$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: 5qddWceiwiaJoFDKpaH78y6Q2NL6xY2X9aiUtp56r5M= Subject key identifier: 88:21:83:92:10:03:47:42:09:62:0A:DD:5E:25:6F:69:22:72:5B:2E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6313C9AFF035A803C9624538D5B17708B591A3F6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Sat 25 Oct 2025 00:00:01 +0000 ROA not before: Sat 25 Oct 2025 00:00:01 +0000 ROA not after: Sat 29 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 00:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:13:c9:af:f0:35:a8:03:c9:62:45:38:d5:b1:77:08:b5:91:a3:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Oct 25 00:00:01 2025 GMT Not After : Nov 29 23:59:59 2025 GMT Subject: serialNumber=6776fe53e736d0eba564dd785d57c9b78290021c875a06ab9f9f691d07760f0d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:73:66:fa:0c:06:3f:4b:e4:11:50:6a:74:c1: 12:30:fe:8f:01:7b:2c:f7:99:79:3f:1c:a0:36:30: e1:5e:15:73:81:67:9d:7d:c7:61:d4:ba:e7:6f:12: 9c:04:ea:c2:4e:61:96:24:9e:75:4d:3a:ef:46:72: d7:67:43:9d:9c:d5:4c:a2:b3:1a:80:0c:74:c6:cc: 53:da:63:3d:8d:13:92:78:08:7b:4d:40:d6:07:75: d9:42:63:35:ba:c2:2e:bb:b3:5b:80:11:dc:2a:1e: 8b:50:f4:de:b5:d9:7b:3f:14:10:97:20:61:07:57: f4:cb:76:ea:6a:43:fa:5e:91:7b:14:51:5a:32:76: d1:18:77:66:28:23:dc:39:0d:b4:1e:e2:d7:a7:0c: 91:d6:77:db:95:a8:63:a5:d8:23:4b:3c:96:ff:87: e6:3a:63:98:47:05:03:a6:44:6b:26:c4:b5:3d:92: 00:09:af:40:cd:8f:cb:f0:77:96:84:3f:0d:5e:53: 8a:5f:8d:2c:18:1f:ae:9c:91:6c:d6:b7:b8:13:2d: 4d:a8:16:d8:97:c9:f7:1c:3c:13:d1:32:d6:f4:04: 76:43:05:22:e6:81:24:68:9a:74:71:a4:d2:b8:d6: 81:f3:07:31:bf:dc:df:ef:72:49:43:2f:ca:db:a6: 90:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:21:83:92:10:03:47:42:09:62:0A:DD:5E:25:6F:69:22:72:5B:2E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 7d:32:9c:28:69:af:4e:aa:56:c3:a4:6c:6e:53:c3:06:08:f5: ef:20:86:35:41:f0:c3:55:15:51:ea:c3:5a:87:b1:df:ec:40: 7e:6a:f6:d5:41:5e:b4:13:64:35:64:18:10:44:d2:0a:43:58: dd:2d:85:a0:5f:ed:a9:69:0e:46:af:f1:5e:84:31:17:7a:86: 4f:ae:9e:ef:a8:ea:56:49:d5:6d:b8:14:8f:d0:92:37:b4:2b: 21:d8:28:f1:32:58:d4:89:10:cc:48:c0:f3:0a:62:94:e6:46: d0:46:fe:64:96:74:3f:bc:fc:40:f1:b1:23:e6:b9:c1:78:4b: 0f:a5:4b:f0:7a:c0:03:08:7e:34:47:60:bd:63:55:d9:e2:3b: 0c:91:34:8f:47:b0:d0:d9:54:9e:ae:eb:d0:92:07:8a:13:a2: dd:4b:a9:4a:b6:10:41:38:75:4b:61:9c:4e:ff:ed:00:fc:ea: 29:08:4a:21:af:64:30:3f:a2:ff:18:4a:ac:e4:dd:a6:5f:4d: a4:a5:f1:41:f2:8f:2c:01:b3:46:63:0d:10:0b:7a:ee:0d:29: a6:a4:01:14:de:39:db:a5:b2:0b:3a:de:69:d5:df:9c:fc:03: 73:20:59:24:58:09:17:bd:62:9d:85:8d:9f:51:e3:19:9e:d6: 6b:40:4d:66 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYxPJr/A1qAPJYkU41bF3CLWRo/YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTAyNTAwMDAwMVoX DTI1MTEyOTIzNTk1OVowejFJMEcGA1UEBRNANjc3NmZlNTNlNzM2ZDBlYmE1NjRk ZDc4NWQ1N2M5Yjc4MjkwMDIxYzg3NWEwNmFiOWY5ZjY5MWQwNzc2MGYwZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nNm+gwGP0vkEVBqdMESMP6PAXss 95l5PxygNjDhXhVzgWedfcdh1LrnbxKcBOrCTmGWJJ51TTrvRnLXZ0OdnNVMorMa gAx0xsxT2mM9jROSeAh7TUDWB3XZQmM1usIuu7NbgBHcKh6LUPTetdl7PxQQlyBh B1f0y3bqakP6XpF7FFFaMnbRGHdmKCPcOQ20HuLXpwyR1nfblahjpdgjSzyW/4fm OmOYRwUDpkRrJsS1PZIACa9AzY/L8HeWhD8NXlOKX40sGB+unJFs1re4Ey1NqBbY l8n3HDwT0TLW9AR2QwUi5oEkaJp0caTSuNaB8wcxv9zf73JJQy/K26aQywIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIghg5IQA0dCCWIK3V4lb2kiclsuMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQB9Mpwoaa9OqlbDpGxuU8MG CPXvIIY1QfDDVRVR6sNah7Hf7EB+avbVQV60E2Q1ZBgQRNIKQ1jdLYWgX+2paQ5G r/FehDEXeoZPrp7vqOpWSdVtuBSP0JI3tCsh2CjxMljUiRDMSMDzCmKU5kbQRv5k lnQ/vPxA8bEj5rnBeEsPpUvwesADCH40R2C9Y1XZ4jsMkTSPR7DQ2VSeruvQkgeK E6LdS6lKthBBOHVLYZxO/+0A/OopCEohr2QwP6L/GEqs5N2mX02kpfFB8o8sAbNG Yw0QC3ruDSmmpAEU3jnbpbILOt5p1d+c/ANzIFkkWAkXvWKdhY2fUeMZntZrQE1m -----END CERTIFICATE-----Generated at Mon Oct 27 03:54:50 2025 by rpki-client