$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa File: 9489db20-95e0-4921-9118-b2516a901b12.roa (raw, json) Hash identifier: Bw8NXViaDwYWHEpDApoP8TbhmwCgxVnGSk4GVB0SscI= Subject key identifier: C5:46:71:61:C7:BA:3F:E4:A5:ED:93:7D:5B:A9:FF:72:A5:EF:C1:43 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22C1969575AA7F0C7A9D04350C9841C5C7978FB7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa Signing time: Fri 17 Oct 2025 00:02:19 +0000 ROA not before: Fri 17 Oct 2025 00:02:19 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:c1:96:95:75:aa:7f:0c:7a:9d:04:35:0c:98:41:c5:c7:97:8f:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:02:19 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=533676361b20d78c5ed6efbff6a6bf77ec77f5b5d9176c9bdefb4caca34897b6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7b:d5:93:94:e3:8d:92:24:b7:c6:7d:2e:ce: 56:04:7a:fc:1e:9c:df:91:c8:34:09:b6:88:44:4e: f9:87:40:cd:3e:51:85:b3:54:f4:8d:37:fd:ee:c1: ef:60:e7:87:37:36:0a:c2:2c:d1:27:a2:c5:03:48: 92:6f:23:d8:68:39:1d:04:2e:de:ea:95:72:8a:a4: 1b:da:36:0d:2e:f9:34:83:98:2a:8b:65:18:ac:35: eb:06:37:bb:63:f1:9c:e0:b4:a7:40:7c:d2:91:92: f3:69:a0:b8:65:5d:2d:4c:3e:2c:0f:68:7c:03:1f: 5d:5c:6b:7b:04:5d:e6:e7:39:cc:50:ac:0d:84:37: 4f:ad:d7:9c:44:3e:3c:d3:65:8e:f0:6c:45:db:14: bb:21:2d:c8:65:d4:37:6d:e3:64:c1:47:09:14:90: d4:b5:c1:b8:4c:11:3f:26:44:df:63:56:bd:3e:6d: 0c:c1:f4:60:34:54:37:28:d2:2e:f0:16:e3:a8:06: 1b:11:54:9c:b8:94:5f:fa:3e:63:38:36:e7:50:f2: 47:c1:a1:cc:36:5f:9e:14:7e:58:b9:34:ac:02:bc: 18:e0:25:62:23:87:8d:71:01:4c:21:83:9d:c1:12: ea:5b:49:84:82:d7:b5:9b:df:c9:0b:d5:bc:48:55: d3:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:46:71:61:C7:BA:3F:E4:A5:ED:93:7D:5B:A9:FF:72:A5:EF:C1:43 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9489db20-95e0-4921-9118-b2516a901b12.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.72.0/24 Signature Algorithm: sha256WithRSAEncryption ac:0d:f2:e9:74:28:0a:3f:a1:45:1e:22:c8:b4:4c:28:61:21: 8f:4c:6e:71:c6:25:c4:b7:14:81:68:9a:77:34:6b:ba:0f:78: 29:d1:c1:57:ab:a4:97:92:05:c7:1d:74:8f:d1:3c:fa:92:f9: a8:55:96:6d:e0:64:45:cd:c5:72:03:22:08:9c:6d:0c:b5:82: 4e:e1:53:a4:c4:a5:18:6d:71:cd:3c:6e:b8:46:42:00:59:d5: 45:73:46:b8:1c:c7:c1:f8:2d:de:1e:5a:be:7d:de:c1:03:55: d9:ae:5c:26:dd:a3:dc:69:be:2e:51:1e:a9:9c:57:32:5d:6a: b9:2c:3d:bf:eb:c4:9e:ee:cc:3d:da:a3:5e:23:19:54:c3:44: 11:5f:26:10:ca:ca:7b:bf:97:b3:57:39:1f:1a:7b:b9:87:ca: 1e:cb:e8:17:ac:06:89:ff:de:58:6e:a7:c1:e2:0a:ac:6e:9a: e7:a2:3d:a5:bc:09:6d:12:85:1e:12:fb:01:82:50:e7:96:cc: f6:f0:e2:a2:64:42:82:ac:6b:44:b9:a3:2c:d5:44:d2:8d:45: 60:48:51:3c:4a:22:56:b0:85:1b:11:26:14:b1:e4:15:b1:03: c7:84:b7:37:48:31:4a:5d:0b:09:81:1b:e0:02:e8:0b:58:fe: 55:45:36:89 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUIsGWlXWqfwx6nQQ1DJhBxceXj7cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDIxOVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANTMzNjc2MzYxYjIwZDc4YzVlZDZl ZmJmZjZhNmJmNzdlYzc3ZjViNWQ5MTc2YzliZGVmYjRjYWNhMzQ4OTdiNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznvVk5TjjZIkt8Z9Ls5WBHr8Hpzf kcg0CbaIRE75h0DNPlGFs1T0jTf97sHvYOeHNzYKwizRJ6LFA0iSbyPYaDkdBC7e 6pVyiqQb2jYNLvk0g5gqi2UYrDXrBje7Y/Gc4LSnQHzSkZLzaaC4ZV0tTD4sD2h8 Ax9dXGt7BF3m5znMUKwNhDdPrdecRD4802WO8GxF2xS7IS3IZdQ3beNkwUcJFJDU tcG4TBE/JkTfY1a9Pm0MwfRgNFQ3KNIu8BbjqAYbEVScuJRf+j5jODbnUPJHwaHM Nl+eFH5YuTSsArwY4CViI4eNcQFMIYOdwRLqW0mEgte1m9/JC9W8SFXTFwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMVGcWHHuj/kpe2TfVup/3Kl78FDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0ODlkYjIwLTk1ZTAtNDkyMS05MTE4LWIyNTE2YTkwMWIxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9hIMA0GCSqGSIb3DQEBCwUAA4IBAQCsDfLpdCgKP6FFHiLItEwo YSGPTG5xxiXEtxSBaJp3NGu6D3gp0cFXq6SXkgXHHXSP0Tz6kvmoVZZt4GRFzcVy AyIInG0MtYJO4VOkxKUYbXHNPG64RkIAWdVFc0a4HMfB+C3eHlq+fd7BA1XZrlwm 3aPcab4uUR6pnFcyXWq5LD2/68Se7sw92qNeIxlUw0QRXyYQysp7v5ezVzkfGnu5 h8oey+gXrAaJ/95YbqfB4gqsbprnoj2lvAltEoUeEvsBglDnlsz28OKiZEKCrGtE uaMs1UTSjUVgSFE8SiJWsIUbESYUseQVsQPHhLc3SDFKXQsJgRvgAugLWP5VRTaJ -----END CERTIFICATE-----Generated at Mon Oct 20 07:18:53 2025 by rpki-client