$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: FaKA2+GlvEUL82YaPOAX93DKaQdqjYCp0D4TmGmrPbI= Subject key identifier: A1:66:56:0A:0C:0A:DB:F0:E6:F6:FD:2C:E9:42:11:7F:80:E1:19:1F Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 7E3CBD4D85A6A41ECCBD95B090A689162571CDFD Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Mon 29 Sep 2025 15:00:28 +0000 ROA not before: Mon 29 Sep 2025 15:00:28 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:3c:bd:4d:85:a6:a4:1e:cc:bd:95:b0:90:a6:89:16:25:71:cd:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 29 15:00:28 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=a12863636404fd928ea36c153ddc4b3ab8c1063849e2fe461c4c30ff936502d1, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:c8:d5:d4:24:a2:5a:9b:90:c4:39:f6:8d:0d: cd:d5:17:02:d2:e1:8c:ee:92:6d:a3:a5:bd:29:9f: e9:61:cb:49:04:09:c0:8d:b1:bd:51:f8:94:80:10: 2b:e1:08:f2:9a:8c:cc:ec:30:41:fb:6e:e7:7c:8c: f4:de:b8:d5:f9:14:6e:8b:56:12:4c:92:cd:e3:88: 96:0d:40:c9:06:37:2c:e5:58:a3:08:e7:3f:3c:85: 70:0a:6e:d2:71:f8:1f:8a:93:d7:e0:ee:4d:09:89: 14:68:18:54:bc:24:a9:6b:83:81:3a:db:bd:94:47: 52:39:3b:62:76:71:07:8a:7e:e4:6a:21:33:cd:44: 76:bd:16:01:bf:15:24:17:4d:75:f7:77:32:91:51: 9d:c5:5b:0a:8e:ae:10:10:bf:a6:c6:a3:dd:20:78: 68:8d:c0:26:48:29:8c:18:9a:7f:8b:14:57:d7:d2: f3:aa:d3:57:b6:9f:13:fd:49:bc:44:41:af:7f:1f: c9:54:11:e2:92:5b:ca:1b:f5:39:31:0b:d8:89:29: 6d:e6:81:b5:af:95:0e:0f:1f:78:f5:83:b4:20:46: ce:c5:c8:7c:b4:9b:de:3e:4d:a9:de:82:30:71:77: ae:29:16:f4:b9:5e:1f:f5:8b:4a:0a:1b:27:bd:27: a4:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:66:56:0A:0C:0A:DB:F0:E6:F6:FD:2C:E9:42:11:7F:80:E1:19:1F X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 87:d9:9d:77:b1:47:68:27:ce:32:1b:b4:64:d1:8d:6c:f8:95: 51:36:88:af:0c:d5:92:b9:5b:40:45:2a:13:96:7e:9b:6f:e6: 06:f4:44:01:65:2a:d8:03:64:1a:e7:81:0f:b3:6c:5e:fa:85: 14:e4:32:cd:dc:66:3e:bf:98:b1:c0:b9:71:9a:a0:4b:0f:fd: ee:c9:15:4a:3d:44:ae:f3:91:e1:8f:b9:bd:f1:6b:96:c4:bd: b6:12:23:7c:af:a3:01:4f:d0:f5:10:2b:c4:24:56:03:ee:32: 75:4a:c5:db:c1:d8:68:aa:83:a1:c2:cd:18:7c:90:e6:29:da: 56:3f:97:03:55:04:76:cd:26:e9:af:d9:34:c7:00:e4:34:54: 39:04:0a:f6:eb:da:b7:a5:d3:00:6f:f4:28:7b:35:3c:a3:f9: a3:d6:a5:0d:38:85:ec:73:d7:ad:5e:82:31:3f:1b:9e:27:d1: f1:f9:60:7b:84:d7:1d:0c:69:62:6c:6e:c1:9e:7a:0b:c9:0e: c4:47:fe:b6:f8:62:c2:56:d7:e8:36:54:3f:3b:7a:52:71:7d: 66:47:ce:67:8c:b4:53:f9:1e:63:01:3e:f0:7d:fe:4a:0a:5e: f7:41:52:56:71:f2:f2:9a:38:5e:49:d5:06:c4:96:60:90:b8: d0:a4:d4:15 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUfjy9TYWmpB7MvZWwkKaJFiVxzf0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDkyOTE1MDAyOFoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNAYTEyODYzNjM2NDA0ZmQ5MjhlYTM2 YzE1M2RkYzRiM2FiOGMxMDYzODQ5ZTJmZTQ2MWM0YzMwZmY5MzY1MDJkMTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sjV1CSiWpuQxDn2jQ3N1RcC0uGM 7pJto6W9KZ/pYctJBAnAjbG9UfiUgBAr4QjymozM7DBB+27nfIz03rjV+RRui1YS TJLN44iWDUDJBjcs5VijCOc/PIVwCm7ScfgfipPX4O5NCYkUaBhUvCSpa4OBOtu9 lEdSOTtidnEHin7kaiEzzUR2vRYBvxUkF01193cykVGdxVsKjq4QEL+mxqPdIHho jcAmSCmMGJp/ixRX19LzqtNXtp8T/Um8REGvfx/JVBHiklvKG/U5MQvYiSlt5oG1 r5UODx949YO0IEbOxch8tJvePk2p3oIwcXeuKRb0uV4f9YtKChsnvSek1wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKFmVgoMCtvw5vb9LOlCEX+A4RkfMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQCH2Z13sUdoJ84yG7Rk0Y1s +JVRNoivDNWSuVtARSoTln6bb+YG9EQBZSrYA2Qa54EPs2xe+oUU5DLN3GY+v5ix wLlxmqBLD/3uyRVKPUSu85Hhj7m98WuWxL22EiN8r6MBT9D1ECvEJFYD7jJ1SsXb wdhoqoOhws0YfJDmKdpWP5cDVQR2zSbpr9k0xwDkNFQ5BAr269q3pdMAb/QoezU8 o/mj1qUNOIXsc9etXoIxPxueJ9Hx+WB7hNcdDGlibG7BnnoLyQ7ER/62+GLCVtfo NlQ/O3pScX1mR85njLRT+R5jAT7wff5KCl73QVJWcfLymjheSdUGxJZgkLjQpNQV -----END CERTIFICATE-----Generated at Mon Oct 20 04:32:52 2025 by rpki-client