$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa File: c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa (raw, json) Hash identifier: q5FAgbkFjwkrN/2I7Qgz0AlpvKOPwIaqMAi8+clHSig= Subject key identifier: 31:74:5B:D3:88:67:5B:3B:31:ED:DB:F9:09:CC:87:6D:91:1A:EC:56 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4A21B8415F721F3C3744EC154DD80F466434A5D2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa Signing time: Tue 07 Oct 2025 00:01:17 +0000 ROA not before: Tue 07 Oct 2025 00:01:17 +0000 ROA not after: Tue 11 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.213.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:21:b8:41:5f:72:1f:3c:37:44:ec:15:4d:d8:0f:46:64:34:a5:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 7 00:01:17 2025 GMT Not After : Nov 11 23:59:59 2025 GMT Subject: serialNumber=16cb5c6f739f9fd85af18ea38c9a6db815f89591b592035f37421db50246e616, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:26:d7:a9:a3:01:d5:b7:6f:e2:05:d4:81:d7: 4f:8c:35:a7:3a:1f:cf:03:5d:d7:58:42:aa:ff:d4: d6:14:a1:ef:15:52:18:bc:63:a9:ef:80:0f:56:a3: 5c:46:18:eb:cf:b7:1f:b6:69:4d:f6:d1:9b:0f:71: 83:f5:0c:a2:3a:05:ef:fd:2e:91:6a:c1:94:66:91: 84:72:ed:30:32:72:8b:7c:37:72:a8:9e:61:a3:55: 43:a4:4b:5c:98:25:72:58:e0:d8:65:7c:cc:95:91: cd:12:a5:09:53:fd:6d:a1:00:f4:d5:15:47:29:68: 91:82:9e:7e:60:29:36:d4:05:44:4d:c9:c5:bf:9f: 87:a7:07:dd:bf:5c:09:2f:f5:e2:6a:fb:5d:a8:ec: 2f:2b:fa:f9:8e:47:a4:dd:0f:76:f8:40:4a:a2:de: ec:74:a7:8d:c0:9b:72:7e:31:62:48:f8:e3:23:33: 3e:ad:21:25:4f:4a:22:e9:a0:53:44:74:34:35:3b: 74:bf:de:37:ef:af:ca:61:29:af:ef:7c:80:8f:aa: e3:37:c0:c3:ab:cd:24:57:37:f4:16:d6:58:35:e5: 81:c8:97:2b:f5:06:d7:2f:e2:d5:5c:b9:cf:db:5b: 75:06:e6:e9:61:28:31:8f:c2:f7:61:84:1f:1e:a8: aa:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:74:5B:D3:88:67:5B:3B:31:ED:DB:F9:09:CC:87:6D:91:1A:EC:56 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c64b3ce2-0670-4f0c-b5b6-f94ce6bf7a57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.213.154.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:ef:ba:9a:65:1f:30:58:f0:42:71:b4:02:a3:cb:3f:2e:7b: e1:5b:8c:4b:46:3d:60:aa:60:b6:e5:76:6f:6b:cd:30:de:7b: 11:63:26:92:bc:9e:53:ff:ec:ed:aa:e6:70:c4:dc:5a:9b:a1: dc:e7:ca:c8:9b:40:28:b0:6e:f3:6c:1a:ab:62:50:eb:92:90: 3f:67:4a:a0:41:d1:33:ee:de:d2:15:02:e9:31:fd:34:61:09: fe:a5:65:46:d8:55:d2:e1:7c:2c:70:3b:45:20:ba:80:59:be: d9:7a:bc:40:60:2a:c0:6d:9f:95:49:8e:d2:c6:bd:29:00:e3: 96:25:a9:a5:7d:66:3b:88:7a:11:ab:b0:05:0e:83:f7:98:cc: 51:3e:95:7f:7a:db:29:4a:80:d6:e3:e0:42:37:22:69:ba:d8: fe:44:56:08:6a:8d:ab:3e:5d:14:1c:f4:be:52:76:91:5a:df: b8:a3:87:91:57:5e:50:35:95:6f:b6:bb:76:1f:13:e3:66:94: bd:94:c8:b4:30:71:6b:1f:9c:5c:2a:6a:68:f1:24:8d:fe:f5: 97:55:d6:1c:39:2c:59:97:db:e1:18:35:74:ef:b3:41:ea:81: 7b:47:86:69:28:5d:03:d9:fe:9a:de:73:b4:64:48:c0:a0:3a: b3:e5:97:65 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSiG4QV9yHzw3ROwVTdgPRmQ0pdIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNzAwMDExN1oX DTI1MTExMTIzNTk1OVowejFJMEcGA1UEBRNAMTZjYjVjNmY3MzlmOWZkODVhZjE4 ZWEzOGM5YTZkYjgxNWY4OTU5MWI1OTIwMzVmMzc0MjFkYjUwMjQ2ZTYxNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjybXqaMB1bdv4gXUgddPjDWnOh/P A13XWEKq/9TWFKHvFVIYvGOp74APVqNcRhjrz7cftmlN9tGbD3GD9QyiOgXv/S6R asGUZpGEcu0wMnKLfDdyqJ5ho1VDpEtcmCVyWODYZXzMlZHNEqUJU/1toQD01RVH KWiRgp5+YCk21AVETcnFv5+Hpwfdv1wJL/XiavtdqOwvK/r5jkek3Q92+EBKot7s dKeNwJtyfjFiSPjjIzM+rSElT0oi6aBTRHQ0NTt0v94376/KYSmv73yAj6rjN8DD q80kVzf0FtZYNeWByJcr9QbXL+LVXLnP21t1BubpYSgxj8L3YYQfHqiqkQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDF0W9OIZ1s7Me3b+QnMh22RGuxWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M2NGIzY2UyLTA2NzAtNGYwYy1iNWI2LWY5NGNlNmJmN2E1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9WaMA0GCSqGSIb3DQEBCwUAA4IBAQAL77qaZR8wWPBCcbQCo8s/ LnvhW4xLRj1gqmC25XZva80w3nsRYyaSvJ5T/+ztquZwxNxam6Hc58rIm0AosG7z bBqrYlDrkpA/Z0qgQdEz7t7SFQLpMf00YQn+pWVG2FXS4XwscDtFILqAWb7ZerxA YCrAbZ+VSY7Sxr0pAOOWJamlfWY7iHoRq7AFDoP3mMxRPpV/etspSoDW4+BCNyJp utj+RFYIao2rPl0UHPS+UnaRWt+4o4eRV15QNZVvtrt2HxPjZpS9lMi0MHFrH5xc Kmpo8SSN/vWXVdYcOSxZl9vhGDV077NB6oF7R4ZpKF0D2f6a3nO0ZEjAoDqz5Zdl -----END CERTIFICATE-----Generated at Mon Oct 20 12:20:30 2025 by rpki-client