$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: lKKoLe0vbSLn1GYBLLvAGjq7yGPYrO+RjCrgmBCH5K4= Subject key identifier: 5C:96:10:6D:B3:11:B1:15:66:9A:3A:B4:C7:0E:43:AF:F2:1A:FB:5A Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 126AC685F6A4B2AD5E7CC8E1A9AE5A61DF737E0D Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Sat 11 Oct 2025 00:00:03 +0000 ROA not before: Sat 11 Oct 2025 00:00:03 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:6a:c6:85:f6:a4:b2:ad:5e:7c:c8:e1:a9:ae:5a:61:df:73:7e:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 11 00:00:03 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=6cb1abdf59340d54839a3401e6a4bdd66f4dea4d3b5ce26e2ee8786ddc14af0b, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:9b:d6:f2:b2:75:45:2e:42:bd:d3:fd:31:82: 4e:6b:0c:30:7b:6d:6b:32:53:c2:2f:c2:1d:04:33: e4:22:39:d6:cc:de:c7:70:ad:ea:d1:04:e3:bc:f4: dc:f1:5d:a4:1e:ab:04:0c:2b:3c:46:ff:e5:31:d2: 46:ba:ef:d1:09:dd:27:64:40:56:5c:00:da:4f:4f: 43:10:4b:7d:6e:d7:c5:26:40:f8:70:6f:10:4f:37: 68:cf:1e:df:aa:22:1a:8f:51:44:ca:61:8e:e8:c7: 6e:94:0d:14:4a:ad:7a:6e:15:2e:0a:c2:35:4b:42: d1:8d:a4:cb:ce:84:8c:7d:ce:e8:b6:44:47:89:e2: 94:3e:4c:9d:9c:ed:50:ef:36:76:08:f6:30:34:d3: b4:80:6e:45:86:ad:06:fa:52:df:7e:d6:70:d4:2e: 00:9a:d2:a7:0c:a8:7a:33:9e:79:8e:74:bd:fd:a2: 4e:94:f6:b8:b7:41:c2:a9:7a:98:84:bb:c2:24:8c: 3e:ff:5e:57:94:92:c4:01:bf:fc:8d:2c:f6:fb:4a: d9:7c:0f:ae:52:77:12:ac:e0:5a:5d:1d:8d:95:cf: b3:72:45:91:de:73:00:d7:8e:71:67:9f:51:ef:a1: 16:22:15:c3:64:90:6a:8e:88:f1:50:76:38:41:c4: e3:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:96:10:6D:B3:11:B1:15:66:9A:3A:B4:C7:0E:43:AF:F2:1A:FB:5A X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 2e:f8:8e:dd:d6:cd:dc:68:60:69:48:b6:7a:8a:4d:fa:77:d2: b7:6d:5d:34:c2:ae:20:95:14:9a:23:66:6e:20:8b:f4:f2:46: 71:bc:f9:ef:42:87:38:34:41:67:0f:29:d9:d8:0b:2e:76:57: 08:06:fc:72:1f:36:b9:cd:2a:dd:74:cc:7b:c1:36:45:53:49: 83:c0:66:6c:6f:f8:76:67:59:bf:3f:d8:9d:a5:10:51:7a:72: 6d:60:c4:84:8b:a5:98:a6:8f:81:63:4c:98:13:a1:da:1e:6d: 87:ac:00:4b:df:8f:9b:fd:28:1b:e1:78:89:35:bb:bd:00:7d: ee:74:43:1f:a5:96:02:78:38:81:b9:ef:9e:27:96:22:41:69: 92:d2:85:57:2e:0b:ea:ca:32:f6:d9:e9:e8:a2:af:fb:ea:44: 49:b9:b5:d0:86:de:1f:75:c3:d8:e6:a9:8e:2d:e6:e3:dc:5c: bc:9b:5b:34:16:70:04:fe:c8:3b:3d:3d:14:2e:3d:e4:fe:e0: 49:86:54:8d:dd:86:d3:4e:d4:39:cf:be:78:97:e0:8d:49:a3: 0e:cc:21:0e:8e:8d:84:2e:b6:9e:23:f5:55:5b:89:1a:37:2b: db:70:7b:a0:9e:9a:16:88:3c:c2:93:87:c2:2b:48:8e:17:ae: 96:89:e7:7e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEmrGhfaksq1efMjhqa5aYd9zfg0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxMTAwMDAwM1oX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNANmNiMWFiZGY1OTM0MGQ1NDgzOWEz NDAxZTZhNGJkZDY2ZjRkZWE0ZDNiNWNlMjZlMmVlODc4NmRkYzE0YWYwYjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppvW8rJ1RS5CvdP9MYJOawwwe21r MlPCL8IdBDPkIjnWzN7HcK3q0QTjvPTc8V2kHqsEDCs8Rv/lMdJGuu/RCd0nZEBW XADaT09DEEt9btfFJkD4cG8QTzdozx7fqiIaj1FEymGO6MdulA0USq16bhUuCsI1 S0LRjaTLzoSMfc7otkRHieKUPkydnO1Q7zZ2CPYwNNO0gG5Fhq0G+lLfftZw1C4A mtKnDKh6M555jnS9/aJOlPa4t0HCqXqYhLvCJIw+/15XlJLEAb/8jSz2+0rZfA+u UncSrOBaXR2Nlc+zckWR3nMA145xZ59R76EWIhXDZJBqjojxUHY4QcTjIwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFyWEG2zEbEVZpo6tMcOQ6/yGvtaMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQAu+I7d1s3caGBpSLZ6ik36 d9K3bV00wq4glRSaI2ZuIIv08kZxvPnvQoc4NEFnDynZ2AsudlcIBvxyHza5zSrd dMx7wTZFU0mDwGZsb/h2Z1m/P9idpRBRenJtYMSEi6WYpo+BY0yYE6HaHm2HrABL 34+b/Sgb4XiJNbu9AH3udEMfpZYCeDiBue+eJ5YiQWmS0oVXLgvqyjL22enooq/7 6kRJubXQht4fdcPY5qmOLebj3Fy8m1s0FnAE/sg7PT0ULj3k/uBJhlSN3YbTTtQ5 z754l+CNSaMOzCEOjo2ELraeI/VVW4kaNyvbcHugnpoWiDzCk4fCK0iOF66Wied+ -----END CERTIFICATE-----Generated at Mon Oct 20 07:41:46 2025 by rpki-client