$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: cQc2HrAbBAfe1GL6X0izbfHrnYW3gH/cqRPzedsr7F8= Subject key identifier: C5:B1:3F:4F:6A:AD:22:97:DD:D5:A4:C6:74:26:79:2C:66:63:43:04 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 13EDFB0BA1FC769AFAF1BB9A178AB7FF7AB4F19C Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Tue 18 Nov 2025 00:00:31 +0000 ROA not before: Tue 18 Nov 2025 00:00:31 +0000 ROA not after: Mon 16 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:ed:fb:0b:a1:fc:76:9a:fa:f1:bb:9a:17:8a:b7:ff:7a:b4:f1:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 18 00:00:31 2025 GMT Not After : Feb 16 23:59:59 2026 GMT Subject: serialNumber=0a1683b5eb1dc1f090491402ad2472a43f9ba44fd22cd8326c6a855441d79c85, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:e8:42:c4:4e:8e:f6:a2:07:88:c3:8d:e6:b0: c5:40:85:bc:da:0b:b5:99:1a:a0:56:c1:7b:fa:8f: 60:0f:b2:29:a8:aa:cd:08:e5:3a:e9:ab:f3:98:6c: 0b:b8:4b:ff:6d:15:b5:b2:09:ef:b8:42:62:74:20: 37:ad:d7:74:68:8b:8f:00:7e:68:e7:46:13:7b:23: a7:69:74:5c:84:d3:af:df:4b:cb:f7:0a:c7:f2:e6: 1b:a3:c4:4d:26:71:d9:73:e6:59:23:cf:9d:3f:0f: 61:87:7b:d7:c5:6d:5f:77:36:46:e3:91:fa:91:59: 39:82:7e:c4:7f:7e:e1:03:f3:d3:43:63:43:db:cf: dc:de:a3:57:78:72:97:f4:ff:13:f7:d5:e1:ae:5f: f1:92:d5:42:c4:10:b3:09:d6:b0:07:52:12:88:08: 36:5e:f2:19:82:39:08:a7:0a:c9:79:e0:b8:b8:0f: b9:f0:41:a4:03:fb:f5:81:09:63:28:14:73:91:df: db:a1:42:7f:db:c0:dc:f6:20:55:50:14:0d:57:1e: 47:88:6c:db:06:6a:ce:b3:d8:87:60:de:f2:ac:e2: 24:3f:c6:80:7e:bc:54:8b:6d:02:4f:e4:50:c3:a1: e2:ed:fc:4e:85:74:b1:86:ae:44:b6:71:ee:0a:cc: 36:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:B1:3F:4F:6A:AD:22:97:DD:D5:A4:C6:74:26:79:2C:66:63:43:04 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 37:8e:76:75:29:35:c7:a8:7f:6b:4e:0e:b9:f5:aa:af:e9:ec: f3:80:6a:d7:6c:d1:1c:be:2e:d0:0e:23:c9:12:88:67:26:30: db:ca:73:f6:48:c9:0f:67:20:d3:b9:de:5e:87:75:dc:50:d7: af:38:40:7b:87:96:d7:56:41:5c:73:55:2e:2a:a7:94:09:4d: b7:2d:82:10:b7:41:a0:0d:ba:f2:b3:f2:21:1a:d6:d1:e0:b2: 82:ac:80:d5:f4:56:75:a6:0d:06:2a:03:67:e3:d7:84:53:57: d5:cf:bb:55:0c:78:bb:dd:f1:79:46:6c:b5:6d:a3:3f:3d:bf: 15:9b:42:77:78:cc:4f:6b:2c:73:93:13:63:13:37:1e:c7:8f: 05:10:0d:5e:ed:d0:24:da:30:96:72:95:dc:19:53:23:16:cb: 84:e2:1d:d8:43:28:3b:8b:c2:9b:c3:25:63:24:13:a3:3b:4d: a0:27:07:53:8e:b6:a9:43:17:aa:34:f7:ef:0e:1c:41:a6:0c: 94:1b:e6:2f:bc:51:a9:7c:11:64:7a:10:6c:74:b5:ac:77:30: 5f:6f:4b:56:a1:f6:ec:29:80:ad:dd:62:38:d6:95:09:bd:8d: b0:7d:53:ef:de:7a:77:82:2b:c3:c9:67:c4:9d:8a:ca:c4:59: 25:af:fa:cf -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUE+37C6H8dpr68buaF4q3/3q08ZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTExODAwMDAzMVoX DTI2MDIxNjIzNTk1OVowejFJMEcGA1UEBRNAMGExNjgzYjVlYjFkYzFmMDkwNDkx NDAyYWQyNDcyYTQzZjliYTQ0ZmQyMmNkODMyNmM2YTg1NTQ0MWQ3OWM4NTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+hCxE6O9qIHiMON5rDFQIW82gu1 mRqgVsF7+o9gD7IpqKrNCOU66avzmGwLuEv/bRW1sgnvuEJidCA3rdd0aIuPAH5o 50YTeyOnaXRchNOv30vL9wrH8uYbo8RNJnHZc+ZZI8+dPw9hh3vXxW1fdzZG45H6 kVk5gn7Ef37hA/PTQ2ND28/c3qNXeHKX9P8T99Xhrl/xktVCxBCzCdawB1ISiAg2 XvIZgjkIpwrJeeC4uA+58EGkA/v1gQljKBRzkd/boUJ/28Dc9iBVUBQNVx5HiGzb BmrOs9iHYN7yrOIkP8aAfrxUi20CT+RQw6Hi7fxOhXSxhq5EtnHuCsw2UQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMWxP09qrSKX3dWkxnQmeSxmY0MEMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQA3jnZ1KTXHqH9rTg659aqv 6ezzgGrXbNEcvi7QDiPJEohnJjDbynP2SMkPZyDTud5eh3XcUNevOEB7h5bXVkFc c1UuKqeUCU23LYIQt0GgDbrys/IhGtbR4LKCrIDV9FZ1pg0GKgNn49eEU1fVz7tV DHi73fF5Rmy1baM/Pb8Vm0J3eMxPayxzkxNjEzcex48FEA1e7dAk2jCWcpXcGVMj FsuE4h3YQyg7i8KbwyVjJBOjO02gJwdTjrapQxeqNPfvDhxBpgyUG+YvvFGpfBFk ehBsdLWsdzBfb0tWofbsKYCt3WI41pUJvY2wfVPv3np3givDyWfEnYrKxFklr/rP -----END CERTIFICATE-----Generated at Tue Nov 18 11:27:06 2025 by rpki-client