$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa File: 10466492-6e57-4b27-906d-531139de21f0.roa (raw, json) Hash identifier: +zeSD+TQttEk293UAhIzVWh3IsR0m7EvJaCGW4q6JVI= Subject key identifier: 11:E2:CB:32:04:87:5C:D7:0F:59:C1:F1:73:CA:AA:61:35:64:2E:62 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2631FF17D139F3C49FAE3C5680E7FE9B6CDFA5CE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa Signing time: Fri 17 Oct 2025 00:02:21 +0000 ROA not before: Fri 17 Oct 2025 00:02:21 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.156.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:31:ff:17:d1:39:f3:c4:9f:ae:3c:56:80:e7:fe:9b:6c:df:a5:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:02:21 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=75771d6191710e2d46460d014e8efcae1523153716ff652d09f477a857669320, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:bf:f7:7c:7b:c2:67:cb:4c:86:72:27:57:e5: 80:b6:5c:b7:f8:0a:49:96:b3:9b:77:8d:aa:17:db: 7a:b9:ac:98:66:46:1d:df:0e:d3:a1:83:1d:80:71: 54:56:88:53:81:41:a7:d2:da:80:92:0f:6c:11:c9: cf:e4:04:48:5a:d2:78:25:57:c0:21:2f:a2:da:a6: 55:b3:bd:5a:5c:d7:78:ad:f5:63:fe:9d:30:b1:ec: 03:c0:41:c6:b0:64:37:91:f0:15:5e:88:02:62:24: d6:4c:94:5f:f5:56:b5:7a:84:34:ff:88:0e:ff:e7: 87:20:da:85:d0:b1:52:8f:a5:15:d8:df:e2:e3:14: 10:67:f1:37:e7:ca:e3:18:39:2d:23:9a:ef:97:d7: aa:1a:2f:f3:7d:84:fd:cd:b8:3c:7e:84:b7:b9:b4: 5c:05:c7:c2:b2:d4:51:93:28:e4:96:79:8c:97:ea: 9b:ab:ec:8c:30:15:e1:e1:2e:27:78:e7:44:db:49: 96:81:f8:0c:02:9f:16:47:a1:e1:6f:e7:63:c3:78: cc:35:33:7b:61:72:77:03:70:db:eb:5b:9a:5b:4d: 9f:e8:e8:21:9e:a4:3a:b6:d7:0b:17:cc:ab:4c:0a: 2a:28:54:c9:eb:5f:a1:24:2a:8e:0c:c5:e7:8a:78: 36:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:E2:CB:32:04:87:5C:D7:0F:59:C1:F1:73:CA:AA:61:35:64:2E:62 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10466492-6e57-4b27-906d-531139de21f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.156.0/24 Signature Algorithm: sha256WithRSAEncryption 70:b1:71:b9:5b:87:08:97:ba:d5:61:f9:57:9a:09:b0:ce:38: 06:3a:87:71:41:5f:ce:85:dc:32:60:ff:7b:8b:64:c6:b4:f9: c6:cb:bd:de:87:f8:06:fb:bd:75:74:7e:d3:cb:ab:ba:cd:bb: b2:ad:50:e6:7b:56:35:47:cd:74:1b:9b:9a:f7:63:46:04:37: e6:d7:05:5e:cb:81:4f:ea:a9:fb:01:ce:37:fa:b7:d2:3d:30: ce:f6:45:70:a3:a7:03:47:a6:cc:ed:c7:97:85:9b:f6:66:dc: f6:5a:84:be:5c:3a:4e:1e:6b:41:fa:5c:a4:f4:51:3f:b2:29: db:71:d3:82:b3:5f:1a:8c:08:b0:e4:20:69:22:71:65:2d:79: 54:e4:5a:09:1a:86:79:76:34:10:57:57:a1:05:e1:e8:3f:cf: ba:da:02:27:62:19:5d:d2:eb:10:77:78:09:5a:d7:04:89:06: bc:84:07:f4:89:b7:b7:77:55:16:6d:99:f0:e0:f3:df:c0:4f: c9:bd:e4:dd:fd:5a:a3:a0:c9:d9:d9:bf:40:df:42:cc:f2:d5: 91:d2:62:96:cc:dc:1d:96:42:b7:78:35:50:3b:32:6c:a8:3a: 3c:c0:d4:25:70:96:52:b0:c7:37:ae:21:cc:30:19:9a:97:7c: 06:43:8a:ff -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUJjH/F9E588SfrjxWgOf+m2zfpc4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDIyMVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANzU3NzFkNjE5MTcxMGUyZDQ2NDYw ZDAxNGU4ZWZjYWUxNTIzMTUzNzE2ZmY2NTJkMDlmNDc3YTg1NzY2OTMyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb/3fHvCZ8tMhnInV+WAtly3+ApJ lrObd42qF9t6uayYZkYd3w7ToYMdgHFUVohTgUGn0tqAkg9sEcnP5ARIWtJ4JVfA IS+i2qZVs71aXNd4rfVj/p0wsewDwEHGsGQ3kfAVXogCYiTWTJRf9Va1eoQ0/4gO /+eHINqF0LFSj6UV2N/i4xQQZ/E358rjGDktI5rvl9eqGi/zfYT9zbg8foS3ubRc BcfCstRRkyjklnmMl+qbq+yMMBXh4S4neOdE20mWgfgMAp8WR6Hhb+djw3jMNTN7 YXJ3A3Db61uaW02f6OghnqQ6ttcLF8yrTAoqKFTJ61+hJCqODMXning2JQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBHiyzIEh1zXD1nB8XPKqmE1ZC5iMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEwNDY2NDkyLTZlNTctNGIyNy05MDZkLTUzMTEzOWRlMjFmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9qcMA0GCSqGSIb3DQEBCwUAA4IBAQBwsXG5W4cIl7rVYflXmgmw zjgGOodxQV/OhdwyYP97i2TGtPnGy73eh/gG+711dH7Ty6u6zbuyrVDme1Y1R810 G5ua92NGBDfm1wVey4FP6qn7Ac43+rfSPTDO9kVwo6cDR6bM7ceXhZv2Ztz2WoS+ XDpOHmtB+lyk9FE/sinbcdOCs18ajAiw5CBpInFlLXlU5FoJGoZ5djQQV1ehBeHo P8+62gInYhld0usQd3gJWtcEiQa8hAf0ibe3d1UWbZnw4PPfwE/JveTd/VqjoMnZ 2b9A30LM8tWR0mKWzNwdlkK3eDVQOzJsqDo8wNQlcJZSsMc3riHMMBmal3wGQ4r/ -----END CERTIFICATE-----Generated at Mon Oct 20 13:11:09 2025 by rpki-client