$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: 2XLb7h6yISDftQlUB4TcpfpywHo5glEYW1SGISdeDoA= Subject key identifier: E4:21:F1:E2:10:5C:16:9E:80:83:59:05:6A:CB:60:5C:A0:11:9F:B1 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 17315C18F96B9C94A2C4697DD5FE5CE570BD8328 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Fri 24 Oct 2025 00:00:02 +0000 ROA not before: Fri 24 Oct 2025 00:00:02 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 00:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:31:5c:18:f9:6b:9c:94:a2:c4:69:7d:d5:fe:5c:e5:70:bd:83:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Oct 24 00:00:02 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=555f72556f6d80f1d9e7c1a41fff5dc328d025849aeddd1bc99e9a2b06a7dc46, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:92:db:0b:e7:aa:63:02:68:df:7a:f5:dd:39: ae:18:39:35:0e:ee:ca:1a:1e:60:45:61:b6:4d:b1: b3:6a:6a:41:0b:d7:95:24:70:a6:17:f1:78:1a:e6: 61:4e:23:94:97:2e:22:d0:d5:99:dd:d4:0d:7e:8e: c4:3a:26:2b:39:7a:79:ae:ad:64:12:26:23:3f:27: 50:eb:cc:dd:ef:b6:c0:b9:1d:78:73:4b:40:89:54: 78:db:af:31:07:47:de:b3:a2:a1:05:c5:99:93:09: 5c:b4:4f:82:b5:9b:fb:e2:d0:0b:d8:98:33:e0:3f: 47:cb:4a:76:b6:b3:eb:51:12:e3:4e:49:ce:a3:d5: f4:8d:a4:d9:de:0c:0d:6c:c1:ff:44:b6:19:c5:7d: bf:fa:09:35:22:8b:43:15:7c:db:7f:4f:52:f8:ca: 0f:e0:6c:88:28:a9:a5:4e:e4:cf:34:9d:ae:10:86: 43:38:34:4d:17:42:ba:d6:c8:80:eb:d1:14:8d:23: c2:85:b8:b1:5b:a1:40:2d:4d:5d:5a:33:3e:83:e5: 77:df:42:1d:84:70:c1:96:0f:68:27:81:95:34:74: 20:40:57:f2:96:ef:b0:73:a0:30:37:68:4d:70:c8: ef:62:12:e0:fc:c8:6e:ce:71:4d:fa:57:95:44:95: 81:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:21:F1:E2:10:5C:16:9E:80:83:59:05:6A:CB:60:5C:A0:11:9F:B1 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:7b:6d:d7:11:69:9d:e1:9d:5e:5f:88:26:23:09:1c:34:0d: d8:03:ec:2b:5e:8c:4a:bf:1a:d9:8b:0a:53:00:18:94:26:4e: e6:37:a6:a8:60:2e:e2:70:53:dc:1f:3d:da:bf:3c:c9:44:4d: fc:ac:53:4c:39:a5:94:0e:be:a4:bf:32:fb:a2:1e:01:aa:02: 80:0a:5f:fb:e7:d3:41:1f:2d:c1:80:09:94:30:e1:28:c0:0a: 1e:96:27:8f:43:5f:c2:63:f4:7c:21:49:eb:da:7a:3b:7e:47: 53:97:e1:57:13:25:29:98:45:ee:a8:f9:c5:eb:de:f9:f0:aa: 4a:84:1c:37:6e:ec:5c:61:da:6c:1e:5a:09:85:51:1c:d9:fa: 4c:25:8e:14:11:c3:4c:7a:cd:bd:13:44:8c:74:66:2c:27:ca: 95:7d:0c:0c:06:ee:0d:eb:f5:7b:0e:e5:24:f1:3d:c7:a7:d5: 6e:8a:ef:ca:31:77:54:f8:76:65:e6:70:bb:ad:69:a0:01:5b: 02:69:eb:65:12:89:a5:b2:24:cc:b0:f8:5d:6f:5b:ff:be:19: 4f:88:08:e6:67:bd:43:c0:e4:c3:e1:08:44:cf:79:e4:cc:38: 7a:d3:11:48:a9:ca:b5:4d:51:e9:f8:2b:86:c3:26:c8:84:5d: 02:94:3d:7d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFzFcGPlrnJSixGl91f5c5XC9gygwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTAyNDAwMDAwMloX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNANTU1ZjcyNTU2ZjZkODBmMWQ5ZTdj MWE0MWZmZjVkYzMyOGQwMjU4NDlhZWRkZDFiYzk5ZTlhMmIwNmE3ZGM0NjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZLbC+eqYwJo33r13TmuGDk1Du7K Gh5gRWG2TbGzampBC9eVJHCmF/F4GuZhTiOUly4i0NWZ3dQNfo7EOiYrOXp5rq1k EiYjPydQ68zd77bAuR14c0tAiVR4268xB0fes6KhBcWZkwlctE+CtZv74tAL2Jgz 4D9Hy0p2trPrURLjTknOo9X0jaTZ3gwNbMH/RLYZxX2/+gk1IotDFXzbf09S+MoP 4GyIKKmlTuTPNJ2uEIZDODRNF0K61siA69EUjSPChbixW6FALU1dWjM+g+V330Id hHDBlg9oJ4GVNHQgQFfylu+wc6AwN2hNcMjvYhLg/MhuznFN+leVRJWBywIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOQh8eIQXBaegINZBWrLYFygEZ+xMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBOe23XEWmd4Z1eX4gmIwkc NA3YA+wrXoxKvxrZiwpTABiUJk7mN6aoYC7icFPcHz3avzzJRE38rFNMOaWUDr6k vzL7oh4BqgKACl/759NBHy3BgAmUMOEowAoeliePQ1/CY/R8IUnr2no7fkdTl+FX EyUpmEXuqPnF69758KpKhBw3buxcYdpsHloJhVEc2fpMJY4UEcNMes29E0SMdGYs J8qVfQwMBu4N6/V7DuUk8T3Hp9Vuiu/KMXdU+HZl5nC7rWmgAVsCaetlEomlsiTM sPhdb1v/vhlPiAjmZ71DwOTD4QhEz3nkzDh60xFIqcq1TVHp+CuGwybIhF0ClD19 -----END CERTIFICATE-----Generated at Sun Nov 2 02:57:22 2025 by rpki-client