$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7c0696d-ba0c-47de-9916-42ee007b9201.roa File: b7c0696d-ba0c-47de-9916-42ee007b9201.roa (raw, json) Hash identifier: ZJAeH6Hf1pmeguHBhzuWVdFkYzLUBUlnSBpZOHhpkOY= Subject key identifier: DE:9A:EC:A2:BC:C4:13:82:F7:98:8F:58:12:01:4E:EB:DF:76:92:C1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36DF0C1FCF870952E2DE4F29DB381620523CFED7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7c0696d-ba0c-47de-9916-42ee007b9201.roa Signing time: Wed 15 Oct 2025 00:50:12 +0000 ROA not before: Wed 15 Oct 2025 00:50:12 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 43.221.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:df:0c:1f:cf:87:09:52:e2:de:4f:29:db:38:16:20:52:3c:fe:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:50:12 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=7cb6a4c06c9afc1af64efa941f11641d85b24627374cd36fcd75982c5acee73a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:ca:5d:d0:a2:c5:c3:20:c0:44:3c:a4:b6:f2: 72:c7:fd:3e:d3:3f:07:10:c3:60:76:6a:c0:89:00: 3d:00:84:3a:39:17:10:65:95:55:4a:f4:77:ea:5d: a8:e0:b4:3e:03:90:6a:26:4e:12:73:ed:23:4f:b1: 7c:a7:c4:77:72:b1:9e:17:1b:8f:d6:8a:9a:81:65: 52:05:8b:e3:59:f7:27:44:d9:d5:70:12:58:85:94: 0c:44:5e:5e:6e:71:1c:1c:1d:68:d0:19:dc:55:a3: 01:b5:1e:00:8e:7e:b8:ac:d2:28:b3:e0:83:3c:73: 56:80:35:1e:6e:98:9c:82:2a:32:ad:6e:60:d0:53: 80:88:cd:4d:07:a8:a3:c7:2c:ab:0e:78:25:09:7a: 2f:0e:00:46:9d:f9:d4:1e:3d:7f:e7:16:d1:94:01: c1:c8:c3:cc:1d:64:6a:85:6e:30:d5:71:7b:ce:e0: 28:f8:69:16:35:88:d6:98:d9:18:60:5b:a8:f9:ca: 93:df:4c:45:29:1b:7e:78:f6:ce:b9:24:df:72:14: 5e:7a:3b:85:f6:a4:ae:71:ee:66:49:f9:fc:08:f1: f3:2b:5b:fc:39:43:11:89:5d:9b:71:f1:71:fc:d9: 3d:8d:3a:b6:bd:49:76:d6:2f:09:0f:e9:dc:93:d4: 12:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:9A:EC:A2:BC:C4:13:82:F7:98:8F:58:12:01:4E:EB:DF:76:92:C1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7c0696d-ba0c-47de-9916-42ee007b9201.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.221.0.0/16 Signature Algorithm: sha256WithRSAEncryption 97:b3:82:aa:d6:c9:e2:03:14:ca:19:da:e6:ee:7d:ac:78:e0: f7:05:db:55:51:b4:73:1d:3e:92:b0:2d:4e:3e:17:5c:ab:32: e9:9a:b9:35:53:55:16:af:06:8c:ba:c2:37:ac:14:21:fe:99: ef:0c:a6:49:76:b6:15:5a:0b:96:8d:ad:2b:0b:73:25:ca:9b: 62:4e:ff:04:0c:e3:15:f8:ba:ea:74:12:0b:8a:7e:33:33:e5: e3:d1:44:0e:9b:d0:40:d4:7a:e0:71:f3:f8:ee:6b:ff:e1:aa: bb:b3:71:54:c3:c9:32:9b:30:6a:2e:4a:e7:31:de:68:6c:78: 2e:62:c7:2b:5c:63:e2:28:51:7c:9c:92:17:04:b5:29:58:72: 3f:de:de:78:54:f5:ac:81:b3:0a:de:5f:c2:9b:3d:c8:4d:09: ec:59:b6:13:f0:4a:37:bc:f0:06:3a:4f:c1:72:18:a7:8a:1e: 3e:76:ef:42:54:1c:19:b8:83:9f:9c:85:c3:14:f9:ec:15:55: e6:02:fb:68:e4:4f:7c:9b:1c:f0:ea:c5:c0:7a:61:77:90:c8: 9c:84:67:46:fc:6b:d0:20:70:2a:94:e7:8f:a4:14:23:ce:bc: fc:ee:12:bc:14:c6:8a:1a:0a:5f:a6:3a:c0:18:20:53:34:3e: 60:95:3b:d4 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUNt8MH8+HCVLi3k8p2zgWIFI8/tcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNTAxMloX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAN2NiNmE0YzA2YzlhZmMxYWY2NGVm YTk0MWYxMTY0MWQ4NWIyNDYyNzM3NGNkMzZmY2Q3NTk4MmM1YWNlZTczYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMpd0KLFwyDARDyktvJyx/0+0z8H EMNgdmrAiQA9AIQ6ORcQZZVVSvR36l2o4LQ+A5BqJk4Sc+0jT7F8p8R3crGeFxuP 1oqagWVSBYvjWfcnRNnVcBJYhZQMRF5ebnEcHB1o0BncVaMBtR4Ajn64rNIos+CD PHNWgDUebpicgioyrW5g0FOAiM1NB6ijxyyrDnglCXovDgBGnfnUHj1/5xbRlAHB yMPMHWRqhW4w1XF7zuAo+GkWNYjWmNkYYFuo+cqT30xFKRt+ePbOuSTfchReejuF 9qSuce5mSfn8CPHzK1v8OUMRiV2bcfFx/Nk9jTq2vUl21i8JD+nck9QSpQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFN6a7KK8xBOC95iPWBIBTuvfdpLBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I3YzA2OTZkLWJhMGMtNDdkZS05OTE2LTQyZWUwMDdiOTIwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAK90wDQYJKoZIhvcNAQELBQADggEBAJezgqrWyeIDFMoZ2ubufax4 4PcF21VRtHMdPpKwLU4+F1yrMumauTVTVRavBoy6wjesFCH+me8Mpkl2thVaC5aN rSsLcyXKm2JO/wQM4xX4uup0EguKfjMz5ePRRA6b0EDUeuBx8/jua//hqruzcVTD yTKbMGouSucx3mhseC5ixytcY+IoUXyckhcEtSlYcj/e3nhU9ayBswreX8KbPchN CexZthPwSje88AY6T8FyGKeKHj5270JUHBm4g5+chcMU+ewVVeYC+2jkT3ybHPDq xcB6YXeQyJyEZ0b8a9AgcCqU54+kFCPOvPzuErwUxooaCl+mOsAYIFM0PmCVO9Q= -----END CERTIFICATE-----Generated at Mon Oct 20 04:04:38 2025 by rpki-client