$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c47a085f-3a6d-428f-b77e-f521e9f0d040.roa File: c47a085f-3a6d-428f-b77e-f521e9f0d040.roa (raw, json) Hash identifier: Yc0yJg1012japhkuH8ZnIsIL90TIYvfq1wfipsJNUpc= Subject key identifier: 90:CD:68:DE:C9:26:B5:16:23:1B:0B:97:70:31:27:36:93:87:5D:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 71731804213B442710417F8FCA4A47EE219DA443 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c47a085f-3a6d-428f-b77e-f521e9f0d040.roa Signing time: Fri 19 Sep 2025 00:00:35 +0000 ROA not before: Fri 19 Sep 2025 00:00:35 +0000 ROA not after: Fri 24 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.78.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:73:18:04:21:3b:44:27:10:41:7f:8f:ca:4a:47:ee:21:9d:a4:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 19 00:00:35 2025 GMT Not After : Oct 24 23:59:59 2025 GMT Subject: serialNumber=ff8c34299d961390e32ef39725cd1dcb4bb12f8aaadcade6852abf7d00c387e6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:4e:64:6d:3d:0a:0e:31:b0:66:5d:e0:67:b7: 3f:1f:75:f7:aa:39:69:78:b3:c4:49:7b:af:7c:01: 7f:ea:43:73:69:54:26:03:ba:d8:82:a2:76:87:e4: f4:be:82:e0:55:47:e4:8d:48:f5:27:8c:b5:45:31: 17:26:56:d8:f7:2e:ff:9a:32:76:8d:c7:9f:cb:42: 04:0f:ed:f7:21:40:cb:73:75:fe:a7:a5:8c:94:2c: 79:0b:96:03:ac:8b:e2:d4:32:1a:0d:f7:1a:0d:55: 04:95:92:92:ca:40:f3:37:62:c8:b7:d5:3c:f1:f0: bb:82:c8:ca:ff:0f:cc:4a:22:2b:15:51:b3:19:7b: e8:57:b3:b3:5a:12:26:81:15:d8:d6:83:d5:3b:47: 15:c3:f0:5a:64:87:fd:57:a9:31:81:b1:df:3c:e5: fe:66:a4:a6:1e:75:91:f0:e4:3b:b1:ba:46:d5:66: e9:b7:c1:59:c8:5a:d6:88:38:e1:72:8a:c4:9d:d8: a3:75:73:27:60:33:74:4b:53:86:84:e2:e4:84:ab: 7d:f8:6c:91:d5:63:d9:4c:c5:12:96:a9:f3:5f:b2: 4a:08:d5:1b:54:41:4f:89:fe:75:52:8b:d0:ef:e4: fd:fd:67:4e:2e:19:17:23:04:cc:39:20:6f:b7:9d: 07:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:CD:68:DE:C9:26:B5:16:23:1B:0B:97:70:31:27:36:93:87:5D:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c47a085f-3a6d-428f-b77e-f521e9f0d040.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.78.120.0/22 Signature Algorithm: sha256WithRSAEncryption 2d:44:fc:7d:25:b1:ec:9a:4d:e4:cc:82:14:de:dd:64:1b:a2: aa:23:f0:9a:14:a5:33:76:75:a4:af:8d:08:74:8f:94:c6:63: f4:09:00:71:d4:c1:ea:4f:f8:a9:a1:dc:11:b1:cf:ec:9d:8e: 1b:e6:39:77:ec:ea:0d:6a:c1:55:16:5c:f3:fa:4c:91:c3:38: ea:78:24:58:d4:08:4b:86:e7:4b:cc:e0:2a:c6:cb:ea:93:e1: 91:2e:d6:1d:01:c1:76:b0:84:95:13:55:aa:a6:af:bc:13:99: 0f:18:2f:79:bd:07:46:39:52:47:3a:59:4d:a1:65:b3:8a:d3: 2e:63:5b:6b:b6:5f:d7:b6:dc:be:37:8d:7d:1d:52:3a:aa:43: ec:5b:05:39:7b:8a:7a:b5:25:17:3f:de:cd:6e:ae:af:e4:fc: 7a:d0:2f:5b:44:32:6e:76:da:d0:e1:2e:38:cf:8d:9f:c7:2e: 67:a3:98:3f:66:0e:dc:70:7b:1e:ed:a1:01:18:55:7b:ec:07: 74:9a:ee:cc:b2:54:d4:31:dd:dd:36:6f:e7:13:df:2f:b8:7d: 86:a7:2c:83:5d:71:ef:48:2c:d0:72:5f:24:66:6a:ae:75:5f: bd:f4:40:d9:92:30:5f:1c:64:bf:57:8a:cf:53:32:1d:87:10: 7d:3e:f5:cc -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcXMYBCE7RCcQQX+PykpH7iGdpEMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkxOTAwMDAzNVoX DTI1MTAyNDIzNTk1OVowejFJMEcGA1UEBRNAZmY4YzM0Mjk5ZDk2MTM5MGUzMmVm Mzk3MjVjZDFkY2I0YmIxMmY4YWFhZGNhZGU2ODUyYWJmN2QwMGMzODdlNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU5kbT0KDjGwZl3gZ7c/H3X3qjlp eLPESXuvfAF/6kNzaVQmA7rYgqJ2h+T0voLgVUfkjUj1J4y1RTEXJlbY9y7/mjJ2 jcefy0IED+33IUDLc3X+p6WMlCx5C5YDrIvi1DIaDfcaDVUElZKSykDzN2LIt9U8 8fC7gsjK/w/MSiIrFVGzGXvoV7OzWhImgRXY1oPVO0cVw/BaZIf9V6kxgbHfPOX+ ZqSmHnWR8OQ7sbpG1Wbpt8FZyFrWiDjhcorEndijdXMnYDN0S1OGhOLkhKt9+GyR 1WPZTMUSlqnzX7JKCNUbVEFPif51UovQ7+T9/WdOLhkXIwTMOSBvt50HvwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJDNaN7JJrUWIxsLl3AxJzaTh13PMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M0N2EwODVmLTNhNmQtNDI4Zi1iNzdlLWY1MjFlOWYwZDA0MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZ054MA0GCSqGSIb3DQEBCwUAA4IBAQAtRPx9JbHsmk3kzIIU3t1k G6KqI/CaFKUzdnWkr40IdI+UxmP0CQBx1MHqT/ipodwRsc/snY4b5jl37OoNasFV Flzz+kyRwzjqeCRY1AhLhudLzOAqxsvqk+GRLtYdAcF2sISVE1Wqpq+8E5kPGC95 vQdGOVJHOllNoWWzitMuY1trtl/Xtty+N419HVI6qkPsWwU5e4p6tSUXP97Nbq6v 5Px60C9bRDJudtrQ4S44z42fxy5no5g/Zg7ccHse7aEBGFV77Ad0mu7MslTUMd3d Nm/nE98vuH2GpyyDXXHvSCzQcl8kZmqudV+99EDZkjBfHGS/V4rPUzIdhxB9PvXM -----END CERTIFICATE-----Generated at Thu Oct 9 01:07:00 2025 by rpki-client