$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: eYxC765zEFQHy+A3RtiDHbeZ/nerihMInrmBwgBeWA0= Subject key identifier: 42:0B:70:F8:F6:3F:EA:B3:95:87:59:1E:91:60:B2:BC:44:CD:DB:F1 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 547BDDDC3AFAFB427233BBBECB3B5EF919C21095 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Tue 16 Sep 2025 00:00:04 +0000 ROA not before: Tue 16 Sep 2025 00:00:04 +0000 ROA not after: Tue 21 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:7b:dd:dc:3a:fa:fb:42:72:33:bb:be:cb:3b:5e:f9:19:c2:10:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Sep 16 00:00:04 2025 GMT Not After : Oct 21 23:59:59 2025 GMT Subject: serialNumber=92160a4d2c02df3c9cb9f9b332d298bdbc2705b91730843d87c249343a809d64, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4d:bc:bc:5d:e0:61:a8:46:5b:74:5e:1c:f1: 4e:13:6b:ed:a5:44:ae:13:66:36:a1:0b:04:db:ef: a6:cd:d6:2e:c8:af:da:12:15:08:22:8a:ad:f3:dd: 11:bc:ec:9a:37:74:c6:a1:28:c4:1c:37:02:5d:4f: f7:91:86:4f:74:8d:90:ca:eb:13:7c:40:19:2c:76: b3:9e:a7:c1:0b:f4:5a:94:e9:16:09:9a:7c:fc:06: a2:95:71:cb:8d:72:a0:0e:1d:97:0f:47:d1:4b:44: 14:86:a4:59:2d:f9:a5:92:b2:3b:29:7c:ac:d6:17: f7:a3:ce:11:1a:22:e8:f0:75:f1:59:9f:f9:81:68: a3:6c:35:3e:97:5d:c7:90:7a:38:3c:5d:10:27:a1: b3:3c:a7:3f:91:12:f6:60:4a:a7:52:7c:55:b1:7f: 22:77:08:36:21:54:d1:7a:95:19:60:0e:b6:b2:14: 35:b6:73:37:02:07:5d:03:46:fe:ae:f1:6f:24:1a: 48:70:44:53:40:db:58:a5:3b:74:c4:a4:db:9f:a1: d8:87:b0:4a:88:59:5d:42:83:ef:cc:83:48:d8:06: 93:d5:4d:e1:3b:b9:df:a1:25:7c:c5:77:bd:70:bf: ed:52:19:43:98:48:62:64:90:f8:8e:98:95:13:12: 33:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:0B:70:F8:F6:3F:EA:B3:95:87:59:1E:91:60:B2:BC:44:CD:DB:F1 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:1e:0f:e8:9a:19:29:cb:bb:ed:f9:60:b6:58:b7:21:a6:6b: 3c:1d:08:c2:59:68:c3:2e:9d:d9:fe:35:e7:dc:11:f3:35:fa: 97:28:14:e8:0c:db:f9:d6:b7:23:42:d7:dd:3a:2f:1c:b6:cb: 60:27:27:b4:31:78:26:ae:3e:df:0f:d6:03:b4:50:e2:81:7c: 2a:6f:75:67:8e:45:ea:2f:18:79:5b:e6:0b:a4:60:01:6d:e3: 6a:cf:b4:20:01:c7:03:e4:db:86:3b:2b:a1:82:08:1b:3b:7d: 65:89:0e:88:ac:1f:b0:8d:2c:a3:64:21:bd:4b:7f:e2:01:01: 2e:df:e4:ca:4a:e1:1e:f8:86:e3:7c:92:48:ea:a6:b8:c8:b7: 1f:fe:a6:74:00:59:b6:38:0c:6e:bc:ad:41:23:11:93:7a:5d: be:23:5e:1c:56:24:7b:f6:8e:ec:3b:53:53:d1:d6:38:1c:be: e3:f6:6d:e4:1f:95:63:41:4b:d8:5b:bf:8c:7c:73:c7:19:c5: e4:ff:95:8b:b1:43:97:4e:3d:e6:1a:ca:7e:22:3d:b6:4b:66: 26:e9:ef:9e:bf:22:5d:d7:4f:4b:08:77:47:0b:99:9f:2c:7e: 71:68:0a:5a:53:43:53:d8:67:5b:57:22:5a:65:e6:eb:fb:23: 9d:89:f4:5d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVHvd3Dr6+0JyM7u+yzte+RnCEJUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDkxNjAwMDAwNFoX DTI1MTAyMTIzNTk1OVowejFJMEcGA1UEBRNAOTIxNjBhNGQyYzAyZGYzYzljYjlm OWIzMzJkMjk4YmRiYzI3MDViOTE3MzA4NDNkODdjMjQ5MzQzYTgwOWQ2NDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk28vF3gYahGW3ReHPFOE2vtpUSu E2Y2oQsE2++mzdYuyK/aEhUIIoqt890RvOyaN3TGoSjEHDcCXU/3kYZPdI2QyusT fEAZLHaznqfBC/RalOkWCZp8/AailXHLjXKgDh2XD0fRS0QUhqRZLfmlkrI7KXys 1hf3o84RGiLo8HXxWZ/5gWijbDU+l13HkHo4PF0QJ6GzPKc/kRL2YEqnUnxVsX8i dwg2IVTRepUZYA62shQ1tnM3AgddA0b+rvFvJBpIcERTQNtYpTt0xKTbn6HYh7BK iFldQoPvzINI2AaT1U3hO7nfoSV8xXe9cL/tUhlDmEhiZJD4jpiVExIzFwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEILcPj2P+qzlYdZHpFgsrxEzdvxMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQBtHg/omhkpy7vt+WC2WLch pms8HQjCWWjDLp3Z/jXn3BHzNfqXKBToDNv51rcjQtfdOi8ctstgJye0MXgmrj7f D9YDtFDigXwqb3VnjkXqLxh5W+YLpGABbeNqz7QgAccD5NuGOyuhgggbO31liQ6I rB+wjSyjZCG9S3/iAQEu3+TKSuEe+IbjfJJI6qa4yLcf/qZ0AFm2OAxuvK1BIxGT el2+I14cViR79o7sO1NT0dY4HL7j9m3kH5VjQUvYW7+MfHPHGcXk/5WLsUOXTj3m Gsp+Ij22S2Ym6e+evyJd109LCHdHC5mfLH5xaApaU0NT2GdbVyJaZebr+yOdifRd -----END CERTIFICATE-----Generated at Thu Sep 18 02:01:48 2025 by rpki-client