$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa File: 5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa (raw, json) Hash identifier: xFtivp4XxD4DbuVssF5oxip+ey3+VaJqQtJFnv43IRI= Subject key identifier: E5:C9:EA:0E:E2:6D:C4:6A:52:C4:29:AB:6C:2C:AF:C1:8B:3C:67:84 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 72564EFC93895FB60D79D62C46973180B7D44CA6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa Signing time: Wed 15 Oct 2025 00:50:08 +0000 ROA not before: Wed 15 Oct 2025 00:50:08 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.0.0/13 maxlen: 13 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:56:4e:fc:93:89:5f:b6:0d:79:d6:2c:46:97:31:80:b7:d4:4c:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:50:08 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=ca752bd14eb8c8cf52203976421484f8ab11602182d2b7a8f8b6f37ad1dc093a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ef:61:5d:85:ac:2d:82:82:2b:2c:91:bf:50: 4a:c2:a0:ee:1e:27:f3:ba:91:a2:2c:3e:f8:14:7d: 67:21:9b:b6:6e:31:1b:02:02:92:c9:34:24:06:8a: 39:e0:ad:43:f1:cc:20:93:0f:ae:b4:3f:66:33:ae: bc:81:e4:44:87:e9:4d:db:2b:fe:60:11:aa:c7:fb: dc:6c:83:61:eb:00:b6:01:34:5a:0f:54:b4:27:36: 63:5a:2c:eb:ff:13:63:e5:26:0d:26:dd:7a:0f:19: fd:06:05:65:e2:0c:e5:7c:e7:34:d3:0f:53:50:38: 20:2b:8c:fa:72:44:96:7c:c3:f0:6c:c2:5b:6d:53: fa:e2:8a:1d:82:ea:e0:76:26:b8:3b:49:77:f0:83: 6e:e5:87:f1:5a:11:5d:89:f9:23:6f:6d:ee:ca:1a: 5c:d4:1c:68:34:a9:b6:f3:b9:1e:03:6c:61:e6:e4: b5:ca:cf:c0:1e:d9:ea:bd:e5:b1:d2:60:28:43:2e: b7:89:99:c8:30:7f:cd:7c:f9:46:8d:51:a2:0e:02: e2:c3:cc:32:db:1f:3e:05:b2:70:f0:65:94:df:29: 59:05:cf:55:f4:f5:65:ab:3c:d9:88:d2:85:11:6e: 0c:ee:0c:4d:3b:32:94:cf:34:7f:6c:fb:bb:2a:fd: f0:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:C9:EA:0E:E2:6D:C4:6A:52:C4:29:AB:6C:2C:AF:C1:8B:3C:67:84 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5bf4d29d-b755-45e9-ad12-cad8b88b01bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.0.0/13 Signature Algorithm: sha256WithRSAEncryption 5d:c0:53:57:1a:38:da:a8:8c:4d:b8:94:7d:5c:e4:85:fe:f9: e6:e6:fc:14:b6:2c:95:fa:29:d7:25:f0:92:9f:15:c5:b4:fb: 3d:6a:8d:21:da:4a:03:ad:61:e9:33:44:e4:0e:4e:db:01:d8: eb:92:ee:2d:bf:f8:1e:71:fb:d3:b8:e9:96:b3:ce:d5:00:6b: a4:3b:d6:10:1e:36:92:74:97:df:f0:5f:75:36:cb:b6:a2:19: b9:25:61:23:3c:ae:c1:3c:44:82:ba:0a:fe:37:85:9b:53:45: 89:85:70:bb:c6:27:2b:08:d6:06:53:91:3e:75:41:52:99:99: ed:b2:de:63:fd:51:1b:2c:f9:bb:3a:e9:7b:33:c5:f8:55:43: d8:30:d0:39:8b:e0:fc:b7:59:41:ce:3e:47:e2:0c:30:33:be: d9:bd:1d:a4:d6:6d:5d:27:7b:28:40:24:9e:78:19:c1:eb:65: db:4a:af:08:86:d4:75:30:67:72:8a:5b:13:e3:b6:16:29:87: 6d:5c:b5:8b:a1:6c:f5:55:73:a7:4f:3e:1f:a0:97:66:52:1d: f7:90:7e:e5:e7:ed:26:26:cb:31:55:c1:ae:35:17:95:c9:02: 80:d5:47:21:73:c7:60:ed:2d:d3:9f:43:9c:b5:8e:a3:e1:6b: 6d:56:25:ba -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUclZO/JOJX7YNedYsRpcxgLfUTKYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNTAwOFoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAY2E3NTJiZDE0ZWI4YzhjZjUyMjAz OTc2NDIxNDg0ZjhhYjExNjAyMTgyZDJiN2E4ZjhiNmYzN2FkMWRjMDkzYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+9hXYWsLYKCKyyRv1BKwqDuHifz upGiLD74FH1nIZu2bjEbAgKSyTQkBoo54K1D8cwgkw+utD9mM668geREh+lN2yv+ YBGqx/vcbINh6wC2ATRaD1S0JzZjWizr/xNj5SYNJt16Dxn9BgVl4gzlfOc00w9T UDggK4z6ckSWfMPwbMJbbVP64oodgurgdia4O0l38INu5YfxWhFdifkjb23uyhpc 1BxoNKm287keA2xh5uS1ys/AHtnqveWx0mAoQy63iZnIMH/NfPlGjVGiDgLiw8wy 2x8+BbJw8GWU3ylZBc9V9PVlqzzZiNKFEW4M7gxNOzKUzzR/bPu7Kv3wuQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFOXJ6g7ibcRqUsQpq2wsr8GLPGeEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzViZjRkMjlkLWI3NTUtNDVlOS1hZDEyLWNhZDhiODhiMDFiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK9AwDQYJKoZIhvcNAQELBQADggEBAF3AU1caONqojE24lH1c5IX+ +ebm/BS2LJX6Kdcl8JKfFcW0+z1qjSHaSgOtYekzROQOTtsB2OuS7i2/+B5x+9O4 6ZazztUAa6Q71hAeNpJ0l9/wX3U2y7aiGbklYSM8rsE8RIK6Cv43hZtTRYmFcLvG JysI1gZTkT51QVKZme2y3mP9URss+bs66XszxfhVQ9gw0DmL4Py3WUHOPkfiDDAz vtm9HaTWbV0neyhAJJ54GcHrZdtKrwiG1HUwZ3KKWxPjthYph21ctYuhbPVVc6dP Ph+gl2ZSHfeQfuXn7SYmyzFVwa41F5XJAoDVRyFzx2DtLdOfQ5y1jqPha21WJbo= -----END CERTIFICATE-----Generated at Mon Oct 20 09:57:51 2025 by rpki-client