$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: 4VsMprC5NfO75kor1IFjtwmWgAlgVJSXpl6RiJ3maWg= Subject key identifier: BE:48:14:2B:B4:10:E5:4C:B3:2D:FC:46:9C:2B:F8:75:88:70:50:80 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 031A0CA8E54F008E14C38ADC36ECE327FE8DC251 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Tue 30 Sep 2025 00:00:06 +0000 ROA not before: Tue 30 Sep 2025 00:00:06 +0000 ROA not after: Tue 04 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:1a:0c:a8:e5:4f:00:8e:14:c3:8a:dc:36:ec:e3:27:fe:8d:c2:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 30 00:00:06 2025 GMT Not After : Nov 4 23:59:59 2025 GMT Subject: serialNumber=0638f4cd24b0b5278a9085e4925011b00a05b00c66d11980d43871c6113af18c, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:01:4d:79:3f:5a:30:3a:89:02:f3:a9:c8:cf: 50:51:d5:84:93:99:ac:b8:8c:55:d8:e7:1d:99:30: ff:c2:de:50:82:5a:7a:4b:0b:99:ca:36:65:be:26: 3a:27:15:9c:48:35:35:2d:e8:93:39:36:75:2c:32: fb:23:27:45:82:8e:cd:2a:31:07:3b:e0:e6:7d:ff: 38:cd:a8:1c:fe:da:18:ee:55:a7:be:df:76:5b:9c: 75:6f:be:1a:0b:98:68:23:13:02:a8:9b:65:73:11: e4:51:78:64:5e:80:c3:4f:8d:4a:29:42:4b:92:5d: 3c:54:f7:c8:d5:45:dc:46:31:7f:3e:ff:7b:33:73: 73:71:9d:32:5c:51:c4:9d:35:6c:ea:8e:18:24:12: d2:86:3d:51:fd:9a:a0:60:e5:13:17:34:80:8b:28: 94:63:19:45:02:c5:a5:9b:e9:78:40:eb:17:55:45: 23:83:d7:66:bf:39:ac:cb:68:85:7d:9b:e2:7a:5c: de:0a:f5:11:0f:3d:8d:47:1e:15:ac:97:ff:93:14: 58:0c:27:ee:60:4a:82:bc:b5:6e:5b:3c:b9:36:2e: fa:37:d0:da:f9:53:67:4f:6b:ee:35:73:b9:55:91: 3e:b9:ad:5f:29:8c:12:04:66:36:4b:38:b7:01:57: 48:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:48:14:2B:B4:10:E5:4C:B3:2D:FC:46:9C:2B:F8:75:88:70:50:80 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 97:40:b0:71:71:23:e9:18:82:85:fc:f3:6e:de:13:4a:31:e9: ef:ad:00:82:c4:7a:e1:b1:73:66:ce:ac:16:9a:7b:35:00:73: e0:2a:1f:43:d0:6e:3c:d8:05:5a:d5:db:e7:e3:37:4c:99:ea: 2f:a0:c9:25:a4:64:4a:5a:20:d4:04:bc:dc:f7:85:14:97:b7: a0:27:63:89:aa:b5:82:64:08:d2:56:17:82:06:3e:c1:07:ca: e3:f1:f8:76:43:af:06:b4:4e:c7:44:8b:af:40:fe:44:fc:22: 82:0e:71:e5:8b:7a:0c:a0:aa:41:26:77:7b:3b:c7:aa:07:90: 30:3d:99:08:05:cd:65:a5:bf:3a:11:8f:f4:18:2e:c5:d1:23: e8:ca:55:68:b0:56:78:1c:4c:61:af:fd:2d:d4:e8:c3:33:83: 1c:9c:6b:bc:da:60:98:6b:e5:51:55:96:e8:15:a3:83:13:2b: c2:23:88:f5:60:1b:76:c0:f0:3f:4b:fe:e6:2f:4f:c5:e5:99: 72:50:79:cb:ea:a7:58:03:ea:d0:fe:24:6f:61:94:d5:26:3b: 80:52:13:a8:b6:78:23:b5:49:81:5a:20:73:1a:7f:2e:bd:37: 1a:87:58:c9:6b:96:7d:28:69:69:ad:9c:b2:67:6c:aa:58:b1: 8a:d6:a7:75 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAxoMqOVPAI4Uw4rcNuzjJ/6NwlEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDkzMDAwMDAwNloX DTI1MTEwNDIzNTk1OVowejFJMEcGA1UEBRNAMDYzOGY0Y2QyNGIwYjUyNzhhOTA4 NWU0OTI1MDExYjAwYTA1YjAwYzY2ZDExOTgwZDQzODcxYzYxMTNhZjE4YzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QFNeT9aMDqJAvOpyM9QUdWEk5ms uIxV2OcdmTD/wt5Qglp6SwuZyjZlviY6JxWcSDU1LeiTOTZ1LDL7IydFgo7NKjEH O+Dmff84zagc/toY7lWnvt92W5x1b74aC5hoIxMCqJtlcxHkUXhkXoDDT41KKUJL kl08VPfI1UXcRjF/Pv97M3NzcZ0yXFHEnTVs6o4YJBLShj1R/ZqgYOUTFzSAiyiU YxlFAsWlm+l4QOsXVUUjg9dmvzmsy2iFfZvielzeCvURDz2NRx4VrJf/kxRYDCfu YEqCvLVuWzy5Ni76N9Da+VNnT2vuNXO5VZE+ua1fKYwSBGY2Szi3AVdITwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFL5IFCu0EOVMsy38Rpwr+HWIcFCAMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQCXQLBxcSPpGIKF/PNu3hNK MenvrQCCxHrhsXNmzqwWmns1AHPgKh9D0G482AVa1dvn4zdMmeovoMklpGRKWiDU BLzc94UUl7egJ2OJqrWCZAjSVheCBj7BB8rj8fh2Q68GtE7HRIuvQP5E/CKCDnHl i3oMoKpBJnd7O8eqB5AwPZkIBc1lpb86EY/0GC7F0SPoylVosFZ4HExhr/0t1OjD M4McnGu82mCYa+VRVZboFaODEyvCI4j1YBt2wPA/S/7mL0/F5ZlyUHnL6qdYA+rQ /iRvYZTVJjuAUhOotngjtUmBWiBzGn8uvTcah1jJa5Z9KGlprZyyZ2yqWLGK1qd1 -----END CERTIFICATE-----Generated at Tue Oct 21 01:34:32 2025 by rpki-client