$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: vSJXX/LL9+1dZowshwaw6ioklwxB9J82qvNYwWMazTk= Subject key identifier: 78:80:C9:D0:C0:B1:2B:0F:EA:55:51:52:B5:AD:D1:02:E8:9A:B4:7E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2C697E6AE2F015CD6D8C2648C64FFCEED9FCFE72 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Fri 05 Sep 2025 00:00:02 +0000 ROA not before: Fri 05 Sep 2025 00:00:02 +0000 ROA not after: Fri 10 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 00:03:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:69:7e:6a:e2:f0:15:cd:6d:8c:26:48:c6:4f:fc:ee:d9:fc:fe:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 5 00:00:02 2025 GMT Not After : Oct 10 23:59:59 2025 GMT Subject: serialNumber=6ca24796c1ea4cd6d3b73ee97592ed3f3d6881364de3c2a74c5e8fd38cf6fa63, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:bc:c8:c1:2d:68:50:f2:17:1e:cf:33:b1:fe: 4d:c3:f3:00:47:ab:8c:05:7e:69:59:64:57:c3:10: 7e:e4:20:92:9d:00:c2:c9:cd:b3:fe:fd:c8:72:b5: 65:81:fe:7a:20:a0:b1:f6:e8:a6:c6:c2:92:1e:bd: 15:19:b3:df:f9:64:26:38:4d:31:d8:82:c1:13:38: 7a:bd:48:c8:3d:37:c8:e2:9f:be:99:55:09:f2:ad: 62:13:f4:f2:b3:73:76:8c:87:b1:6c:9b:44:f1:56: db:89:cd:54:11:1e:24:b7:cf:17:7c:49:c8:d1:92: 16:fb:df:e2:cc:32:ed:3b:1d:a2:80:e2:27:1c:55: 51:44:20:d6:9b:73:2f:b2:40:60:e3:a9:3b:08:07: a1:c5:f1:d8:9b:a5:7b:f5:7d:06:8b:ee:b6:0d:9b: cb:d9:b4:81:aa:74:94:89:e4:cc:8f:0f:1f:55:63: 14:57:d4:9f:d7:bc:26:56:19:d3:ab:a6:62:2a:e4: 7f:ca:f5:5b:04:db:d3:d7:cc:64:1a:3b:bd:fa:42: 3b:28:08:f5:dc:b9:1e:57:42:ac:d6:1f:74:68:8f: 97:4a:5f:cb:57:bf:ea:e5:84:55:1d:92:8e:d1:50: 27:fa:ac:10:25:42:8a:c6:db:af:32:2c:12:8b:3a: b7:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:80:C9:D0:C0:B1:2B:0F:EA:55:51:52:B5:AD:D1:02:E8:9A:B4:7E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:67:df:10:8e:92:36:2f:62:e8:b7:d4:bf:6c:23:56:9c:d6: 1a:90:36:6e:57:9f:e0:a3:76:8b:7b:fd:a2:37:5e:7c:fc:1f: 71:38:3d:0a:2c:b0:28:4e:12:5a:2e:3c:3a:19:af:92:84:55: 30:5f:9b:e7:ee:6a:3c:a6:1a:08:a4:9c:47:c9:0b:1d:78:1e: de:fb:26:87:42:81:25:f0:32:f3:54:d7:27:05:85:b7:4b:bc: 3d:6f:45:9e:5d:9e:2d:e4:c7:c5:cb:3f:bf:65:ae:48:e4:98: a6:38:0e:07:e1:4a:6b:78:ea:60:07:88:83:d8:fc:32:a2:6a: e9:1f:1e:f8:cb:3b:4b:62:0a:97:54:62:6a:ca:0a:a9:0d:b1: cb:3f:e9:1b:40:b2:69:85:4e:0f:b3:a9:53:2b:2d:e4:df:d2: 08:3b:d5:ce:14:2f:2a:dd:c7:dc:aa:64:16:91:ff:ab:22:59: f7:fa:6c:91:8b:1d:db:8c:78:50:c0:d6:fe:67:6f:30:de:04: 2b:98:6a:35:aa:d7:91:4f:ee:b0:1a:d9:81:a9:6e:e1:2a:50: b1:07:e0:fc:0c:58:3a:c3:be:ff:87:c6:90:dc:2b:b3:b9:20: 39:b3:3c:8a:06:2c:4d:5b:eb:05:e7:59:58:e4:36:f3:7d:95: 2a:fe:04:4c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULGl+auLwFc1tjCZIxk/87tn8/nIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDkwNTAwMDAwMloX DTI1MTAxMDIzNTk1OVowejFJMEcGA1UEBRNANmNhMjQ3OTZjMWVhNGNkNmQzYjcz ZWU5NzU5MmVkM2YzZDY4ODEzNjRkZTNjMmE3NGM1ZThmZDM4Y2Y2ZmE2MzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrzIwS1oUPIXHs8zsf5Nw/MAR6uM BX5pWWRXwxB+5CCSnQDCyc2z/v3IcrVlgf56IKCx9uimxsKSHr0VGbPf+WQmOE0x 2ILBEzh6vUjIPTfI4p++mVUJ8q1iE/Tys3N2jIexbJtE8Vbbic1UER4kt88XfEnI 0ZIW+9/izDLtOx2igOInHFVRRCDWm3MvskBg46k7CAehxfHYm6V79X0Gi+62DZvL 2bSBqnSUieTMjw8fVWMUV9Sf17wmVhnTq6ZiKuR/yvVbBNvT18xkGju9+kI7KAj1 3LkeV0Ks1h90aI+XSl/LV7/q5YRVHZKO0VAn+qwQJUKKxtuvMiwSizq3JQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHiAydDAsSsP6lVRUrWt0QLomrR+MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQBvZ98QjpI2L2Lot9S/bCNW nNYakDZuV5/go3aLe/2iN158/B9xOD0KLLAoThJaLjw6Ga+ShFUwX5vn7mo8phoI pJxHyQsdeB7e+yaHQoEl8DLzVNcnBYW3S7w9b0WeXZ4t5MfFyz+/Za5I5JimOA4H 4UpreOpgB4iD2PwyomrpHx74yztLYgqXVGJqygqpDbHLP+kbQLJphU4Ps6lTKy3k 39IIO9XOFC8q3cfcqmQWkf+rIln3+myRix3bjHhQwNb+Z28w3gQrmGo1qteRT+6w GtmBqW7hKlCxB+D8DFg6w77/h8aQ3CuzuSA5szyKBixNW+sF51lY5DbzfZUq/gRM -----END CERTIFICATE-----Generated at Wed Sep 17 11:12:47 2025 by rpki-client