$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json) Hash identifier: hf+wDgoXo6/O8WXfizibKGp/CFEpdhqNHrijLMJABMs= Subject key identifier: 4E:DB:F3:0E:FC:A9:AE:1D:72:81:D9:33:DA:A4:61:78:ED:0A:D9:73 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2FAF017D596890DC3EEED13BF7C1CF0CB88F7AA8 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa Signing time: Fri 17 Oct 2025 00:01:25 +0000 ROA not before: Fri 17 Oct 2025 00:01:25 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:af:01:7d:59:68:90:dc:3e:ee:d1:3b:f7:c1:cf:0c:b8:8f:7a:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:25 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=626248af766a6f44484c0872ec17c777629e7d12859231ed042959b67d829c2c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ed:fe:48:98:ee:68:39:57:ed:55:2f:a3:96: 93:52:1a:1f:88:dc:1f:89:8c:b7:db:46:57:a6:e1: 49:2c:8d:58:bc:93:64:1a:86:e2:52:77:84:57:1f: 7e:e4:56:62:54:c4:d4:14:36:41:14:89:37:95:10: b3:f0:5b:3d:73:cc:e2:e6:7c:14:60:78:fb:d5:8d: a8:45:7b:fc:7f:51:94:01:a1:1a:f4:9f:a6:d1:31: 65:b6:27:7c:22:92:8c:3b:5e:da:6b:f4:54:0e:c4: 10:f8:ac:c7:4e:4e:99:23:84:79:b9:4c:7f:aa:55: 77:2c:3e:e1:03:d2:ac:4b:80:f8:c6:cd:93:82:87: d7:5c:26:4b:a5:e4:11:72:a0:fa:c4:1b:c2:ec:c3: f0:6e:8b:53:e9:d5:9a:3a:fa:f3:f4:21:4c:88:45: c6:c9:fd:4d:65:45:e6:6a:68:b8:5d:f9:e5:4e:0b: c9:80:db:24:98:2f:a1:2b:61:6e:45:b7:79:c4:72: 44:13:3d:02:5f:54:5f:3b:02:c3:5a:b0:de:4e:30: 49:05:59:b3:96:dd:d8:73:29:df:22:fc:49:89:3d: 3a:ba:e9:b7:e1:1a:15:78:d6:a2:95:09:20:73:9f: c8:42:a5:e6:b3:97:61:9b:d1:3f:c6:43:a1:e7:9c: 98:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:DB:F3:0E:FC:A9:AE:1D:72:81:D9:33:DA:A4:61:78:ED:0A:D9:73 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption b3:ba:5b:16:6d:3f:47:3e:a8:6b:e7:95:86:68:e7:c3:14:71: b7:01:74:4b:17:94:79:a9:71:80:ce:62:34:a4:44:08:de:58: ff:41:97:a8:82:ea:60:da:74:65:d2:36:fa:ed:37:a2:6f:0b: 55:63:bd:6e:bb:46:e6:13:1b:14:50:6d:56:8e:bd:35:12:bd: 9d:43:47:31:b7:69:03:5d:01:16:65:7a:21:b5:62:9b:43:5e: b1:e0:cf:4d:e4:bf:83:60:d0:9a:b0:b4:9a:56:99:b5:64:cc: c2:e2:d4:a7:41:dd:2f:31:3f:e0:30:bd:68:c4:c5:86:e3:ac: f8:e2:22:ba:65:36:4b:94:36:0d:4b:2a:19:76:d0:46:74:f9: aa:3a:2a:69:51:c5:93:50:b8:89:77:49:fd:83:61:42:51:cc: 24:10:80:68:d8:47:f0:d0:4e:f6:eb:3d:4a:58:10:0f:2e:20: 2a:85:88:ea:9d:4e:cc:1e:85:43:61:8b:e3:02:06:e0:b7:f8: 54:5b:77:4c:f7:55:79:0a:6a:de:16:c8:ca:b9:7f:65:3d:11: 4d:53:7a:e0:cc:6d:fd:9f:8d:18:b8:a1:61:cb:d7:a8:76:bf: b1:a9:b6:cd:0f:49:7a:61:9c:81:05:d4:3c:81:5f:f9:bb:ae: dd:eb:cf:2b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUL68BfVlokNw+7tE798HPDLiPeqgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEyNVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANjI2MjQ4YWY3NjZhNmY0NDQ4NGMw ODcyZWMxN2M3Nzc2MjllN2QxMjg1OTIzMWVkMDQyOTU5YjY3ZDgyOWMyYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu3+SJjuaDlX7VUvo5aTUhofiNwf iYy320ZXpuFJLI1YvJNkGobiUneEVx9+5FZiVMTUFDZBFIk3lRCz8Fs9c8zi5nwU YHj71Y2oRXv8f1GUAaEa9J+m0TFltid8IpKMO17aa/RUDsQQ+KzHTk6ZI4R5uUx/ qlV3LD7hA9KsS4D4xs2TgofXXCZLpeQRcqD6xBvC7MPwbotT6dWaOvrz9CFMiEXG yf1NZUXmami4XfnlTgvJgNskmC+hK2FuRbd5xHJEEz0CX1RfOwLDWrDeTjBJBVmz lt3YcynfIvxJiT06uum34RoVeNailQkgc5/IQqXms5dhm9E/xkOh55yY3QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFE7b8w78qa4dcoHZM9qkYXjtCtlzMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQCzulsWbT9HPqhr55WGaOfD FHG3AXRLF5R5qXGAzmI0pEQI3lj/QZeogupg2nRl0jb67TeibwtVY71uu0bmExsU UG1Wjr01Er2dQ0cxt2kDXQEWZXohtWKbQ16x4M9N5L+DYNCasLSaVpm1ZMzC4tSn Qd0vMT/gML1oxMWG46z44iK6ZTZLlDYNSyoZdtBGdPmqOippUcWTULiJd0n9g2FC UcwkEIBo2Efw0E726z1KWBAPLiAqhYjqnU7MHoVDYYvjAgbgt/hUW3dM91V5Cmre FsjKuX9lPRFNU3rgzG39n40YuKFhy9eodr+xqbbND0l6YZyBBdQ8gV/5u67d688r -----END CERTIFICATE-----Generated at Sat Oct 18 13:42:17 2025 by rpki-client