$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: QwG+sjtmYCweKFGyMxoiJXpUe7YqfDpdS0WwL9QXBQ4= Subject key identifier: 5F:1C:19:11:11:68:CA:D6:45:F4:84:59:4B:89:4B:01:F7:4E:C5:77 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3819B36820E25ED210D1C0AA30F1E5EF2FBBE5AC Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Fri 17 Oct 2025 00:10:01 +0000 ROA not before: Fri 17 Oct 2025 00:10:01 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:19:b3:68:20:e2:5e:d2:10:d1:c0:aa:30:f1:e5:ef:2f:bb:e5:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 17 00:10:01 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=987e003b266b3d751470b4e564358f6515994ae127737317c4c64276ee6f175e, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b0:2e:c7:19:b9:f0:a1:a9:2a:be:41:ed:b7: 20:5c:c6:98:a0:49:79:8d:17:5f:3d:54:77:fe:09: 2f:2b:22:5c:a1:d6:1f:92:c3:c9:b3:f6:25:ee:25: 8d:ec:8e:3d:95:47:05:97:73:bc:b1:2b:ef:ce:0d: 4a:3d:75:bb:8f:62:77:e8:41:e8:46:d6:36:c6:74: 57:ff:62:ce:7f:17:41:e4:9f:4e:fe:48:14:6f:53: 7c:97:e3:10:2d:86:ef:28:8b:0a:a2:87:c4:a8:cb: a0:b2:f3:8d:b7:00:15:8e:e2:e8:22:64:27:a0:a7: 92:53:49:96:86:68:bb:fe:75:d9:30:05:b9:da:70: 55:89:ca:47:d6:77:92:36:78:2a:88:2a:e3:02:6b: c5:2f:67:c9:6b:92:73:aa:40:bc:62:39:2d:b9:b0: 7d:8b:02:f2:fe:2b:7b:ea:0d:7c:ce:f0:34:68:0f: 65:ca:36:a7:07:09:37:0d:27:5c:a3:bb:ec:aa:d7: 1f:91:d3:1e:ed:48:ca:3c:82:ea:c7:bc:1b:86:3e: 4f:05:bc:fc:b0:e4:1a:f0:c5:99:5f:03:a2:51:18: 29:07:ea:71:3c:eb:dc:1e:64:2f:01:95:fd:75:d8: a9:40:a1:55:a2:05:ac:0d:28:98:59:da:76:2a:a2: cf:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:1C:19:11:11:68:CA:D6:45:F4:84:59:4B:89:4B:01:F7:4E:C5:77 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 35:94:c7:a1:86:71:e1:c0:d8:e3:1a:59:88:7b:27:72:7f:3b: 75:06:20:e7:15:90:bf:fc:74:17:03:6f:5f:33:fb:21:f2:6b: 87:aa:38:0b:42:bf:3b:db:38:47:83:c8:43:2e:dd:e3:b7:73: 19:40:94:aa:07:0a:56:dd:15:ac:7b:c4:4b:ee:07:39:fa:b8: 6e:6e:02:d6:8e:a8:73:5c:9c:bb:fa:b0:ac:7b:04:97:52:fa: 5a:1d:d4:e7:c7:5c:45:bd:01:ab:f2:9b:9f:51:52:97:0a:6e: 6e:12:a7:d3:bb:46:5b:78:7a:3a:46:c5:d8:f5:32:52:35:a1: d8:b0:64:a4:06:34:03:40:e5:21:ad:16:54:17:d6:db:53:0b: dc:0a:32:d1:a1:11:ce:3d:fd:1c:ba:bb:93:86:6e:55:80:e9: ca:63:b1:ff:64:1d:bc:a2:d6:5a:ae:07:b1:c1:34:1f:b9:cc: 33:b1:61:6a:17:22:d2:ad:a5:54:3b:b3:d7:73:03:f9:26:6f: f8:16:2c:dc:ed:75:5a:9e:3b:b5:1d:6c:0e:cb:d0:a0:94:74: 97:e0:ab:3e:c2:8e:c0:2e:16:69:9d:1b:78:be:27:de:24:da: 70:21:dd:ab:23:35:79:1a:06:76:a9:99:bf:a8:25:52:f8:1a: 5b:cb:b6:9f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOBmzaCDiXtIQ0cCqMPHl7y+75awwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAxNzAwMTAwMVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAOTg3ZTAwM2IyNjZiM2Q3NTE0NzBi NGU1NjQzNThmNjUxNTk5NGFlMTI3NzM3MzE3YzRjNjQyNzZlZTZmMTc1ZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrAuxxm58KGpKr5B7bcgXMaYoEl5 jRdfPVR3/gkvKyJcodYfksPJs/Yl7iWN7I49lUcFl3O8sSvvzg1KPXW7j2J36EHo RtY2xnRX/2LOfxdB5J9O/kgUb1N8l+MQLYbvKIsKoofEqMugsvONtwAVjuLoImQn oKeSU0mWhmi7/nXZMAW52nBVicpH1neSNngqiCrjAmvFL2fJa5JzqkC8YjktubB9 iwLy/it76g18zvA0aA9lyjanBwk3DSdco7vsqtcfkdMe7UjKPILqx7wbhj5PBbz8 sOQa8MWZXwOiURgpB+pxPOvcHmQvAZX9ddipQKFVogWsDSiYWdp2KqLPGwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFF8cGRERaMrWRfSEWUuJSwH3TsV3MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQA1lMehhnHhwNjjGlmIeydy fzt1BiDnFZC//HQXA29fM/sh8muHqjgLQr872zhHg8hDLt3jt3MZQJSqBwpW3RWs e8RL7gc5+rhubgLWjqhzXJy7+rCsewSXUvpaHdTnx1xFvQGr8pufUVKXCm5uEqfT u0ZbeHo6RsXY9TJSNaHYsGSkBjQDQOUhrRZUF9bbUwvcCjLRoRHOPf0curuThm5V gOnKY7H/ZB28otZargexwTQfucwzsWFqFyLSraVUO7PXcwP5Jm/4Fizc7XVanju1 HWwOy9CglHSX4Ks+wo7ALhZpnRt4vifeJNpwId2rIzV5GgZ2qZm/qCVS+Bpby7af -----END CERTIFICATE-----Generated at Tue Oct 21 01:33:59 2025 by rpki-client