$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa File: 25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa (raw, json) Hash identifier: uvPF1yFleLfWH0AhdCNli/T88JqcqnsD3ivyY7GWXw4= Subject key identifier: 04:8B:16:4C:75:FE:7F:73:BC:AF:A0:D0:E8:F1:17:A2:35:CB:95:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1BCB8A6900D245BD9ACE95D5F049D058850E8B62 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa Signing time: Tue 07 Oct 2025 00:01:18 +0000 ROA not before: Tue 07 Oct 2025 00:01:18 +0000 ROA not after: Tue 11 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:cb:8a:69:00:d2:45:bd:9a:ce:95:d5:f0:49:d0:58:85:0e:8b:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 7 00:01:18 2025 GMT Not After : Nov 11 23:59:59 2025 GMT Subject: serialNumber=e1945935b9a663e28156baab5de3d29c22c737c62996c188597ed26008d2d0f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c5:63:95:97:d4:d4:58:56:ea:7e:19:79:c9: b4:fc:86:13:99:1f:dc:51:b6:84:53:a7:0e:c3:26: 04:0c:dd:1f:b4:a1:d7:25:c2:47:a8:a0:1e:90:91: c5:8d:01:96:05:7a:c7:a8:45:65:67:e9:7e:cd:6c: 65:1e:93:2d:f7:2c:37:41:7c:20:b9:5b:3b:16:67: 81:60:fc:9b:05:cb:ed:3a:02:94:a4:95:a5:c7:6a: b2:02:84:a7:b1:99:4a:97:22:4d:6b:54:f9:66:9b: 8f:79:b9:7f:64:8b:e7:1e:9f:b2:f8:8b:ff:28:3d: 31:6c:4c:f4:2c:6b:f8:8c:0d:6e:b8:d4:db:85:f0: 00:14:b0:87:e6:a5:0f:fd:3d:7e:cc:af:4f:fa:b0: 6b:28:5a:a9:e4:09:4a:7d:3d:d3:5d:27:73:06:5b: b4:a5:4e:b5:c4:7d:04:7a:4a:91:61:80:ee:0e:09: 60:b7:e8:86:71:13:81:85:66:46:f4:b1:92:91:61: cf:cf:07:40:84:70:0a:5b:50:1a:1f:5e:10:01:36: 97:4b:37:c2:26:e3:b3:de:c4:2e:fa:3c:64:50:06: f7:70:b2:dc:4a:6f:64:a5:9a:e8:4e:88:d4:39:30: d7:a8:1e:32:36:55:4b:14:1b:73:ff:8a:0c:bd:7d: 9f:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:8B:16:4C:75:FE:7F:73:BC:AF:A0:D0:E8:F1:17:A2:35:CB:95:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25e04c5d-4ae9-4470-8138-dea1e8b3160e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.70.0/24 Signature Algorithm: sha256WithRSAEncryption aa:dc:fe:7d:57:4d:ab:9e:a4:0a:a8:4a:9d:c6:17:06:7b:49: 81:29:21:bb:54:51:57:57:a2:80:2c:73:b3:43:98:10:90:72: a2:e8:d4:19:15:73:36:9d:3a:50:d7:7b:f5:a0:d8:a3:b3:e4: 60:1f:97:39:bc:36:66:6f:f0:5b:53:26:1c:27:be:de:ef:f0: 40:2e:f6:cf:cd:10:2c:f2:fd:c3:12:20:47:e9:d5:6d:6e:65: 07:7a:8d:4e:78:24:46:c0:e4:d8:02:d3:b7:91:ca:1c:02:5f: f1:50:d2:80:b3:0c:65:b1:70:3d:29:1b:61:67:7d:73:77:46: e0:a0:62:aa:70:75:5a:44:02:57:72:20:25:06:be:1b:d0:e4: d9:0c:30:48:c3:12:63:cc:a6:9a:58:1e:7e:88:58:19:d5:8c: cc:9d:85:c2:33:3b:9e:ae:0b:a3:81:d3:42:0c:a0:50:45:06: 83:92:f2:6f:5e:34:c2:22:db:7b:69:21:bb:a6:03:95:26:5a: 99:10:d2:e0:dc:e2:1d:17:08:54:7d:dd:2a:83:4f:1e:28:f7: 45:39:19:3b:e4:23:77:7b:48:0a:48:bd:c1:91:18:3f:15:73: ca:56:13:2e:43:76:48:4c:aa:76:eb:95:b6:98:2d:6a:4a:5f: 2a:f2:7f:93 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUG8uKaQDSRb2azpXV8EnQWIUOi2IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNzAwMDExOFoX DTI1MTExMTIzNTk1OVowejFJMEcGA1UEBRNAZTE5NDU5MzViOWE2NjNlMjgxNTZi YWFiNWRlM2QyOWMyMmM3MzdjNjI5OTZjMTg4NTk3ZWQyNjAwOGQyZDBmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcVjlZfU1FhW6n4Zecm0/IYTmR/c UbaEU6cOwyYEDN0ftKHXJcJHqKAekJHFjQGWBXrHqEVlZ+l+zWxlHpMt9yw3QXwg uVs7FmeBYPybBcvtOgKUpJWlx2qyAoSnsZlKlyJNa1T5ZpuPebl/ZIvnHp+y+Iv/ KD0xbEz0LGv4jA1uuNTbhfAAFLCH5qUP/T1+zK9P+rBrKFqp5AlKfT3TXSdzBlu0 pU61xH0EekqRYYDuDglgt+iGcROBhWZG9LGSkWHPzwdAhHAKW1AaH14QATaXSzfC JuOz3sQu+jxkUAb3cLLcSm9kpZroTojUOTDXqB4yNlVLFBtz/4oMvX2fDwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFASLFkx1/n9zvK+g0OjxF6I1y5X4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1ZTA0YzVkLTRhZTktNDQ3MC04MTM4LWRlYTFlOGIzMTYwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RGMA0GCSqGSIb3DQEBCwUAA4IBAQCq3P59V02rnqQKqEqdxhcG e0mBKSG7VFFXV6KALHOzQ5gQkHKi6NQZFXM2nTpQ13v1oNijs+RgH5c5vDZmb/Bb UyYcJ77e7/BALvbPzRAs8v3DEiBH6dVtbmUHeo1OeCRGwOTYAtO3kcocAl/xUNKA swxlsXA9KRthZ31zd0bgoGKqcHVaRAJXciAlBr4b0OTZDDBIwxJjzKaaWB5+iFgZ 1YzMnYXCMzuergujgdNCDKBQRQaDkvJvXjTCItt7aSG7pgOVJlqZENLg3OIdFwhU fd0qg08eKPdFORk75CN3e0gKSL3BkRg/FXPKVhMuQ3ZITKp265W2mC1qSl8q8n+T -----END CERTIFICATE-----Generated at Mon Oct 20 12:34:31 2025 by rpki-client