscS/gO1SrKn6BML8buppkt52jW5eiWRDwDla4PN gH/yyseJNwC9yIQftBqqp2FFhjbpQs+JLt4ojdaG/zX/kR9XUOenIGPmVHL7mV2H dmStlH/pgw9+dIjv8K1iePRk1qJ8ROUBe93wCgwxTg3AKynbg/DbjTviIgIu7f/N BAxQ16bRyTHaByZ1Gzonvcpn5ruOGKARkIxkm3sd24NlweKswYuc22hrmfHbLsXP -----END CERTIFICATE-----Generated at Mon Oct 20 07:36:35 2025 by rpki-client