$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa File: 5496107b-eefe-4905-9cf9-59440b1209c9.roa (raw, json) Hash identifier: 16YSN6v7YZx6tczD/ASrM8++ZXr+oMwsSSmB50j2Ojk= Subject key identifier: C1:2E:F0:22:C0:38:50:34:59:4D:1B:3D:BE:CD:4C:80:B3:D7:F4:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4C82990B5C2C2FEBA2673D6D131339C277A83C4C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa Signing time: Mon 29 Sep 2025 15:00:28 +0000 ROA not before: Mon 29 Sep 2025 15:00:28 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.62.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:82:99:0b:5c:2c:2f:eb:a2:67:3d:6d:13:13:39:c2:77:a8:3c:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 29 15:00:28 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=3dbb2010a261754ebca8bd6decd49674914d3147175ba45449291a721e2ad2a7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:67:9a:d4:6e:a3:fe:09:32:87:c0:cd:5e:41: 1a:0c:45:4e:f6:cc:1b:fb:75:f2:10:bb:99:66:f8: ae:bf:04:4e:3e:21:aa:06:53:3f:d6:cb:25:ed:ea: 80:5d:b8:30:68:e4:e6:42:c8:d9:9e:11:5e:37:81: 14:62:ca:03:1f:87:5b:77:8d:d8:f0:87:69:9b:56: ef:bc:39:25:4f:cd:a3:a0:d4:62:0f:5f:6f:47:02: 72:06:e7:53:49:b2:92:b2:ed:87:2d:f1:fc:c0:ad: cc:6d:91:c0:48:a4:f0:97:35:a4:b3:a5:1a:05:c5: 4e:89:d5:f3:29:c1:83:75:d4:36:ff:64:c3:27:3a: 24:e0:2b:b4:88:ae:e9:20:06:c2:7e:2b:6e:2d:c4: 33:38:5f:26:eb:ce:68:cf:d2:d7:e3:69:d3:38:10: de:c7:2a:42:77:de:4f:67:c3:ac:4e:e4:78:58:b3: 02:74:08:10:8c:eb:99:ab:c7:69:f8:95:25:aa:5d: 0c:4c:24:10:54:04:e1:a1:9d:61:ec:14:94:b5:3b: 51:d3:95:f6:02:4f:59:da:5d:5e:33:1d:c4:66:15: ab:de:31:0b:8b:43:46:96:24:0f:2f:56:54:df:af: 4b:f1:41:f9:ca:18:31:e0:d3:d9:d6:72:4d:1c:9f: cd:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:2E:F0:22:C0:38:50:34:59:4D:1B:3D:BE:CD:4C:80:B3:D7:F4:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5496107b-eefe-4905-9cf9-59440b1209c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.62.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:3f:7d:45:d9:47:a8:17:8c:0f:bf:37:f9:8c:54:31:67:31: 1e:0b:e7:75:61:3a:f8:b3:25:4f:cd:12:32:d7:d0:f8:70:53: 96:47:b1:db:99:21:81:8c:5f:b4:2c:46:44:db:76:6a:fb:e1: 89:61:34:9a:89:dc:6c:ce:60:ad:af:cb:48:40:39:47:e1:32: 85:e6:f4:10:3f:ed:be:81:5f:f8:6b:06:48:dd:19:12:fd:61: 4f:22:5e:48:a7:65:34:f8:6c:32:85:8e:93:08:2f:9a:5b:38: 8a:4f:07:ee:f2:e1:d6:ff:f3:29:8b:21:cd:2f:6b:d9:80:26: 4d:a1:b4:0e:4c:4d:66:fa:ea:96:9c:4c:48:af:d0:a7:0b:c9: 8c:4e:d1:33:78:0a:5a:66:eb:19:e1:6e:6a:62:e3:3d:ef:12: 94:56:40:b0:ce:26:d8:e4:b7:41:12:be:af:00:27:d4:37:83: f4:26:d1:33:78:3c:41:12:10:e5:f6:3a:3d:06:42:a7:2c:53: 2e:93:a2:36:c0:9e:36:13:b7:71:34:87:dd:b5:89:7f:62:74: c8:d5:ef:8c:96:ec:23:6b:39:74:13:8b:96:78:5b:17:e8:82: ac:93:f9:df:46:45:9a:9b:bb:1c:bb:1a:03:0b:4e:9f:2a:52: 1e:5b:c5:47 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTIKZC1wsL+uiZz1tExM5wneoPEwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkyOTE1MDAyOFoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNAM2RiYjIwMTBhMjYxNzU0ZWJjYThi ZDZkZWNkNDk2NzQ5MTRkMzE0NzE3NWJhNDU0NDkyOTFhNzIxZTJhZDJhNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2ea1G6j/gkyh8DNXkEaDEVO9swb +3XyELuZZviuvwROPiGqBlM/1ssl7eqAXbgwaOTmQsjZnhFeN4EUYsoDH4dbd43Y 8Idpm1bvvDklT82joNRiD19vRwJyBudTSbKSsu2HLfH8wK3MbZHASKTwlzWks6Ua BcVOidXzKcGDddQ2/2TDJzok4Cu0iK7pIAbCfituLcQzOF8m685oz9LX42nTOBDe xypCd95PZ8OsTuR4WLMCdAgQjOuZq8dp+JUlql0MTCQQVAThoZ1h7BSUtTtR05X2 Ak9Z2l1eMx3EZhWr3jELi0NGliQPL1ZU369L8UH5yhgx4NPZ1nJNHJ/N7QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMEu8CLAOFA0WU0bPb7NTICz1/RBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0OTYxMDdiLWVlZmUtNDkwNS05Y2Y5LTU5NDQwYjEyMDljOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g+MA0GCSqGSIb3DQEBCwUAA4IBAQB9P31F2UeoF4wPvzf5jFQx ZzEeC+d1YTr4syVPzRIy19D4cFOWR7HbmSGBjF+0LEZE23Zq++GJYTSaidxszmCt r8tIQDlH4TKF5vQQP+2+gV/4awZI3RkS/WFPIl5Ip2U0+GwyhY6TCC+aWziKTwfu 8uHW//MpiyHNL2vZgCZNobQOTE1m+uqWnExIr9CnC8mMTtEzeApaZusZ4W5qYuM9 7xKUVkCwzibY5LdBEr6vACfUN4P0JtEzeDxBEhDl9jo9BkKnLFMuk6I2wJ42E7dx NIfdtYl/YnTI1e+Mluwjazl0E4uWeFsX6IKsk/nfRkWam7scuxoDC06fKlIeW8VH -----END CERTIFICATE-----Generated at Mon Oct 20 19:02:22 2025 by rpki-client