$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json) Hash identifier: ntGrcRgtI+QPiA1J8vOaRrbG6ILwiNuOa5TAb24MCBE= Subject key identifier: 07:7C:F9:FF:A8:44:FA:B5:C3:3B:3B:A4:FC:1A:B7:46:16:F4:9D:85 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: F3E1C19C5C9B2853C56D6AC8D5509E94C69C0E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa Signing time: Wed 15 Oct 2025 00:50:06 +0000 ROA not before: Wed 15 Oct 2025 00:50:06 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: f3:e1:c1:9c:5c:9b:28:53:c5:6d:6a:c8:d5:50:9e:94:c6:9c:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:50:06 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=c269c79e99d8fa5dfcd306ad1401f112781c29201c274fe5df0aa9122369e4ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:58:3f:2c:25:ae:ec:19:18:47:b7:d5:b2:db: 31:38:7b:2c:48:05:b5:41:6e:83:f6:69:3a:8e:fd: 09:48:f2:53:ac:7d:f4:93:ca:73:02:41:07:ac:bb: a2:67:92:3b:b0:cf:23:2e:9f:03:14:dc:55:89:5f: 60:3b:ff:61:8e:59:af:3a:47:aa:0b:6c:87:b4:96: f7:b4:49:c7:6b:87:fa:40:e9:03:9e:3b:67:af:ba: 3f:0a:2e:37:c8:a6:be:47:47:52:ae:38:c4:04:8b: 9f:f8:49:0d:64:72:d8:0a:8c:2d:d5:01:07:4c:88: 33:f1:11:1d:42:27:57:eb:3d:d7:b3:3d:48:08:d7: 72:61:fc:68:1b:f9:41:fc:d4:9a:35:c1:3f:d8:1c: 73:c3:4b:34:ea:57:ac:42:28:40:de:c1:89:10:3f: db:9b:1a:06:c3:30:16:d5:b0:5c:b8:62:2f:e7:a2: ba:e2:fd:31:11:d9:11:72:b7:a1:46:65:cd:a4:0c: 13:9a:6a:79:aa:c3:13:43:cf:6f:9a:16:2b:30:3f: 55:b5:8d:5c:a1:76:8d:6d:41:1e:71:06:d6:ad:2d: 96:f8:e3:0f:8c:74:a7:a5:cc:3f:e4:24:9a:e2:e9: 91:7e:c7:90:aa:fe:46:28:91:6a:1e:2f:9e:54:c3: da:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:7C:F9:FF:A8:44:FA:B5:C3:3B:3B:A4:FC:1A:B7:46:16:F4:9D:85 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 92:43:30:10:3f:da:84:0d:03:cc:9b:99:c5:24:41:e8:54:24: 1d:20:74:32:74:20:69:81:03:31:2f:6d:e0:16:e0:b0:52:d4: 09:37:c4:fc:23:07:db:ec:73:68:41:c4:86:a6:21:b7:3b:e6: 07:28:78:ec:6c:31:f7:f6:89:b3:4e:d1:5c:92:3e:bc:98:a2: 91:76:77:76:16:23:66:b9:8e:03:7d:ca:96:7d:30:0c:e0:f8: 7d:77:0d:49:ed:06:e4:d6:cc:7a:a5:63:09:85:59:90:54:3f: 14:bb:e2:f8:a6:3e:2d:07:5c:a9:ae:36:e8:8e:ea:31:e1:46: 38:cb:3c:f5:90:d7:81:b5:2e:82:98:58:39:cc:8b:4b:f2:1e: 31:59:69:55:38:dc:55:1b:22:51:93:e1:07:e7:cd:50:7d:3a: 23:a3:89:cf:82:da:ef:cb:88:29:8d:06:59:5d:1e:68:f6:9b: 97:da:d7:34:20:3f:9e:76:fc:65:ec:8c:6f:72:ef:87:20:25: 17:fa:c9:eb:0f:e3:89:c1:86:6f:c4:99:95:c6:f6:b0:4b:2d: b4:a1:f5:ee:18:9b:6f:4a:b6:60:be:3b:c4:36:cb:8f:9f:f0: cf:b3:5d:2c:48:21:9b:d5:81:3a:69:8c:fd:9a:fc:42:13:36: 00:14:91:79 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUAPPhwZxcmyhTxW1qyNVQnpTGnA4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNTAwNloX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAYzI2OWM3OWU5OWQ4ZmE1ZGZjZDMw NmFkMTQwMWYxMTI3ODFjMjkyMDFjMjc0ZmU1ZGYwYWE5MTIyMzY5ZTRhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fg/LCWu7BkYR7fVstsxOHssSAW1 QW6D9mk6jv0JSPJTrH30k8pzAkEHrLuiZ5I7sM8jLp8DFNxViV9gO/9hjlmvOkeq C2yHtJb3tEnHa4f6QOkDnjtnr7o/Ci43yKa+R0dSrjjEBIuf+EkNZHLYCowt1QEH TIgz8REdQidX6z3Xsz1ICNdyYfxoG/lB/NSaNcE/2Bxzw0s06lesQihA3sGJED/b mxoGwzAW1bBcuGIv56K64v0xEdkRcrehRmXNpAwTmmp5qsMTQ89vmhYrMD9VtY1c oXaNbUEecQbWrS2W+OMPjHSnpcw/5CSa4umRfseQqv5GKJFqHi+eVMPatwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFAd8+f+oRPq1wzs7pPwat0YW9J2FMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAJJDMBA/2oQNA8ybmcUkQehU JB0gdDJ0IGmBAzEvbeAW4LBS1Ak3xPwjB9vsc2hBxIamIbc75gcoeOxsMff2ibNO 0VySPryYopF2d3YWI2a5jgN9ypZ9MAzg+H13DUntBuTWzHqlYwmFWZBUPxS74vim Pi0HXKmuNuiO6jHhRjjLPPWQ14G1LoKYWDnMi0vyHjFZaVU43FUbIlGT4QfnzVB9 OiOjic+C2u/LiCmNBlldHmj2m5fa1zQgP552/GXsjG9y74cgJRf6yesP44nBhm/E mZXG9rBLLbSh9e4Ym29KtmC+O8Q2y4+f8M+zXSxIIZvVgTppjP2a/EITNgAUkXk= -----END CERTIFICATE-----Generated at Mon Oct 20 07:23:56 2025 by rpki-client