$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa File: e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa (raw, json) Hash identifier: aQFRbr+dd4Et86WLB5KvcxGqVS81WwmchY1341uHcOk= Subject key identifier: 07:17:6B:83:EB:71:A9:A0:5B:A9:21:0F:44:1B:68:C2:BE:6F:CE:34 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2681A272143A43EF230701C781671FE3373B2B55 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa Signing time: Fri 17 Oct 2025 00:01:23 +0000 ROA not before: Fri 17 Oct 2025 00:01:23 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:81:a2:72:14:3a:43:ef:23:07:01:c7:81:67:1f:e3:37:3b:2b:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:23 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=3d5a1985086a0e1f92484fbc078f5280ded0ae477d897d49fe6710d202bfcc84, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:aa:d2:1c:a0:8e:9b:48:7e:bc:ee:bd:60:72: 71:ae:26:cf:fc:33:e1:60:dd:f4:71:3f:d6:6d:59: 69:7a:3b:7e:1c:53:66:84:20:3a:6c:28:14:23:5d: 1d:3f:ca:d1:13:f7:bf:dc:9d:02:e8:7a:09:8b:2c: ac:48:bb:41:a7:bc:b8:5c:fc:39:b8:2e:cd:4f:15: 89:7d:67:26:83:5a:03:00:32:b6:69:a1:0f:b6:c1: c3:95:96:1a:43:a5:16:a8:fd:a7:79:4b:8a:b2:0b: 64:bf:38:80:47:c2:91:51:42:0e:23:25:bb:26:4d: 62:6d:67:37:1a:5b:dc:5b:69:c2:df:c9:02:b0:3e: 62:6e:ec:0a:af:bb:e5:b9:38:55:5a:bd:76:21:b5: e7:0b:bc:b8:3a:48:2c:a0:da:bf:2f:68:96:bb:db: d5:e2:51:5c:a0:26:9b:7c:6a:dd:2b:8c:61:23:01: 38:27:62:81:87:af:3b:0a:21:9f:e5:2d:7d:57:cf: 11:ff:36:a9:9a:d4:b8:fc:c1:00:64:8f:66:40:41: b1:03:7e:cc:21:97:02:d9:34:da:a0:20:34:df:dd: 09:ef:e4:30:e5:b5:b1:55:bf:5c:b0:16:45:49:46: de:d8:a6:fa:d1:56:ad:9b:e4:f0:22:96:4a:a2:0a: b6:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:17:6B:83:EB:71:A9:A0:5B:A9:21:0F:44:1B:68:C2:BE:6F:CE:34 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 47:48:9a:93:0c:c6:cb:f0:49:7e:52:66:31:93:e7:5a:4e:86: f4:21:7f:5b:5c:9b:6e:21:a8:f3:ef:4c:b2:05:f2:16:90:e0: d5:f5:8f:08:09:dc:84:df:a9:3b:05:81:2c:77:d8:83:c6:53: 1a:87:69:b3:3a:80:69:94:c8:7b:21:df:25:50:d7:0f:53:92: 58:cd:31:db:36:88:83:f3:03:cb:22:5b:36:38:91:c6:37:54: e8:cf:41:c4:4b:0b:a3:32:46:05:ad:84:4b:71:d3:d0:44:e9: 2a:88:cc:92:09:9f:e7:48:5d:5e:5f:5d:30:cc:f5:7b:31:bb: 53:84:c0:0c:19:5a:8f:0f:1a:9c:a9:d4:d8:f6:f0:52:8c:87: a0:21:99:2b:fc:b5:16:c6:b5:ad:11:06:2a:f9:0b:ba:ed:c7: 92:6c:a8:29:97:a4:c7:f6:e5:65:e3:2d:81:77:12:db:28:69: d9:6c:d7:d7:df:6d:f3:83:f4:9e:9d:cb:49:ff:49:38:c4:9d: 74:62:04:de:77:dd:d1:36:85:93:6e:08:8d:14:e2:42:ea:64: 9c:41:21:6f:45:d6:44:7b:4a:37:51:05:7f:f2:4c:24:a6:d8: 2e:49:b4:8e:4b:6e:37:f0:46:7a:5b:f6:94:8b:6c:73:8f:92: 35:6e:d4:34 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUJoGichQ6Q+8jBwHHgWcf4zc7K1UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEyM1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAM2Q1YTE5ODUwODZhMGUxZjkyNDg0 ZmJjMDc4ZjUyODBkZWQwYWU0NzdkODk3ZDQ5ZmU2NzEwZDIwMmJmY2M4NDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA96rSHKCOm0h+vO69YHJxribP/DPh YN30cT/WbVlpejt+HFNmhCA6bCgUI10dP8rRE/e/3J0C6HoJiyysSLtBp7y4XPw5 uC7NTxWJfWcmg1oDADK2aaEPtsHDlZYaQ6UWqP2neUuKsgtkvziAR8KRUUIOIyW7 Jk1ibWc3GlvcW2nC38kCsD5ibuwKr7vluThVWr12IbXnC7y4OkgsoNq/L2iWu9vV 4lFcoCabfGrdK4xhIwE4J2KBh687CiGf5S19V88R/zapmtS4/MEAZI9mQEGxA37M IZcC2TTaoCA0390J7+Qw5bWxVb9csBZFSUbe2Kb60Vatm+TwIpZKogq2QwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAcXa4PrcamgW6khD0QbaMK+b840MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2UzMmM5Y2JkLWEyNDEtNGRmNi05OWJiLWU3ZDE1YWJlNGIzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjoMA0GCSqGSIb3DQEBCwUAA4IBAQBHSJqTDMbL8El+UmYxk+da Tob0IX9bXJtuIajz70yyBfIWkODV9Y8ICdyE36k7BYEsd9iDxlMah2mzOoBplMh7 Id8lUNcPU5JYzTHbNoiD8wPLIls2OJHGN1Toz0HESwujMkYFrYRLcdPQROkqiMyS CZ/nSF1eX10wzPV7MbtThMAMGVqPDxqcqdTY9vBSjIegIZkr/LUWxrWtEQYq+Qu6 7ceSbKgpl6TH9uVl4y2BdxLbKGnZbNfX323zg/SenctJ/0k4xJ10YgTed93RNoWT bgiNFOJC6mScQSFvRdZEe0o3UQV/8kwkptguSbSOS2438EZ6W/aUi2xzj5I1btQ0 -----END CERTIFICATE-----Generated at Sat Oct 18 13:43:11 2025 by rpki-client