$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: knzIDRc9OIWPv8+BmixTR1I4VaxCAZspEd9KELX4tOE= Subject key identifier: 25:80:EE:8C:A4:A6:5A:3B:C7:FF:4E:80:80:A7:C1:4D:69:48:DE:CA Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 183868E544B849CF91F9CABA67C35246C772851F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Tue 11 Nov 2025 00:10:29 +0000 ROA not before: Tue 11 Nov 2025 00:10:29 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 15 Nov 2025 00:10:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:38:68:e5:44:b8:49:cf:91:f9:ca:ba:67:c3:52:46:c7:72:85:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 11 00:10:29 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=7917adeb12afba6d618a59922f2df567b46c4b66ae14f62517bb50f1fc5a8eda, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:71:c1:75:f9:4a:73:9c:8e:81:82:47:58:95: fa:57:ff:0d:e5:95:b8:d9:29:f1:e5:d3:c7:3e:c9: 34:86:72:ad:a0:53:ac:9e:83:25:a3:03:22:1b:13: 80:80:7c:00:7a:4a:e0:a2:5c:07:fd:1a:4b:81:10: 6c:31:de:3c:39:eb:c6:7c:55:52:96:1b:1e:9a:e8: de:be:6f:d2:90:fd:2e:1b:a5:63:e6:64:30:ff:ad: 2a:d5:3b:89:e0:02:56:74:a6:88:71:84:94:fc:64: b3:62:29:c2:18:44:93:b4:b2:74:c6:d7:af:a0:7d: 9d:8f:82:8c:12:b0:68:66:d2:86:dc:bb:3b:7d:49: da:7d:b6:fe:c6:52:f2:5c:e9:a8:c5:fc:c7:88:1b: dd:58:e5:ac:55:7a:e6:87:29:d7:35:22:25:9b:b5: 67:f7:d7:d7:21:1e:cc:e8:8e:b3:ab:4c:6c:a4:1f: 78:28:ab:09:15:50:51:f0:cc:ce:72:41:4d:a7:44: 49:da:84:33:39:f8:0f:cb:df:38:78:16:6e:1a:51: 7e:a8:d4:c6:55:20:95:db:d6:82:78:a6:31:19:c2: e1:a8:ec:44:c2:b3:f9:31:88:39:b7:ed:0b:57:5a: f6:29:17:d5:c6:0c:0c:35:08:c3:36:7e:c9:d4:63: 31:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:80:EE:8C:A4:A6:5A:3B:C7:FF:4E:80:80:A7:C1:4D:69:48:DE:CA X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 16:fd:70:ff:01:94:75:ca:6f:42:e1:05:17:b7:71:86:d4:94: 33:52:f7:d0:34:13:7c:e3:33:b0:36:be:f8:7a:69:1e:1e:73: 40:6f:95:95:59:c6:ff:9b:7c:b1:c4:1a:48:2a:33:5f:61:3d: 4b:0d:d0:6d:1a:fb:b0:99:58:76:20:2d:b3:9c:cb:76:a2:45: e5:93:1a:cf:86:21:00:8b:c5:93:4e:cf:a1:7b:d7:5e:91:1b: e9:fb:78:f6:7a:fc:ca:b1:24:ef:ef:b5:0a:c2:74:59:16:3a: c4:cb:61:28:b2:88:5a:75:de:07:c2:42:38:53:33:3c:97:07: 83:3b:bc:01:ca:6a:d8:9c:11:23:d8:59:04:ee:3b:d3:9f:47: 7b:4a:d9:fe:69:de:77:46:54:c7:80:0c:79:2b:66:60:fb:9c: e9:8c:e2:43:cf:e5:25:1e:5c:58:1c:a9:b5:ad:5c:83:74:9f: ba:23:be:3c:d3:27:d0:61:0e:d8:08:24:d9:8c:e6:31:be:4b: 11:69:8e:c6:98:45:f2:0b:11:b2:bf:d0:b6:56:fe:d3:bc:08: 49:bf:d6:fd:d9:ed:64:86:ee:a4:f0:b8:88:40:48:29:4b:d8: d0:69:7c:69:b1:d2:54:fd:44:50:22:d5:ff:08:b8:82:93:a1: 88:15:c6:f2 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGDho5US4Sc+R+cq6Z8NSRsdyhR8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MTExMTAwMTAyOVoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNANzkxN2FkZWIxMmFmYmE2ZDYxOGE1 OTkyMmYyZGY1NjdiNDZjNGI2NmFlMTRmNjI1MTdiYjUwZjFmYzVhOGVkYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HHBdflKc5yOgYJHWJX6V/8N5ZW4 2Snx5dPHPsk0hnKtoFOsnoMlowMiGxOAgHwAekrgolwH/RpLgRBsMd48OevGfFVS lhsemujevm/SkP0uG6Vj5mQw/60q1TuJ4AJWdKaIcYSU/GSzYinCGESTtLJ0xtev oH2dj4KMErBoZtKG3Ls7fUnafbb+xlLyXOmoxfzHiBvdWOWsVXrmhynXNSIlm7Vn 99fXIR7M6I6zq0xspB94KKsJFVBR8MzOckFNp0RJ2oQzOfgPy984eBZuGlF+qNTG VSCV29aCeKYxGcLhqOxEwrP5MYg5t+0LV1r2KRfVxgwMNQjDNn7J1GMxwwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCWA7oykplo7x/9OgICnwU1pSN7KMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQAW/XD/AZR1ym9C4QUXt3GG 1JQzUvfQNBN84zOwNr74emkeHnNAb5WVWcb/m3yxxBpIKjNfYT1LDdBtGvuwmVh2 IC2znMt2okXlkxrPhiEAi8WTTs+he9dekRvp+3j2evzKsSTv77UKwnRZFjrEy2Eo sohadd4HwkI4UzM8lweDO7wBymrYnBEj2FkE7jvTn0d7Stn+ad53RlTHgAx5K2Zg +5zpjOJDz+UlHlxYHKm1rVyDdJ+6I7480yfQYQ7YCCTZjOYxvksRaY7GmEXyCxGy v9C2Vv7TvAhJv9b92e1khu6k8LiIQEgpS9jQaXxpsdJU/URQItX/CLiCk6GIFcby -----END CERTIFICATE-----Generated at Tue Nov 11 20:07:01 2025 by rpki-client