$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa File: 4eebfe87-ebaa-4640-b26f-714c512d27da.roa (raw, json) Hash identifier: 00oVe00Ea8bBRY74yjXxHlm5kFZjazv4zUhH6ASJ+DM= Subject key identifier: 4F:87:DF:5A:B3:9B:8C:F3:6D:DB:CE:B8:4C:7B:3D:EF:DE:9D:D2:36 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7EB12F8D461BCD80E1A081228F8D1C5E930DF864 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa Signing time: Mon 29 Sep 2025 15:00:29 +0000 ROA not before: Mon 29 Sep 2025 15:00:29 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.217.174.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:b1:2f:8d:46:1b:cd:80:e1:a0:81:22:8f:8d:1c:5e:93:0d:f8:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 29 15:00:29 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=6a259d6fce72c976606e3360097d1a09e6837d0dcb27e9f511a8aeb8e26073af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6c:c3:80:54:dd:77:6b:39:8c:c1:fd:83:aa: 7c:e2:a0:34:02:09:51:1e:f5:7a:b0:af:64:ef:8e: ad:d2:b8:69:f2:c1:4c:8f:2c:00:b1:16:c2:ee:f2: 28:50:25:77:c5:6e:a7:a4:b4:43:03:24:2d:48:72: c7:20:f9:70:ec:f6:69:1a:be:77:07:53:36:b5:30: 72:bb:15:fb:61:d5:0b:07:83:3e:94:18:b2:db:f3: 2f:63:2e:ce:2e:b1:88:c9:83:e5:65:fe:2b:36:5f: f2:21:f0:f8:35:eb:20:76:dd:49:ff:69:c6:78:27: b4:ee:df:7d:fe:e1:1c:5a:98:7b:27:cf:3e:76:89: 9f:65:95:6f:e8:c0:52:a9:11:f4:86:d6:e5:bc:b5: bc:aa:19:1a:f9:a6:56:2f:f9:6f:08:37:99:d2:06: 18:5b:f2:82:37:2c:2e:24:3e:ab:bd:f4:ca:56:27: 1f:de:33:3b:7b:6e:44:a4:65:d8:e6:5a:b0:be:7a: 17:24:61:13:e3:5b:19:b8:43:27:1d:23:e3:d2:78: 0b:61:35:a4:cc:5e:c1:80:3c:f6:20:86:26:bd:03: 3f:96:9d:38:53:6c:93:34:5e:87:22:9f:8f:be:d1: 57:31:f3:79:d9:3c:15:7e:5d:0f:24:0a:67:74:a1: 45:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:87:DF:5A:B3:9B:8C:F3:6D:DB:CE:B8:4C:7B:3D:EF:DE:9D:D2:36 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eebfe87-ebaa-4640-b26f-714c512d27da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.217.174.0/23 Signature Algorithm: sha256WithRSAEncryption 86:27:1a:8b:68:c2:94:09:6d:83:32:ef:da:0f:0a:c6:ac:25: 95:ad:32:50:61:96:92:48:57:65:cc:65:1f:68:4d:73:3f:da: 9f:d2:71:3f:ee:52:a4:f7:be:d8:53:9f:fc:3a:62:34:74:1e: 1b:9a:51:a3:47:fa:30:b4:d5:d8:4d:c1:0f:ca:18:0d:2e:09: c0:0f:79:26:b8:f0:de:ad:65:4b:85:78:18:84:66:70:8c:78: 19:40:dd:db:e2:5b:92:f4:b1:58:29:55:15:31:29:83:8d:d2: 46:bc:e5:57:1d:38:8d:d0:88:3c:ed:e9:e1:fd:c3:c1:f9:5e: fb:83:f6:b7:cd:1c:5c:7e:17:45:2d:2d:ed:be:a6:6f:5e:78: ae:59:30:dc:b3:15:cc:67:90:4d:21:6e:30:ec:fc:0e:4b:a6: 90:ff:b5:ed:59:9b:75:75:ed:95:a7:12:7a:21:4c:4d:b6:aa: 7a:64:e1:ba:35:23:3f:7a:69:2f:cb:ea:b2:76:9c:6f:f8:e8: d5:61:be:72:b8:00:52:46:b7:b2:6c:5d:b8:f6:a0:b4:fc:8d: f7:85:ae:70:3f:9b:28:ae:b2:06:25:5a:43:cd:e7:4a:6e:16: fb:8f:5d:c1:c4:72:61:0c:02:46:0b:79:4d:f3:dc:ea:3e:15: 3e:b5:3b:c5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUfrEvjUYbzYDhoIEij40cXpMN+GQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkyOTE1MDAyOVoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNANmEyNTlkNmZjZTcyYzk3NjYwNmUz MzYwMDk3ZDFhMDllNjgzN2QwZGNiMjdlOWY1MTFhOGFlYjhlMjYwNzNhZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2zDgFTdd2s5jMH9g6p84qA0AglR HvV6sK9k746t0rhp8sFMjywAsRbC7vIoUCV3xW6npLRDAyQtSHLHIPlw7PZpGr53 B1M2tTByuxX7YdULB4M+lBiy2/MvYy7OLrGIyYPlZf4rNl/yIfD4Nesgdt1J/2nG eCe07t99/uEcWph7J88+domfZZVv6MBSqRH0htblvLW8qhka+aZWL/lvCDeZ0gYY W/KCNywuJD6rvfTKVicf3jM7e25EpGXY5lqwvnoXJGET41sZuEMnHSPj0ngLYTWk zF7BgDz2IIYmvQM/lp04U2yTNF6HIp+PvtFXMfN52TwVfl0PJApndKFFlwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFE+H31qzm4zzbdvOuEx7Pe/endI2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlZWJmZTg3LWViYWEtNDY0MC1iMjZmLTcxNGM1MTJkMjdkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9muMA0GCSqGSIb3DQEBCwUAA4IBAQCGJxqLaMKUCW2DMu/aDwrG rCWVrTJQYZaSSFdlzGUfaE1zP9qf0nE/7lKk977YU5/8OmI0dB4bmlGjR/owtNXY TcEPyhgNLgnAD3kmuPDerWVLhXgYhGZwjHgZQN3b4luS9LFYKVUVMSmDjdJGvOVX HTiN0Ig87enh/cPB+V77g/a3zRxcfhdFLS3tvqZvXniuWTDcsxXMZ5BNIW4w7PwO S6aQ/7XtWZt1de2VpxJ6IUxNtqp6ZOG6NSM/emkvy+qydpxv+OjVYb5yuABSRrey bF249qC0/I33ha5wP5sorrIGJVpDzedKbhb7j13BxHJhDAJGC3lN89zqPhU+tTvF -----END CERTIFICATE-----Generated at Mon Oct 20 18:45:39 2025 by rpki-client