$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa File: c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa (raw, json) Hash identifier: 2oHdBVpsech1wFc2/jFAYr4SGhXbQZObSGMgDpX+p0M= Subject key identifier: 6C:9E:6B:C1:8F:CF:8D:B4:30:2B:0C:EB:72:C0:E2:4E:70:02:A5:38 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6381050F256BF1E2DEA10C4A4079BDAD169E349D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa Signing time: Fri 17 Oct 2025 00:02:21 +0000 ROA not before: Fri 17 Oct 2025 00:02:21 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:81:05:0f:25:6b:f1:e2:de:a1:0c:4a:40:79:bd:ad:16:9e:34:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:02:21 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=1f3a64ed886c3912a13a045c24b88b163f0f4604dbf48c66c762498d99214ab4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:28:24:05:c3:16:62:11:63:76:4b:2f:28:80: 9c:a0:44:39:ff:f2:e7:d7:0d:99:45:a1:4c:99:f5: 6a:82:e5:af:b8:48:dc:a4:50:28:6f:46:dd:46:ea: 84:79:b4:cb:c7:08:d6:c8:a7:73:07:7d:a4:fd:c6: e8:e0:89:fe:74:d4:6f:e0:1b:34:c2:bc:48:55:de: b8:48:7a:a2:c2:ad:84:7a:65:29:4a:c2:30:ba:0f: a4:57:17:82:93:07:2b:ec:6c:8d:20:f2:44:47:f6: 52:1a:95:0e:34:e7:00:c0:52:a6:30:bb:aa:0b:01: 10:01:6b:af:72:6b:c6:7c:f5:4f:ee:78:93:e5:f2: 2b:ea:de:57:f4:c8:4f:cd:9d:e7:1b:4e:80:80:63: b5:32:1c:dc:7f:a2:b3:6a:aa:52:aa:70:d9:ee:ec: 0e:e9:0a:6a:09:62:63:ae:ef:5c:c9:79:e7:0a:99: 40:fd:52:6c:45:de:22:9d:74:41:2f:dd:82:d3:b4: be:41:d6:47:72:67:f9:6c:2e:44:80:96:25:c7:4c: 53:ab:19:14:16:41:fb:28:65:f3:db:38:35:2f:16: 93:bc:0c:0d:d8:d7:6a:9c:72:73:70:32:38:38:2e: ae:38:45:35:a6:36:96:fb:b0:d6:6f:5a:23:73:cb: 40:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:9E:6B:C1:8F:CF:8D:B4:30:2B:0C:EB:72:C0:E2:4E:70:02:A5:38 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0e0735d-a91e-478d-82d2-a3f04ee435d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.158.0/23 Signature Algorithm: sha256WithRSAEncryption 78:b3:12:0f:ce:2a:e1:87:a7:e3:4c:2c:98:00:24:a4:39:e9: 90:87:0a:e0:63:d4:9e:0e:66:6a:3b:6e:75:e3:d5:9c:11:47: fa:75:92:9c:31:c2:56:c7:76:12:c4:14:b8:6e:13:62:80:4b: 04:a5:5f:e6:8a:57:be:df:ee:28:f5:e9:61:1c:91:a9:a6:a5: a7:a8:e3:3e:8a:65:22:a8:b2:8f:d6:fe:a0:77:82:87:30:65: 79:a2:2b:b8:50:0e:58:b0:c2:2d:9d:c2:16:62:51:2d:7a:65: 33:04:e6:ff:68:69:65:25:d7:c6:4c:d5:d6:ae:57:75:e4:d2: c6:1b:dd:3b:9c:12:a2:dd:a5:02:c7:7a:3d:9a:5a:d0:fe:d8: f9:99:f9:81:97:35:e3:bb:23:1e:cc:1b:c3:8e:73:aa:e6:66: 45:ae:8b:35:b6:07:b7:35:86:5c:d4:7f:07:56:df:55:fa:bc: 0a:70:66:18:ed:0f:ad:9d:d4:72:d5:51:48:7d:58:52:dc:8d: df:bc:b5:87:47:8e:e3:56:37:89:bf:e5:ce:9b:7b:e9:1a:50: c9:28:db:ee:cd:4d:db:8d:cc:04:af:08:39:62:51:8d:e8:c1: a4:19:de:73:d1:f5:1b:d5:95:c7:bd:94:2f:89:6c:b8:f5:c7: 92:35:37:16 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUY4EFDyVr8eLeoQxKQHm9rRaeNJ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDIyMVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAMWYzYTY0ZWQ4ODZjMzkxMmExM2Ew NDVjMjRiODhiMTYzZjBmNDYwNGRiZjQ4YzY2Yzc2MjQ5OGQ5OTIxNGFiNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCgkBcMWYhFjdksvKICcoEQ5//Ln 1w2ZRaFMmfVqguWvuEjcpFAob0bdRuqEebTLxwjWyKdzB32k/cbo4In+dNRv4Bs0 wrxIVd64SHqiwq2EemUpSsIwug+kVxeCkwcr7GyNIPJER/ZSGpUONOcAwFKmMLuq CwEQAWuvcmvGfPVP7niT5fIr6t5X9MhPzZ3nG06AgGO1Mhzcf6KzaqpSqnDZ7uwO 6QpqCWJjru9cyXnnCplA/VJsRd4inXRBL92C07S+QdZHcmf5bC5EgJYlx0xTqxkU FkH7KGXz2zg1LxaTvAwN2NdqnHJzcDI4OC6uOEU1pjaW+7DWb1ojc8tALQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGyea8GPz420MCsM63LA4k5wAqU4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwZTA3MzVkLWE5MWUtNDc4ZC04MmQyLWEzZjA0ZWU0MzVkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBK9qeMA0GCSqGSIb3DQEBCwUAA4IBAQB4sxIPzirhh6fjTCyYACSk OemQhwrgY9SeDmZqO25149WcEUf6dZKcMcJWx3YSxBS4bhNigEsEpV/mile+3+4o 9elhHJGppqWnqOM+imUiqLKP1v6gd4KHMGV5oiu4UA5YsMItncIWYlEtemUzBOb/ aGllJdfGTNXWrld15NLGG907nBKi3aUCx3o9mlrQ/tj5mfmBlzXjuyMezBvDjnOq 5mZFros1tge3NYZc1H8HVt9V+rwKcGYY7Q+tndRy1VFIfVhS3I3fvLWHR47jVjeJ v+XOm3vpGlDJKNvuzU3bjcwErwg5YlGN6MGkGd5z0fUb1ZXHvZQviWy49ceSNTcW -----END CERTIFICATE-----Generated at Mon Oct 20 12:27:05 2025 by rpki-client