$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa File: d953b731-7921-47dd-abf3-b7b8cc367900.roa (raw, json) Hash identifier: 1O+Gtev57+BDwGYGEZYmDoTaYcjZk2GsioCjBQyNFxo= Subject key identifier: 66:A7:67:4D:80:3F:54:B7:5C:31:07:91:88:25:52:EC:26:98:DC:CF Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 068551BBCAAAED1557D8AEA503B9780588774D31 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa Signing time: Fri 17 Oct 2025 00:01:24 +0000 ROA not before: Fri 17 Oct 2025 00:01:24 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:85:51:bb:ca:aa:ed:15:57:d8:ae:a5:03:b9:78:05:88:77:4d:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:24 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=47a9cdb55177c0df49ffc688bb4455f4ac1eedf422f1f94d5b6ca0ecd83af98f, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e7:09:b4:83:fa:25:ef:ad:f1:47:d2:d7:be: 3e:03:69:bf:df:eb:e1:36:fe:b1:ad:61:51:a1:20: 43:92:1e:3e:a6:8f:e1:74:21:c5:0d:15:38:92:09: 40:8b:1a:fa:45:4b:12:10:ae:19:18:8f:27:36:0a: fe:8c:cb:88:8b:4e:6b:60:be:2e:9a:42:14:41:0e: e4:d4:0d:95:6c:9a:b8:db:bb:07:81:c5:ad:ee:26: 4a:d4:bd:6b:3a:a8:74:b7:ff:14:43:ad:01:39:29: 54:b7:f9:40:ef:7d:ff:ee:54:97:7b:53:0e:19:fa: 11:f6:fc:46:29:95:54:f7:a5:9f:89:df:77:c9:ea: fd:5f:ec:05:20:35:25:58:1e:85:49:a3:97:2a:a3: 54:eb:9c:88:c5:11:9e:52:69:cd:7b:86:33:fe:3c: f2:8f:69:f5:c2:93:da:2b:74:db:06:54:46:11:5c: d3:66:0f:0f:97:23:d4:28:3e:b8:33:8d:53:e5:85: e0:c9:c7:50:6a:6c:e5:0c:f0:2d:e8:3a:46:68:d5: 61:4b:c7:ed:3c:51:7b:08:e5:80:05:ba:b6:90:82: 66:8b:a0:46:35:ec:3a:d7:d4:f1:fb:24:88:89:53: 5b:5c:38:d5:33:27:91:7c:a6:4a:17:4e:e2:4e:86: 7a:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:A7:67:4D:80:3F:54:B7:5C:31:07:91:88:25:52:EC:26:98:DC:CF X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/18 Signature Algorithm: sha256WithRSAEncryption 82:d4:28:83:b4:00:88:84:59:50:20:f5:b9:5e:94:db:2f:89: 85:0e:5e:56:be:dd:43:02:91:65:66:a4:0d:38:dc:5c:0d:cd: 3d:27:9f:4d:b5:1d:10:0f:92:98:46:3f:e3:cc:e7:27:11:5b: 24:6a:7c:6b:fe:5f:16:2f:22:7a:db:e3:80:ad:58:f4:79:c2: bf:65:81:6d:b9:11:76:2b:ef:02:de:8e:f9:17:09:cd:1d:d4: ad:a7:5b:3d:dc:c4:1b:d7:b9:a5:2a:01:63:45:a1:73:81:b4: 1a:ab:c1:c1:4a:2d:9e:0f:35:2d:a6:de:a5:a4:40:82:0e:dc: e5:ab:5b:7e:87:2b:5c:ec:46:7b:b2:73:9f:dd:13:4f:54:48: d9:73:6d:2a:9d:19:e1:73:c1:20:c4:af:dd:cc:8f:5c:93:d8: 19:ff:21:07:c6:b8:23:44:86:1b:80:7b:7e:67:ca:dd:fe:ed: f0:14:0f:55:85:64:87:2a:dc:bd:7e:af:1a:75:fd:90:61:53: 50:45:63:1e:d0:5e:ea:4d:34:d1:85:09:15:c5:81:78:66:13: c2:e0:51:7a:18:32:fb:5b:2b:25:b6:97:12:4b:28:3e:70:b3: 62:78:48:9c:a9:6f:ac:0e:fd:fe:97:61:c8:63:73:36:b6:60: 4b:c7:d0:29 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBoVRu8qq7RVX2K6lA7l4BYh3TTEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEyNFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANDdhOWNkYjU1MTc3YzBkZjQ5ZmZj Njg4YmI0NDU1ZjRhYzFlZWRmNDIyZjFmOTRkNWI2Y2EwZWNkODNhZjk4ZjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOcJtIP6Je+t8UfS174+A2m/3+vh Nv6xrWFRoSBDkh4+po/hdCHFDRU4kglAixr6RUsSEK4ZGI8nNgr+jMuIi05rYL4u mkIUQQ7k1A2VbJq427sHgcWt7iZK1L1rOqh0t/8UQ60BOSlUt/lA733/7lSXe1MO GfoR9vxGKZVU96Wfid93yer9X+wFIDUlWB6FSaOXKqNU65yIxRGeUmnNe4Yz/jzy j2n1wpPaK3TbBlRGEVzTZg8PlyPUKD64M41T5YXgycdQamzlDPAt6DpGaNVhS8ft PFF7COWABbq2kIJmi6BGNew619Tx+ySIiVNbXDjVMyeRfKZKF07iToZ6IQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGanZ02AP1S3XDEHkYglUuwmmNzPMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2Q5NTNiNzMxLTc5MjEtNDdkZC1hYmYzLWI3YjhjYzM2NzkwMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQCC1CiDtACIhFlQIPW5XpTb L4mFDl5Wvt1DApFlZqQNONxcDc09J59NtR0QD5KYRj/jzOcnEVskanxr/l8WLyJ6 2+OArVj0ecK/ZYFtuRF2K+8C3o75FwnNHdStp1s93MQb17mlKgFjRaFzgbQaq8HB Si2eDzUtpt6lpECCDtzlq1t+hytc7EZ7snOf3RNPVEjZc20qnRnhc8EgxK/dzI9c k9gZ/yEHxrgjRIYbgHt+Z8rd/u3wFA9VhWSHKty9fq8adf2QYVNQRWMe0F7qTTTR hQkVxYF4ZhPC4FF6GDL7WysltpcSSyg+cLNieEicqW+sDv3+l2HIY3M2tmBLx9Ap -----END CERTIFICATE-----Generated at Sat Oct 18 13:43:59 2025 by rpki-client