$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa File: efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa (raw, json) Hash identifier: 3JHoPdk43h1pRorbxm0y3GnQMsgrRN+WG6Arl0Acy2Q= Subject key identifier: B3:4A:CE:10:39:5D:D2:AA:33:2A:5B:AB:FE:AC:DB:21:77:64:E1:3E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A12C35092E3E53E2F33BD100937D79D66DBCDE4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa Signing time: Mon 25 Aug 2025 15:00:13 +0000 ROA not before: Mon 25 Aug 2025 15:00:13 +0000 ROA not after: Mon 29 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:50:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:12:c3:50:92:e3:e5:3e:2f:33:bd:10:09:37:d7:9d:66:db:cd:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 25 15:00:13 2025 GMT Not After : Sep 29 23:59:59 2025 GMT Subject: serialNumber=926c6bbeb7526837df1468d63245c0588a928bdef7489e64e35fa48f09c30da0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:82:97:cc:f0:93:0c:3e:73:f5:55:46:3e:ec: 45:ae:b7:bd:0a:c6:bd:ab:b2:d5:65:99:e9:26:5a: cb:50:6f:ea:f0:69:67:e7:74:2d:ea:dc:7b:5f:c1: dc:c9:6e:49:b1:4a:b7:12:7d:e2:9c:cd:71:ff:03: 68:e1:ca:d4:96:53:c6:31:f6:f1:74:6e:3e:d0:35: d8:31:99:43:71:5d:55:df:86:57:7c:c0:e5:b3:72: 5f:8c:5b:5d:b9:46:25:75:a5:a5:e3:e3:ac:37:18: f6:83:61:99:4a:39:df:67:77:f2:9c:c4:72:98:6e: 7f:dc:96:59:1d:a3:29:f7:79:76:ab:8b:6d:71:75: 3f:4e:1f:a5:4b:46:88:e9:ce:fd:ea:eb:0d:3e:94: 27:f2:52:3f:e1:c7:99:4f:49:ed:ac:21:8a:88:0b: 57:17:f5:ca:a3:73:eb:75:ad:a5:7c:51:d6:41:8e: d7:bb:7a:31:63:85:3b:c5:59:13:fa:9b:46:62:8a: 91:6e:d3:c8:0d:b4:de:8b:dc:83:18:37:64:78:36: ed:a9:ad:b1:60:f3:40:79:fd:7b:37:ac:d2:bb:09: 62:f5:d0:d8:a1:81:e3:29:74:7c:20:cf:69:0c:bc: 69:b2:69:0a:4f:fe:77:5e:90:f7:88:e2:1f:ba:ed: 4b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:4A:CE:10:39:5D:D2:AA:33:2A:5B:AB:FE:AC:DB:21:77:64:E1:3E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption 56:73:5f:a4:64:33:31:6e:92:30:e6:f1:52:a9:34:21:3b:65: 8d:c1:27:66:46:44:df:df:2e:28:5e:1e:69:13:01:91:94:f2: 1c:2b:21:4a:e2:14:97:45:31:8d:c3:d6:70:a3:9a:9f:21:b6: 53:c3:de:71:15:96:af:bc:58:2e:a3:38:ee:ec:67:7c:6a:09: 32:ae:95:c0:88:f6:31:e8:0c:f8:ab:ed:a3:7b:af:48:1d:b8: 7e:8c:06:c8:87:00:69:bd:62:73:f4:d0:b0:30:11:03:ec:bd: a5:23:c1:13:e3:37:e5:5f:c9:79:60:54:ac:f4:95:4e:7e:60: ac:7c:c7:04:bb:5e:70:ca:ec:08:40:ff:42:6d:fc:89:01:57: a1:c4:4f:bb:cc:8f:cb:45:ca:a1:36:c3:bf:18:79:51:8c:6a: a8:e1:dc:c1:bc:1f:c4:9e:78:01:87:61:ff:a7:5a:b2:b3:ef: a0:10:dd:e8:d6:92:c7:7b:e4:37:cb:54:ca:93:0d:0e:80:c4: 41:6a:33:45:3d:0f:df:aa:30:ff:d5:6d:89:7f:92:9a:cb:8f: 9e:65:cd:a6:4b:48:db:94:16:f1:51:dc:a1:52:8c:95:fe:60: 24:a6:c7:0d:0b:42:d9:46:85:aa:6c:6b:c0:1d:1b:dc:d3:6a: 4d:a0:63:60 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUWhLDUJLj5T4vM70QCTfXnWbbzeQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNTE1MDAxM1oX DTI1MDkyOTIzNTk1OVowejFJMEcGA1UEBRNAOTI2YzZiYmViNzUyNjgzN2RmMTQ2 OGQ2MzI0NWMwNTg4YTkyOGJkZWY3NDg5ZTY0ZTM1ZmE0OGYwOWMzMGRhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYKXzPCTDD5z9VVGPuxFrre9Csa9 q7LVZZnpJlrLUG/q8Gln53Qt6tx7X8HcyW5JsUq3En3inM1x/wNo4crUllPGMfbx dG4+0DXYMZlDcV1V34ZXfMDls3JfjFtduUYldaWl4+OsNxj2g2GZSjnfZ3fynMRy mG5/3JZZHaMp93l2q4ttcXU/Th+lS0aI6c796usNPpQn8lI/4ceZT0ntrCGKiAtX F/XKo3Prda2lfFHWQY7Xu3oxY4U7xVkT+ptGYoqRbtPIDbTei9yDGDdkeDbtqa2x YPNAef17N6zSuwli9dDYoYHjKXR8IM9pDLxpsmkKT/53XpD3iOIfuu1LpQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLNKzhA5XdKqMypbq/6s2yF3ZOE+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VmZDJhYzNkLWRjMzgtNGQ5My1hYWFjLTRjYmQ2Y2M5MTFjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQBWc1+kZDMxbpIw5vFSqTQh O2WNwSdmRkTf3y4oXh5pEwGRlPIcKyFK4hSXRTGNw9Zwo5qfIbZTw95xFZavvFgu ozju7Gd8agkyrpXAiPYx6Az4q+2je69IHbh+jAbIhwBpvWJz9NCwMBED7L2lI8ET 4zflX8l5YFSs9JVOfmCsfMcEu15wyuwIQP9CbfyJAVehxE+7zI/LRcqhNsO/GHlR jGqo4dzBvB/EnngBh2H/p1qys++gEN3o1pLHe+Q3y1TKkw0OgMRBajNFPQ/fqjD/ 1W2Jf5Kay4+eZc2mS0jblBbxUdyhUoyV/mAkpscNC0LZRoWqbGvAHRvc02pNoGNg -----END CERTIFICATE-----Generated at Thu Sep 18 23:07:12 2025 by rpki-client