$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b3c2b9b-025c-44df-bdca-4a903df0156c.roa File: 4b3c2b9b-025c-44df-bdca-4a903df0156c.roa (raw, json) Hash identifier: dztF/mSQqHJm0nLYuaa+Dl67S8//K7XvbO+cBUqy5cU= Subject key identifier: ED:EA:9B:65:10:3C:1F:6A:30:A7:44:4C:66:2D:50:7F:E9:78:82:55 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3BC921ABD67D53015300C635B0DF8E0FCF6AEEE6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b3c2b9b-025c-44df-bdca-4a903df0156c.roa Signing time: Wed 15 Oct 2025 00:50:09 +0000 ROA not before: Wed 15 Oct 2025 00:50:09 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:c9:21:ab:d6:7d:53:01:53:00:c6:35:b0:df:8e:0f:cf:6a:ee:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:50:09 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=3418ab7d479aac8373fbe2283c21402b9fc017b99e205686a9b70260f80ec583, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:da:ae:fd:45:fc:8e:9f:37:87:c6:b9:6a:3f: ed:21:09:6c:f8:53:07:15:64:70:d2:69:4f:bd:9e: fe:a8:17:56:07:09:75:fa:70:fa:8e:24:e3:d2:53: dd:ba:14:b8:b3:cf:b2:2f:08:95:e2:92:23:52:23: b0:93:2f:a5:70:d6:b0:78:b4:29:46:0d:ca:14:f1: 0d:81:fc:26:fe:4d:08:55:5a:c0:e3:f7:3f:1e:98: ae:36:ac:9f:da:b1:13:de:91:fd:e6:bb:7b:7d:bd: 30:63:a3:40:f3:d7:70:28:a5:34:91:98:fe:c9:4a: 47:2a:2b:df:4e:0e:68:b6:74:fc:fe:74:b9:de:20: b3:a7:44:c9:5b:e4:81:e1:72:da:f6:d7:b8:92:d4: 1b:7b:6e:2f:4d:75:9f:39:17:83:14:26:67:bf:21: de:67:cf:cd:18:9d:e3:dc:07:12:e5:90:0e:73:1a: 99:8b:6f:6c:62:47:38:49:81:0a:91:52:b1:62:f7: 18:f9:83:c8:9d:b5:05:da:62:18:fe:84:11:bb:95: 92:3a:58:96:3f:1a:86:af:87:37:93:3d:ff:e0:d9: c6:7a:32:b8:31:90:04:85:5d:60:0a:41:5b:74:6f: d9:5a:cd:30:fe:a7:b7:71:94:a6:76:94:94:60:43: 44:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:EA:9B:65:10:3C:1F:6A:30:A7:44:4C:66:2D:50:7F:E9:78:82:55 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b3c2b9b-025c-44df-bdca-4a903df0156c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.67.0/24 Signature Algorithm: sha256WithRSAEncryption 22:5f:fb:37:55:76:33:11:59:bb:16:8b:20:5c:a0:ff:4c:b3: a7:22:f9:37:e3:45:d6:81:97:c5:e6:bb:5f:3f:d6:11:32:4a: 7d:10:a0:be:54:9d:e3:93:e7:ef:8c:97:93:ce:8f:c1:ef:47: 21:1b:46:42:8b:fe:0d:cc:7e:1c:a1:cf:bd:48:95:3b:8d:23: d6:78:35:46:d1:a5:70:eb:23:bf:36:38:c3:62:29:bb:9c:5b: ec:fa:dc:61:5a:72:99:dc:f8:85:62:c5:ec:5b:c7:3c:5a:31: b8:ce:8b:be:53:b7:e8:8d:45:4a:9c:09:7c:6b:58:29:63:ca: 68:85:eb:98:aa:cf:8c:c0:e7:60:f0:e0:22:61:e5:91:6c:41: 3b:e4:ec:4e:87:1a:13:15:d0:96:07:a6:1e:e5:ad:bd:ed:24: ab:f7:08:92:57:d9:9b:dd:1a:27:4e:2f:7c:8d:df:66:18:59: e3:e1:d0:d1:89:78:d9:92:a1:92:e6:05:0b:3e:22:7c:5a:da: 43:19:af:81:b7:44:a8:84:73:4b:6b:2f:08:0e:f6:eb:73:4a: 29:b3:1d:84:56:22:37:0e:18:53:2c:dd:fc:82:4e:d1:12:9a: a5:3e:8a:76:e6:98:ef:bb:4b:18:d8:7f:50:b4:15:b2:3d:72: b7:a8:8d:8c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUO8khq9Z9UwFTAMY1sN+OD89q7uYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNTAwOVoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAMzQxOGFiN2Q0NzlhYWM4MzczZmJl MjI4M2MyMTQwMmI5ZmMwMTdiOTllMjA1Njg2YTliNzAyNjBmODBlYzU4MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dqu/UX8jp83h8a5aj/tIQls+FMH FWRw0mlPvZ7+qBdWBwl1+nD6jiTj0lPduhS4s8+yLwiV4pIjUiOwky+lcNaweLQp Rg3KFPENgfwm/k0IVVrA4/c/HpiuNqyf2rET3pH95rt7fb0wY6NA89dwKKU0kZj+ yUpHKivfTg5otnT8/nS53iCzp0TJW+SB4XLa9te4ktQbe24vTXWfOReDFCZnvyHe Z8/NGJ3j3AcS5ZAOcxqZi29sYkc4SYEKkVKxYvcY+YPInbUF2mIY/oQRu5WSOliW PxqGr4c3kz3/4NnGejK4MZAEhV1gCkFbdG/ZWs0w/qe3cZSmdpSUYENECwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFO3qm2UQPB9qMKdETGYtUH/peIJVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRiM2MyYjliLTAyNWMtNDRkZi1iZGNhLTRhOTAzZGYwMTU2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9RDMA0GCSqGSIb3DQEBCwUAA4IBAQAiX/s3VXYzEVm7FosgXKD/ TLOnIvk340XWgZfF5rtfP9YRMkp9EKC+VJ3jk+fvjJeTzo/B70chG0ZCi/4NzH4c oc+9SJU7jSPWeDVG0aVw6yO/NjjDYim7nFvs+txhWnKZ3PiFYsXsW8c8WjG4zou+ U7fojUVKnAl8a1gpY8poheuYqs+MwOdg8OAiYeWRbEE75OxOhxoTFdCWB6Ye5a29 7SSr9wiSV9mb3RonTi98jd9mGFnj4dDRiXjZkqGS5gULPiJ8WtpDGa+Bt0SohHNL ay8IDvbrc0opsx2EViI3DhhTLN38gk7REpqlPop25pjvu0sY2H9QtBWyPXK3qI2M -----END CERTIFICATE-----Generated at Mon Oct 20 07:24:49 2025 by rpki-client