$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa File: efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa (raw, json) Hash identifier: 55eRRZCh5krtcWeLH6pS0NKynBhjolz21j8O5wcwoNY= Subject key identifier: 53:8C:F7:11:C2:AE:60:AC:6C:0F:73:A6:70:AA:2E:D0:43:00:1B:0F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 432AFAF84DE4E2C70A212C083F8ED89C21A49A44 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa Signing time: Tue 14 Oct 2025 00:00:06 +0000 ROA not before: Tue 14 Oct 2025 00:00:06 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 00:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:2a:fa:f8:4d:e4:e2:c7:0a:21:2c:08:3f:8e:d8:9c:21:a4:9a:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:00:06 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=ad8de308e1ae6e82251187f17041d34f0e99c4053ab8e51f69cfafb984fa5b27, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:42:47:4c:b9:3a:fe:17:f9:83:fc:6d:a2:2e: d0:04:cf:67:24:28:42:66:3a:0d:5b:d4:56:b3:fe: dc:4b:18:8e:61:2e:c5:37:a5:17:05:00:26:2b:16: 76:4e:d2:de:93:13:9d:c4:bd:02:6b:20:78:56:bf: ec:ef:ea:53:07:a8:ff:5e:2d:12:f5:e7:94:fd:20: c2:98:6a:db:35:34:3e:2d:69:39:3f:75:d4:1c:c7: 4a:9d:0d:42:4e:76:ce:2d:6f:5d:93:d5:f2:66:62: 2d:0e:0f:ce:83:82:2a:01:56:75:d0:b7:a5:3e:67: 01:dc:dd:33:59:f3:12:d9:d4:f2:4e:08:c8:b7:3d: ff:24:d0:e0:fa:18:37:dd:c9:c7:a6:6a:8f:5e:e4: 93:9c:f8:5e:ea:c7:2f:6d:37:fc:01:1b:00:ad:da: 31:41:92:ca:c9:88:43:b7:d1:db:f0:c3:7c:14:4e: 9a:3a:ef:92:9a:7b:d5:37:a8:44:be:d4:fa:8a:b0: d8:ea:57:7c:f9:40:81:b4:55:9b:84:af:59:3a:07: 04:82:d4:b0:b7:96:6f:0b:7e:46:e4:1b:35:8b:1b: 0b:7b:55:a2:42:dd:03:29:7d:f8:75:1f:73:0d:00: fb:c2:43:f7:b6:6f:80:e0:20:46:64:29:f7:c8:68: 92:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:8C:F7:11:C2:AE:60:AC:6C:0F:73:A6:70:AA:2E:D0:43:00:1B:0F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption 8e:33:9e:ca:68:a7:4a:fd:05:c2:dd:7b:4c:eb:82:b3:1d:f4: 57:00:2e:82:6e:29:07:2c:5a:f3:83:46:ac:49:f7:9d:92:10: 8f:b5:85:9f:e9:b1:77:89:1a:23:e1:1b:05:28:53:c3:0c:f6: 6a:81:fc:f5:04:61:46:06:09:77:d3:67:8e:d2:56:07:f6:60: e8:e7:3f:79:e0:bb:12:95:49:d2:60:d1:ea:4a:b6:3f:ac:3e: d3:3c:08:ed:0d:19:f8:6e:d5:04:c0:2c:b5:84:37:b5:d1:70: 54:e9:5a:a0:3f:17:5d:e5:bd:1d:13:d2:f7:a8:1c:b1:4d:1f: a9:f2:f2:bb:f1:c1:94:0a:8a:02:56:02:f0:d3:3b:2f:9f:93: 19:57:3c:73:2a:c1:43:5d:a0:80:9e:e3:ba:2f:2a:7e:a8:87: ed:48:22:dd:38:64:55:1d:ed:25:86:ed:cc:20:bf:1f:50:00: c8:0a:ed:e1:1d:4f:08:19:a1:81:c2:24:6e:4f:79:fa:e2:4a: 84:39:cd:98:89:84:49:97:c8:7e:a6:46:cd:b9:63:cd:6d:2f: d2:bd:81:19:6e:ee:14:c1:77:76:51:09:65:d9:52:2a:27:75: a6:9c:74:39:34:92:02:e3:8e:27:28:70:1b:66:a0:be:14:18: db:cb:86:3c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQyr6+E3k4scKISwIP47YnCGkmkQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMDAwNloX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAYWQ4ZGUzMDhlMWFlNmU4MjI1MTE4 N2YxNzA0MWQzNGYwZTk5YzQwNTNhYjhlNTFmNjljZmFmYjk4NGZhNWIyNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20JHTLk6/hf5g/xtoi7QBM9nJChC ZjoNW9RWs/7cSxiOYS7FN6UXBQAmKxZ2TtLekxOdxL0CayB4Vr/s7+pTB6j/Xi0S 9eeU/SDCmGrbNTQ+LWk5P3XUHMdKnQ1CTnbOLW9dk9XyZmItDg/Og4IqAVZ10Lel PmcB3N0zWfMS2dTyTgjItz3/JNDg+hg33cnHpmqPXuSTnPhe6scvbTf8ARsArdox QZLKyYhDt9Hb8MN8FE6aOu+SmnvVN6hEvtT6irDY6ld8+UCBtFWbhK9ZOgcEgtSw t5ZvC35G5Bs1ixsLe1WiQt0DKX34dR9zDQD7wkP3tm+A4CBGZCn3yGiSZQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFOM9xHCrmCsbA9zpnCqLtBDABsPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VmZDJhYzNkLWRjMzgtNGQ5My1hYWFjLTRjYmQ2Y2M5MTFjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQCOM57KaKdK/QXC3XtM64Kz HfRXAC6CbikHLFrzg0asSfedkhCPtYWf6bF3iRoj4RsFKFPDDPZqgfz1BGFGBgl3 02eO0lYH9mDo5z954LsSlUnSYNHqSrY/rD7TPAjtDRn4btUEwCy1hDe10XBU6Vqg Pxdd5b0dE9L3qByxTR+p8vK78cGUCooCVgLw0zsvn5MZVzxzKsFDXaCAnuO6Lyp+ qIftSCLdOGRVHe0lhu3MIL8fUADICu3hHU8IGaGBwiRuT3n64kqEOc2YiYRJl8h+ pkbNuWPNbS/SvYEZbu4UwXd2UQll2VIqJ3WmnHQ5NJIC444nKHAbZqC+FBjby4Y8 -----END CERTIFICATE-----Generated at Sat Nov 1 21:04:04 2025 by rpki-client