$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3607965-9901-471c-8ed4-712d48b362f1.roa File: a3607965-9901-471c-8ed4-712d48b362f1.roa (raw, json) Hash identifier: b+beNTF+YpFGR5TlQRhogEQvTHkfVdwYgL+dxbDoiSM= Subject key identifier: E3:AF:35:39:ED:CF:FB:13:FF:F8:F8:32:B3:97:1A:C1:60:9F:E8:04 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 555809B6C138686AF0CD85C8EEFA78C46A81DFCF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3607965-9901-471c-8ed4-712d48b362f1.roa Signing time: Wed 12 Nov 2025 00:01:03 +0000 ROA not before: Wed 12 Nov 2025 00:01:03 +0000 ROA not after: Wed 17 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:58:09:b6:c1:38:68:6a:f0:cd:85:c8:ee:fa:78:c4:6a:81:df:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 12 00:01:03 2025 GMT Not After : Dec 17 23:59:59 2025 GMT Subject: serialNumber=79761f07e78ebf7f1868b4ce7f5b88d62400f109e94f6912780bfb2f379f5ccb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:6a:d6:53:c6:97:eb:02:c7:37:c1:50:38:69: 7e:c8:d3:2d:d3:d9:85:a9:50:ca:3a:70:f6:fd:0e: dc:9e:f9:fe:5f:36:5f:98:1e:a7:15:ef:7c:ca:e3: 91:af:38:ea:5a:4a:cb:c3:7a:78:74:bf:1b:8a:e7: a9:c2:40:36:bd:32:eb:b1:ea:1c:24:5a:77:49:f2: bc:43:59:61:8c:44:69:d8:e4:43:ee:dd:9f:eb:49: a5:65:7d:81:7d:61:57:60:37:da:f9:3d:bd:fb:b5: 59:fe:93:bb:09:8b:cd:c9:cc:7c:de:cd:7f:24:2d: 18:62:df:b1:6a:7f:84:d2:d7:fb:2d:4d:9e:1a:7b: fd:ef:80:07:aa:6b:84:7c:75:6b:e7:15:1d:4a:e1: 63:24:d3:0d:8c:db:ac:63:ed:c4:ae:dd:77:01:ea: f6:a8:e7:1e:ac:53:e8:cd:de:e7:f6:75:58:84:f0: c4:6d:af:86:e7:f5:09:59:22:82:c6:3c:ec:8f:1b: 51:f8:f2:0f:da:d0:fe:cb:08:36:48:c2:b2:8b:f9: bc:df:04:38:75:e0:9a:e0:fd:3a:1b:99:29:a0:96: 61:e5:48:6f:01:70:a1:2d:9c:02:4b:78:c8:8f:da: d1:b9:97:52:9d:25:f7:22:c2:60:ce:53:ef:c5:38: a4:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:AF:35:39:ED:CF:FB:13:FF:F8:F8:32:B3:97:1A:C1:60:9F:E8:04 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a3607965-9901-471c-8ed4-712d48b362f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.55.0/24 Signature Algorithm: sha256WithRSAEncryption 66:4f:72:ad:1b:0f:45:63:01:85:54:23:5c:1d:1d:a5:4b:de: 33:15:ef:b2:db:5f:3a:b9:27:34:0a:f4:15:ab:19:72:b3:24: fe:47:b5:29:e3:fc:8d:83:76:af:5f:b4:91:4a:62:45:2e:8b: 28:5d:2c:00:d3:06:0f:89:f2:49:ab:3f:f1:ce:3f:f5:64:cb: 4f:67:cc:d5:7b:7a:d1:e4:64:c0:ab:d8:24:88:fd:b9:a1:5e: 4f:ad:ed:8f:de:bd:5e:67:01:7d:84:5b:74:5a:e9:6e:0f:44: bf:c6:55:b9:87:bd:cd:47:f5:18:e7:c4:cb:70:72:5d:73:01: d6:cf:f8:ea:5d:83:ed:9b:a7:f9:ad:d7:ac:a1:ec:0d:a2:7c: 02:5d:5e:d4:40:38:69:d4:67:03:10:86:e8:71:87:d4:7b:b2: fc:38:cb:12:21:61:e6:71:e0:b9:37:38:7a:8a:66:fe:bf:d0: ed:28:c1:80:f8:a8:62:7f:0d:3d:26:2a:cc:25:cf:61:6f:bb: af:19:2b:3a:83:b5:ae:56:05:0e:42:0d:27:64:7c:43:f3:65: dc:5b:3c:09:3f:05:69:35:02:d5:1a:9c:44:de:17:09:58:02: 30:56:99:40:0d:76:3c:55:e1:a8:b1:02:f4:6f:25:af:58:f9: 70:d5:f7:0e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVVgJtsE4aGrwzYXI7vp4xGqB388wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMjAwMDEwM1oX DTI1MTIxNzIzNTk1OVowejFJMEcGA1UEBRNANzk3NjFmMDdlNzhlYmY3ZjE4Njhi NGNlN2Y1Yjg4ZDYyNDAwZjEwOWU5NGY2OTEyNzgwYmZiMmYzNzlmNWNjYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32rWU8aX6wLHN8FQOGl+yNMt09mF qVDKOnD2/Q7cnvn+XzZfmB6nFe98yuORrzjqWkrLw3p4dL8biuepwkA2vTLrseoc JFp3SfK8Q1lhjERp2ORD7t2f60mlZX2BfWFXYDfa+T29+7VZ/pO7CYvNycx83s1/ JC0YYt+xan+E0tf7LU2eGnv974AHqmuEfHVr5xUdSuFjJNMNjNusY+3Ert13Aer2 qOcerFPozd7n9nVYhPDEba+G5/UJWSKCxjzsjxtR+PIP2tD+ywg2SMKyi/m83wQ4 deCa4P06G5kpoJZh5UhvAXChLZwCS3jIj9rRuZdSnSX3IsJgzlPvxTikNwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOOvNTntz/sT//j4MrOXGsFgn+gEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EzNjA3OTY1LTk5MDEtNDcxYy04ZWQ0LTcxMmQ0OGIzNjJmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A3MA0GCSqGSIb3DQEBCwUAA4IBAQBmT3KtGw9FYwGFVCNcHR2l S94zFe+y2186uSc0CvQVqxlysyT+R7Up4/yNg3avX7SRSmJFLosoXSwA0wYPifJJ qz/xzj/1ZMtPZ8zVe3rR5GTAq9gkiP25oV5Pre2P3r1eZwF9hFt0WuluD0S/xlW5 h73NR/UY58TLcHJdcwHWz/jqXYPtm6f5rdesoewNonwCXV7UQDhp1GcDEIbocYfU e7L8OMsSIWHmceC5Nzh6imb+v9DtKMGA+Khifw09JirMJc9hb7uvGSs6g7WuVgUO Qg0nZHxD82XcWzwJPwVpNQLVGpxE3hcJWAIwVplADXY8VeGosQL0byWvWPlw1fcO -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:04 2025 by rpki-client