$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: /hyw1I5GZYNdjhvWP+g46Lnurw8qiAMB43eWFRXl/Y0= Subject key identifier: F3:AA:15:BB:86:33:4E:33:42:B4:AA:78:A2:C6:DF:7C:30:05:F5:42 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 1C51AC268A3EEA2AC94A7E551AA2E0D145CD9F44 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Mon 29 Sep 2025 15:00:05 +0000 ROA not before: Mon 29 Sep 2025 15:00:05 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:51:ac:26:8a:3e:ea:2a:c9:4a:7e:55:1a:a2:e0:d1:45:cd:9f:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Sep 29 15:00:05 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=64aff04a2fdcc7c0edf98868dc3f7659697894a38cb018cee57493eba511f1da, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ed:1a:35:98:1d:60:ae:5a:2c:1f:9c:26:08: b6:04:e7:3b:27:3a:3b:61:10:73:a4:fa:83:2f:cb: fd:ac:d4:1f:02:f9:2a:c8:95:39:ec:b9:25:ba:cf: ea:ad:a4:f4:f2:35:06:1e:8c:7c:51:a6:2f:3c:0d: 5c:f8:25:a1:05:a8:01:ff:f5:dd:4c:a3:28:d8:40: 0a:13:37:ff:e7:40:26:c9:ef:61:f2:10:f2:31:40: ac:15:59:b6:63:a6:b3:e0:ce:8d:42:92:18:df:4b: 9a:76:8b:b6:32:86:86:15:26:3d:8e:c7:a4:75:e7: 6e:59:78:cd:05:e0:81:11:6a:ab:9b:6e:b1:89:3c: eb:a8:d9:0c:f7:65:19:34:0f:96:89:e0:a2:7a:f3: 25:c4:f9:12:41:d7:e2:e3:ef:99:da:45:10:d0:78: f1:a0:59:a2:1d:f5:ec:c2:43:f8:8f:1a:dd:99:68: b8:7a:ea:e1:8c:9f:6a:a8:fc:d5:58:de:21:d6:97: 70:88:22:cb:7b:77:19:f7:4e:ba:76:41:0a:cb:3b: 69:5c:67:4f:fe:34:21:1b:53:d0:b3:99:45:a2:6a: 35:d6:80:2e:bd:d7:80:28:72:34:25:02:37:78:65: db:d3:ff:c9:b4:1e:5f:df:80:46:8f:06:f0:cc:89: e1:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:AA:15:BB:86:33:4E:33:42:B4:AA:78:A2:C6:DF:7C:30:05:F5:42 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption b3:01:e9:e3:86:96:07:38:c3:ff:e8:7e:2e:d6:97:42:2f:58: 9e:c1:32:21:97:33:88:e8:5e:e1:0a:01:46:1f:35:8b:74:52: ef:91:1e:05:62:7c:0c:95:9d:4e:68:ee:ff:33:75:c1:46:51: 54:64:49:02:f5:59:3a:7e:d9:63:3f:9c:21:b3:d8:8b:a3:6a: 7e:5b:44:59:55:f0:d4:86:b7:65:e4:ae:56:eb:9d:b0:b7:63: 79:b9:07:5f:be:a4:1d:71:63:08:05:4f:dc:31:60:6c:57:20: 61:01:4b:84:4f:d9:7d:e9:64:9d:19:67:54:4f:22:5a:ed:11: 28:96:2e:78:e0:de:74:1d:e1:54:a0:7c:9b:68:fd:32:4c:be: b9:aa:69:f6:0d:4a:e3:98:a0:53:9a:d7:91:60:03:e9:2b:7c: cc:38:ba:df:cf:8e:a8:6d:0a:32:45:96:fb:53:3a:1f:a2:ee: db:02:5f:b4:2e:eb:d2:71:61:72:8e:af:b9:34:7d:8f:cc:12: de:46:18:19:09:d2:bb:90:2e:b1:78:82:c9:4c:50:b7:1d:18: ac:47:09:ec:9e:1b:fa:12:ef:aa:22:c3:10:6e:54:60:38:79: 10:7c:20:3a:66:55:ad:c9:b4:cc:9e:d3:56:51:9d:b3:c2:66: 6f:f9:27:79 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUHFGsJoo+6irJSn5VGqLg0UXNn0QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDkyOTE1MDAwNVoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNANjRhZmYwNGEyZmRjYzdjMGVkZjk4 ODY4ZGMzZjc2NTk2OTc4OTRhMzhjYjAxOGNlZTU3NDkzZWJhNTExZjFkYTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2u0aNZgdYK5aLB+cJgi2BOc7Jzo7 YRBzpPqDL8v9rNQfAvkqyJU57Lklus/qraT08jUGHox8UaYvPA1c+CWhBagB//Xd TKMo2EAKEzf/50Amye9h8hDyMUCsFVm2Y6az4M6NQpIY30uadou2MoaGFSY9jsek deduWXjNBeCBEWqrm26xiTzrqNkM92UZNA+WieCievMlxPkSQdfi4++Z2kUQ0Hjx oFmiHfXswkP4jxrdmWi4eurhjJ9qqPzVWN4h1pdwiCLLe3cZ9066dkEKyztpXGdP /jQhG1PQs5lFomo11oAuvdeAKHI0JQI3eGXb0//JtB5f34BGjwbwzInhcwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPOqFbuGM04zQrSqeKLG33wwBfVCMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQCzAenjhpYHOMP/6H4u1pdC L1iewTIhlzOI6F7hCgFGHzWLdFLvkR4FYnwMlZ1OaO7/M3XBRlFUZEkC9Vk6ftlj P5whs9iLo2p+W0RZVfDUhrdl5K5W652wt2N5uQdfvqQdcWMIBU/cMWBsVyBhAUuE T9l96WSdGWdUTyJa7REoli544N50HeFUoHybaP0yTL65qmn2DUrjmKBTmteRYAPp K3zMOLrfz46obQoyRZb7Uzofou7bAl+0LuvScWFyjq+5NH2PzBLeRhgZCdK7kC6x eILJTFC3HRisRwnsnhv6Eu+qIsMQblRgOHkQfCA6ZlWtybTMntNWUZ2zwmZv+Sd5 -----END CERTIFICATE-----Generated at Mon Oct 20 01:51:56 2025 by rpki-client