$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa File: 9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa (raw, json) Hash identifier: zUbTIn8ynTYfBcRhDWmMnzzgjG8WyzQU9uJ0jYlKmG0= Subject key identifier: 00:02:14:B0:8F:1A:AF:9E:E7:B9:0C:D8:7D:9D:87:97:66:2D:AF:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1942D09406EEA6A89A5E297F1AB7EC9D36D59BD8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa Signing time: Sun 19 Oct 2025 00:00:11 +0000 ROA not before: Sun 19 Oct 2025 00:00:11 +0000 ROA not after: Sun 23 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.210.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:42:d0:94:06:ee:a6:a8:9a:5e:29:7f:1a:b7:ec:9d:36:d5:9b:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 19 00:00:11 2025 GMT Not After : Nov 23 23:59:59 2025 GMT Subject: serialNumber=563f034f04e72f2133d05094b43119617528810fec0eb74f2c335030f55eeaaa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b6:a7:86:29:f6:af:96:12:8a:2a:72:f7:9a: a4:ca:eb:19:4e:91:dc:d5:0e:86:73:bb:56:f6:40: 22:64:da:15:47:b8:ec:6b:85:9d:45:ae:7c:da:27: 63:e5:4d:d9:ff:85:00:0d:9e:cd:ce:34:6f:86:1a: 75:de:ef:4c:aa:e6:85:44:e9:4f:5f:d8:fc:d8:11: 98:a0:ea:f9:ca:06:29:28:d8:de:6c:f0:84:e7:34: 40:08:41:e8:31:09:52:22:83:6e:f1:38:30:c5:3e: 89:4b:9b:91:94:b5:ee:0d:c9:89:1b:08:b6:b3:71: ca:88:43:58:a0:17:4c:fd:c6:67:88:59:af:0f:46: 91:58:dd:99:d7:12:b5:d7:26:ff:68:4c:3d:fc:66: d8:19:5f:5d:46:bd:8d:af:ea:7e:0d:26:76:80:18: 4f:6b:12:42:16:fc:9c:b8:af:01:ab:c3:30:a0:15: 4d:77:ca:12:05:b6:90:1e:58:cf:a1:4f:42:28:33: f2:2c:c9:76:5e:61:c1:58:9b:c6:78:0c:99:17:07: be:81:54:c2:93:84:a8:e1:ab:6d:3f:31:4e:45:ac: 63:27:43:9a:28:88:ee:be:83:f1:60:a9:81:db:22: ff:9c:75:7d:93:d6:0a:f7:d8:5d:2e:87:49:34:e6: 59:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:02:14:B0:8F:1A:AF:9E:E7:B9:0C:D8:7D:9D:87:97:66:2D:AF:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a84c5fb-d075-40ae-afad-ad59b3e2ebf0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.210.0.0/15 Signature Algorithm: sha256WithRSAEncryption bd:36:87:f3:d7:06:f6:bc:da:87:d0:a0:a4:81:38:8a:a5:63: bc:3e:a2:3e:57:be:2e:de:b8:77:b8:3c:1a:0b:9d:4b:57:6c: b6:ea:8f:d7:58:f4:9b:da:d5:f0:09:47:6f:8c:5e:4c:f5:a3: 77:80:d8:9b:3a:64:ee:9d:38:1a:26:ef:51:8c:62:f5:77:1e: 9f:8e:7b:c1:ae:07:c6:f9:2a:53:50:e5:b4:8d:c5:3f:9b:bf: 28:43:53:90:f1:3b:87:1c:76:3e:bc:25:8f:6d:95:81:22:59: 95:29:88:75:ae:60:b8:96:0d:f2:eb:98:bf:2b:39:66:ac:3e: f7:d6:85:a4:4c:29:6c:12:d1:94:8b:4a:c2:11:05:8e:66:55: c2:c7:51:81:a3:4e:5e:6d:77:25:f6:1b:af:4e:8e:1e:c0:5c: e3:4e:b4:d3:44:79:79:d5:5d:d9:04:57:2a:33:c2:10:82:0b: a3:4b:65:fb:3d:f8:a6:1b:2e:2c:53:3d:ee:fa:d0:19:a4:bc: 98:96:b7:94:ff:0f:fa:5e:40:3c:a7:6f:58:13:b8:7f:66:38: 13:f0:51:80:43:a0:fe:d1:fc:cc:36:6e:c3:cf:dd:75:10:ef: 09:5d:97:d5:50:cf:ce:75:84:9f:df:4a:d8:1a:07:65:6e:44: e5:ed:3b:2a -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUGULQlAbupqiaXil/GrfsnTbVm9gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxOTAwMDAxMVoX DTI1MTEyMzIzNTk1OVowejFJMEcGA1UEBRNANTYzZjAzNGYwNGU3MmYyMTMzZDA1 MDk0YjQzMTE5NjE3NTI4ODEwZmVjMGViNzRmMmMzMzUwMzBmNTVlZWFhYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmranhin2r5YSiipy95qkyusZTpHc 1Q6Gc7tW9kAiZNoVR7jsa4WdRa582idj5U3Z/4UADZ7NzjRvhhp13u9MquaFROlP X9j82BGYoOr5ygYpKNjebPCE5zRACEHoMQlSIoNu8TgwxT6JS5uRlLXuDcmJGwi2 s3HKiENYoBdM/cZniFmvD0aRWN2Z1xK11yb/aEw9/GbYGV9dRr2Nr+p+DSZ2gBhP axJCFvycuK8Bq8MwoBVNd8oSBbaQHljPoU9CKDPyLMl2XmHBWJvGeAyZFwe+gVTC k4So4attPzFORaxjJ0OaKIjuvoPxYKmB2yL/nHV9k9YK99hdLodJNOZZ6QIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFAACFLCPGq+e57kM2H2dh5dmLa/vMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhODRjNWZiLWQwNzUtNDBhZS1hZmFkLWFkNTliM2UyZWJmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9IwDQYJKoZIhvcNAQELBQADggEBAL02h/PXBva82ofQoKSBOIql Y7w+oj5Xvi7euHe4PBoLnUtXbLbqj9dY9Jva1fAJR2+MXkz1o3eA2Js6ZO6dOBom 71GMYvV3Hp+Oe8GuB8b5KlNQ5bSNxT+bvyhDU5DxO4ccdj68JY9tlYEiWZUpiHWu YLiWDfLrmL8rOWasPvfWhaRMKWwS0ZSLSsIRBY5mVcLHUYGjTl5tdyX2G69Ojh7A XONOtNNEeXnVXdkEVyozwhCCC6NLZfs9+KYbLixTPe760BmkvJiWt5T/D/peQDyn b1gTuH9mOBPwUYBDoP7R/Mw2bsPP3XUQ7wldl9VQz851hJ/fStgaB2VuROXtOyo= -----END CERTIFICATE-----Generated at Mon Oct 20 09:50:02 2025 by rpki-client