$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa File: efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa (raw, json) Hash identifier: ArC5a4gI0ywRcTlGfiEeg/9vdvG+GnLJVnsoSmJ1eSY= Subject key identifier: 66:7B:F3:88:B3:81:6D:F9:F7:63:12:3F:4C:DC:56:28:D5:CD:A9:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 226560874F706FA31E2479FA2224D1F6A69D6505 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa Signing time: Sat 08 Nov 2025 00:10:10 +0000 ROA not before: Sat 08 Nov 2025 00:10:10 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Nov 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:65:60:87:4f:70:6f:a3:1e:24:79:fa:22:24:d1:f6:a6:9d:65:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:10:10 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=d3ba9fbe9e5abea44709e7342036a79ef0d2062405376d0af86a183d576de21c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8f:3c:c3:55:6d:39:5d:a1:52:bd:b4:78:8b: 34:78:37:08:7d:56:3c:81:5b:e5:cb:5e:9e:1e:fd: ca:84:47:6c:93:57:99:26:15:15:ff:cf:4b:72:6c: 05:30:ae:27:0b:a5:20:74:d8:e9:10:5c:53:b1:8a: dc:fa:42:40:9a:a0:32:75:be:33:c8:49:7c:4b:22: 87:76:af:ff:1b:86:1b:31:73:c0:22:fb:17:41:79: 0f:98:f1:37:33:7f:f9:2e:a7:79:0c:bf:8c:4f:0a: 48:79:e4:82:24:b8:75:c1:79:b3:32:93:04:0d:20: 61:93:78:42:5d:a5:63:25:16:b5:35:dd:25:28:28: 8d:47:5c:39:db:7e:33:13:8d:41:1b:7a:08:12:8e: 68:d0:b6:59:a7:83:6a:e0:a9:37:84:b7:c5:f8:85: a5:6c:86:3b:a5:13:61:d0:38:11:2c:b6:1e:9f:08: dd:80:e5:90:b6:ba:5d:28:43:7b:85:dd:6a:a7:03: 17:a4:f8:25:76:bc:f8:2f:f2:ba:26:94:d1:94:c5: 8f:04:2b:8c:a8:83:6d:1a:48:60:c5:90:9e:b7:fd: 0d:54:d1:d5:98:3b:67:99:80:b4:7f:d3:9c:ad:60: 45:22:c4:97:63:38:1f:ba:a1:53:27:56:e7:2a:33: 11:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:7B:F3:88:B3:81:6D:F9:F7:63:12:3F:4C:DC:56:28:D5:CD:A9:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efd2ac3d-dc38-4d93-aaac-4cbd6cc911c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption 0d:8f:14:f0:51:7c:3e:8a:c4:33:b1:33:c4:75:b7:1e:d1:87: 0d:13:2e:80:ba:18:3a:6b:e0:79:e7:0c:c9:81:37:d0:db:5e: 98:ff:62:d4:bd:ff:db:e6:f1:1c:49:ed:7d:42:bd:9c:ca:78: ea:3e:84:d5:1d:0e:3f:fc:25:90:55:72:14:8c:80:c3:52:0b: 49:41:50:9e:df:3e:b7:ee:2b:71:4b:b8:bb:15:72:fb:2c:fd: a7:a5:66:24:c7:14:92:84:8d:2b:d8:d2:3f:8d:ca:78:2f:e9: 0d:bf:ad:9c:16:c0:d7:a7:94:e4:b0:68:1a:e9:fc:ac:5b:87: e3:7d:38:4d:35:8e:be:09:b1:a0:fe:98:d5:8c:5e:a9:0e:f0: d2:96:83:78:49:94:a1:56:36:7e:a4:60:6d:36:d9:d4:10:47: 7a:5e:2c:0a:21:9e:7c:a9:c8:31:23:9a:5c:49:37:18:84:b3: 77:8e:04:57:56:d0:bb:e0:a8:99:8e:7c:b7:d5:33:79:9a:6e: f2:87:bc:e2:76:1f:80:db:a7:f7:52:45:ca:7c:da:56:ca:2e: e4:39:56:d4:a8:3a:8a:44:6c:1b:d6:c9:36:5e:19:46:27:c3: d4:78:8a:35:48:83:84:0b:1c:58:96:80:3b:cf:c0:e6:43:23: 05:d6:64:25 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUImVgh09wb6MeJHn6IiTR9qadZQUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMTAxMFoX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAZDNiYTlmYmU5ZTVhYmVhNDQ3MDll NzM0MjAzNmE3OWVmMGQyMDYyNDA1Mzc2ZDBhZjg2YTE4M2Q1NzZkZTIxYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu488w1VtOV2hUr20eIs0eDcIfVY8 gVvly16eHv3KhEdsk1eZJhUV/89LcmwFMK4nC6UgdNjpEFxTsYrc+kJAmqAydb4z yEl8SyKHdq//G4YbMXPAIvsXQXkPmPE3M3/5Lqd5DL+MTwpIeeSCJLh1wXmzMpME DSBhk3hCXaVjJRa1Nd0lKCiNR1w5234zE41BG3oIEo5o0LZZp4Nq4Kk3hLfF+IWl bIY7pRNh0DgRLLYenwjdgOWQtrpdKEN7hd1qpwMXpPgldrz4L/K6JpTRlMWPBCuM qINtGkhgxZCet/0NVNHVmDtnmYC0f9OcrWBFIsSXYzgfuqFTJ1bnKjMRnQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGZ784izgW3592MSP0zcVijVzal0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VmZDJhYzNkLWRjMzgtNGQ5My1hYWFjLTRjYmQ2Y2M5MTFjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQANjxTwUXw+isQzsTPEdbce 0YcNEy6Auhg6a+B55wzJgTfQ216Y/2LUvf/b5vEcSe19Qr2cynjqPoTVHQ4//CWQ VXIUjIDDUgtJQVCe3z637itxS7i7FXL7LP2npWYkxxSShI0r2NI/jcp4L+kNv62c FsDXp5TksGga6fysW4fjfThNNY6+CbGg/pjVjF6pDvDSloN4SZShVjZ+pGBtNtnU EEd6XiwKIZ58qcgxI5pcSTcYhLN3jgRXVtC74KiZjny31TN5mm7yh7zidh+A26f3 UkXKfNpWyi7kOVbUqDqKRGwb1sk2XhlGJ8PUeIo1SIOECxxYloA7z8DmQyMF1mQl -----END CERTIFICATE-----Generated at Sat Nov 15 22:23:53 2025 by rpki-client