$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: 6Fpd9gBIc/LXj6j9T1twNVkYS5OMiVQbOSp7PmDxY1U= Subject key identifier: 6C:0D:B8:37:08:53:2D:71:1F:8D:FA:13:6C:75:36:9D:A6:DC:44:B7 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 4AF207B3F7EA85B555F2B75A8FF69C8231F56A78 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Mon 29 Sep 2025 15:00:30 +0000 ROA not before: Mon 29 Sep 2025 15:00:30 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:f2:07:b3:f7:ea:85:b5:55:f2:b7:5a:8f:f6:9c:82:31:f5:6a:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 29 15:00:30 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=0d6670ce2b8af5b7e2b5116ae8ae2aa8ee98a992b33974f21910ee54f87996a2, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:6f:a4:77:c8:cb:1f:80:55:5a:1d:90:1e:da: 61:9a:13:76:b1:33:21:53:9a:49:d6:57:40:2b:a0: 0d:77:6d:8f:b1:bb:0c:05:80:c8:bf:b2:69:88:30: 95:48:af:71:c0:3d:99:15:69:15:8b:c4:2f:c5:97: 99:76:d5:77:5a:f4:35:30:c2:fe:7b:b1:21:40:e9: 58:9b:99:af:4c:71:5e:64:0f:f1:07:f2:8b:37:98: a8:8b:bc:7a:e5:0e:a4:23:13:e2:13:9d:59:3c:37: 57:0b:69:d4:17:9b:59:10:36:de:4f:7c:8a:c1:38: 09:ea:a4:16:2f:5c:29:48:c1:3f:5f:7a:a5:31:55: 59:0c:2a:2c:2c:36:a9:f3:78:81:cb:63:c2:dc:8a: 63:33:c7:2b:5e:f7:8b:a6:ce:7f:04:95:12:c8:e7: 3d:08:7d:e9:0d:09:60:d5:1c:24:e5:a5:62:11:d7: 69:89:32:92:43:79:36:0c:de:5b:a2:56:a4:c2:6f: 8e:36:d0:60:d2:57:69:2b:5c:33:84:75:8f:46:c3: b9:11:1b:bd:de:fa:33:2d:a7:f4:a2:0e:2e:1f:27: 0d:a8:57:c4:4e:6c:5f:7d:49:a2:18:33:2f:fd:86: a0:38:6a:dd:f1:4d:48:bc:9c:f3:bb:3c:e1:8b:31: cf:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:0D:B8:37:08:53:2D:71:1F:8D:FA:13:6C:75:36:9D:A6:DC:44:B7 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 50:eb:2f:fd:8a:70:0a:90:e7:4f:1b:dc:3a:11:18:a1:69:c0: 4b:35:a8:2f:7e:8d:f3:f3:dc:86:92:e0:42:76:a3:95:67:83: f9:9e:6d:a0:2d:29:05:79:98:49:45:a6:52:78:6c:81:2a:5f: 60:0b:79:a0:8c:19:5e:57:16:fe:61:2e:26:c8:af:ba:a1:f2: 39:34:5e:e6:ad:35:ee:d4:02:78:89:ae:5d:34:9b:7c:e1:fe: 11:38:5b:8b:2c:bc:91:b6:6e:db:3c:24:cd:4b:52:47:ec:1a: 1f:a0:4b:d7:8f:6d:bf:03:ce:ec:77:a3:db:47:68:2f:4f:dc: 7b:d9:55:1c:47:52:31:e7:b6:80:48:a8:de:e7:b3:6e:6c:ab: 20:7a:46:de:14:04:0e:05:e9:b6:82:d6:3a:1f:33:5c:67:1d: 66:86:a5:e3:04:ca:db:04:f6:16:6e:3d:fc:ad:1e:18:1a:c3: 66:69:d8:38:fa:1f:71:bd:cc:eb:c8:f7:0c:33:b3:ef:03:fa: 0a:0c:84:06:2b:fd:f4:d7:24:f4:e1:f0:66:31:76:47:64:dc: 39:61:d5:bc:06:12:25:99:1d:50:9e:ac:c7:c4:e8:6b:e2:9a: d5:04:8c:33:5c:c7:9c:27:fe:14:c0:37:74:22:1b:7b:b0:52: eb:27:75:f8 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSvIHs/fqhbVV8rdaj/acgjH1angwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDkyOTE1MDAzMFoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNAMGQ2NjcwY2UyYjhhZjViN2UyYjUx MTZhZThhZTJhYThlZTk4YTk5MmIzMzk3NGYyMTkxMGVlNTRmODc5OTZhMjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG+kd8jLH4BVWh2QHtphmhN2sTMh U5pJ1ldAK6ANd22PsbsMBYDIv7JpiDCVSK9xwD2ZFWkVi8QvxZeZdtV3WvQ1MML+ e7EhQOlYm5mvTHFeZA/xB/KLN5ioi7x65Q6kIxPiE51ZPDdXC2nUF5tZEDbeT3yK wTgJ6qQWL1wpSME/X3qlMVVZDCosLDap83iBy2PC3IpjM8crXveLps5/BJUSyOc9 CH3pDQlg1Rwk5aViEddpiTKSQ3k2DN5bolakwm+ONtBg0ldpK1wzhHWPRsO5ERu9 3vozLaf0og4uHycNqFfETmxffUmiGDMv/YagOGrd8U1IvJzzuzzhizHPdQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGwNuDcIUy1xH436E2x1Np2m3ES3MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBQ6y/9inAKkOdPG9w6ERih acBLNagvfo3z89yGkuBCdqOVZ4P5nm2gLSkFeZhJRaZSeGyBKl9gC3mgjBleVxb+ YS4myK+6ofI5NF7mrTXu1AJ4ia5dNJt84f4ROFuLLLyRtm7bPCTNS1JH7BofoEvX j22/A87sd6PbR2gvT9x72VUcR1Ix57aASKje57NubKsgekbeFAQOBem2gtY6HzNc Zx1mhqXjBMrbBPYWbj38rR4YGsNmadg4+h9xvczryPcMM7PvA/oKDIQGK/301yT0 4fBmMXZHZNw5YdW8BhIlmR1QnqzHxOhr4prVBIwzXMecJ/4UwDd0Iht7sFLrJ3X4 -----END CERTIFICATE-----Generated at Mon Oct 20 12:36:08 2025 by rpki-client