$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa File: db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa (raw, json) Hash identifier: h6e+JhEPK4V5lYnkouxhu31IqF4M0xeRC3zwXcD1tfo= Subject key identifier: F9:C1:AC:E1:FC:A7:29:66:B9:82:0D:FF:CB:5B:FA:F8:B3:6C:AD:47 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5151550807DBEAA45ECA86E4414BCB5B9890810F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa Signing time: Tue 11 Nov 2025 00:00:07 +0000 ROA not before: Tue 11 Nov 2025 00:00:07 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:51:55:08:07:db:ea:a4:5e:ca:86:e4:41:4b:cb:5b:98:90:81:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 11 00:00:07 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=1cbca85f79e770d420ba673f895dc395ab720750b24c4a8561014ca6b00c273a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a9:1e:99:e8:a8:5a:14:b7:6e:40:05:d6:f8: 45:a4:2e:4e:c8:a5:5c:b6:94:b5:48:a1:fd:cf:14: 6e:f8:68:b6:69:0c:6b:30:5f:35:d1:ea:8c:42:9e: 44:92:56:a4:35:0a:e8:23:b7:34:bb:de:7b:06:e8: 58:da:7a:ef:7f:8b:50:2c:03:e1:43:03:fa:8d:4c: fe:a8:8a:f4:d0:8a:e3:ee:9d:d6:8b:f6:12:06:f6: c3:92:08:46:b2:a3:9c:58:c2:84:2d:a9:65:c9:1e: 0e:ce:cd:ba:e2:7f:b5:83:6f:77:21:fc:51:61:38: 6f:62:8d:a1:bc:03:72:f4:23:5b:ce:48:fd:58:0b: 2d:e3:7f:b2:ff:d3:b8:90:a1:5c:11:ed:28:50:fc: a6:99:2f:e1:fe:20:b1:a1:10:cd:69:21:bb:ef:23: 0d:31:65:7d:77:4c:c3:88:24:85:f6:de:c5:41:37: 56:cf:bc:9c:9b:7f:93:85:4e:02:ee:57:66:fb:c1: ce:8b:ca:bd:a6:8d:ba:e3:09:00:4b:79:5b:fc:96: 9c:32:f5:e0:a0:34:bd:24:a4:f2:e0:8e:78:37:ea: 41:ae:44:4a:95:5b:7e:02:58:0b:0f:45:7d:79:e4: a4:7b:1a:d5:e3:d5:88:89:d6:68:9d:e5:b5:09:02: 7e:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:C1:AC:E1:FC:A7:29:66:B9:82:0D:FF:CB:5B:FA:F8:B3:6C:AD:47 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db0824bb-71b2-4f6e-b8ed-c10ee3d427ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.63.0/24 Signature Algorithm: sha256WithRSAEncryption ad:14:87:55:c7:94:9a:31:44:56:6f:ff:52:e0:c0:78:7f:62: a6:f5:32:df:4f:ed:c7:d2:2a:cf:39:6c:c2:60:7f:90:0c:b9: f6:3e:b3:3f:25:76:43:57:42:7e:a1:aa:d1:50:f5:8c:e1:9c: 9d:b6:17:ca:2f:32:66:92:15:c1:04:90:d9:86:30:91:de:1b: ee:7f:a3:84:87:2c:64:c3:22:79:b5:bf:35:9f:1b:3e:0f:27: f8:51:d3:4a:a0:0b:93:a2:0b:d5:11:f5:48:61:65:de:ee:d1: 2d:54:ab:a5:89:64:ac:74:fb:26:27:b4:d8:72:bd:39:c8:b9: 7a:c3:76:39:3f:a9:b1:13:ad:80:a4:c3:52:a4:c2:05:b4:71: f5:ab:49:c2:a4:05:8a:3f:cc:5a:3c:ac:42:a1:bc:73:41:8e: e6:2a:87:d8:72:31:cd:68:8e:20:02:04:b3:65:98:40:3a:39: 8b:b6:f4:24:38:74:1e:04:61:1f:2a:78:9f:43:f7:8c:b8:4f: fa:0f:65:8e:e2:0b:a1:b3:50:44:a5:c6:3d:c0:b4:28:70:9b: 99:a2:bc:ef:d1:46:bb:61:21:ae:7c:a0:12:97:2f:bc:8b:e1: 3a:35:a1:c4:c4:21:57:65:85:a0:8a:3f:ec:f1:6d:e9:dd:f8: 9a:95:e9:c2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUVFVCAfb6qReyobkQUvLW5iQgQ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMTAwMDAwN1oX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAMWNiY2E4NWY3OWU3NzBkNDIwYmE2 NzNmODk1ZGMzOTVhYjcyMDc1MGIyNGM0YTg1NjEwMTRjYTZiMDBjMjczYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6kemeioWhS3bkAF1vhFpC5OyKVc tpS1SKH9zxRu+Gi2aQxrMF810eqMQp5EklakNQroI7c0u957BuhY2nrvf4tQLAPh QwP6jUz+qIr00Irj7p3Wi/YSBvbDkghGsqOcWMKELallyR4Ozs264n+1g293IfxR YThvYo2hvANy9CNbzkj9WAst43+y/9O4kKFcEe0oUPymmS/h/iCxoRDNaSG77yMN MWV9d0zDiCSF9t7FQTdWz7ycm3+ThU4C7ldm+8HOi8q9po264wkAS3lb/JacMvXg oDS9JKTy4I54N+pBrkRKlVt+AlgLD0V9eeSkexrV49WIidZoneW1CQJ+MQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPnBrOH8pylmuYIN/8tb+vizbK1HMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiMDgyNGJiLTcxYjItNGY2ZS1iOGVkLWMxMGVlM2Q0MjdhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g/MA0GCSqGSIb3DQEBCwUAA4IBAQCtFIdVx5SaMURWb/9S4MB4 f2Km9TLfT+3H0irPOWzCYH+QDLn2PrM/JXZDV0J+oarRUPWM4ZydthfKLzJmkhXB BJDZhjCR3hvuf6OEhyxkwyJ5tb81nxs+Dyf4UdNKoAuTogvVEfVIYWXe7tEtVKul iWSsdPsmJ7TYcr05yLl6w3Y5P6mxE62ApMNSpMIFtHH1q0nCpAWKP8xaPKxCobxz QY7mKofYcjHNaI4gAgSzZZhAOjmLtvQkOHQeBGEfKnifQ/eMuE/6D2WO4guhs1BE pcY9wLQocJuZorzv0Ua7YSGufKASly+8i+E6NaHExCFXZYWgij/s8W3p3fialenC -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:23 2025 by rpki-client