$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: Qod34orDlh82LdDZsbXMpV/RaluZrIWgQGXXZbkDcVk= Subject key identifier: CF:C1:C0:2E:56:FC:DB:DF:2B:4B:01:CC:F4:51:83:AE:74:5D:1C:81 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 4022CA452480C4B3EB61FEDAF12911A2E191409E Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Fri 24 Oct 2025 00:00:01 +0000 ROA not before: Fri 24 Oct 2025 00:00:01 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:22:ca:45:24:80:c4:b3:eb:61:fe:da:f1:29:11:a2:e1:91:40:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Oct 24 00:00:01 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=7d1733a6878f382cddb104118ec191ce1dc465a2b21abb0a0023b02d2cb000e5, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:9a:7e:82:d6:31:54:be:50:92:d3:f1:5f:0b: ff:04:bd:38:4a:f9:f7:e9:ad:00:9a:06:36:48:fa: 8b:43:e6:32:57:e7:66:4b:7b:27:c1:b9:5d:45:4f: 7a:be:ab:56:cc:85:e2:ab:c2:4a:8e:dc:66:a1:ba: b0:f4:c7:11:6d:2f:94:b4:3f:1b:9c:21:34:29:7d: 3d:d7:68:46:98:a8:ab:1e:2b:b6:ca:f8:d0:07:c4: ec:91:cf:36:72:cb:b2:21:7e:b6:95:2d:55:ba:10: 86:1a:43:25:2a:cb:62:d9:de:ee:56:54:2b:b6:ca: ab:58:49:54:6b:db:cf:55:03:bb:5a:2c:97:5c:b2: bd:9f:59:64:e8:ce:51:99:8d:a8:7c:d4:a3:5e:b6: 2f:a1:04:47:7c:d5:d8:37:e6:bf:80:56:d8:eb:51: 11:0a:dc:0c:13:44:0d:8f:3e:35:d3:06:9d:6b:6a: ae:28:70:7c:f6:b4:43:84:8f:7f:6a:66:2e:13:6c: 89:ec:28:ac:69:17:bc:90:50:63:f3:2f:75:aa:66: 44:d6:6d:12:b2:a3:ec:14:33:8a:ce:9a:a1:88:80: be:c4:a7:57:87:bf:df:b8:92:2c:05:34:81:29:10: c9:38:81:77:8e:f5:bd:63:01:e3:e7:08:d7:b2:a4: 50:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:C1:C0:2E:56:FC:DB:DF:2B:4B:01:CC:F4:51:83:AE:74:5D:1C:81 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 54:38:6f:9e:4f:d1:eb:89:23:83:be:2e:a1:ab:8e:d8:15:01: cb:b8:49:6b:86:0d:25:36:7e:15:65:a2:14:32:8f:1a:cc:93: 80:16:ac:94:0f:46:48:fd:52:92:4a:af:85:0f:b6:b0:3c:0c: f0:e9:f7:eb:70:53:b6:32:f1:e4:35:0d:07:fe:d8:60:fa:1c: 0b:fe:9a:0a:81:31:68:7d:78:cd:b5:64:a8:73:fb:f4:e0:31: eb:36:4c:64:1b:39:d8:f7:d2:9d:72:2f:5c:f2:fc:23:2c:87: eb:79:c3:ac:7f:11:06:0a:d3:af:96:d6:7b:7a:42:c8:2a:b8: 80:bc:63:b3:d1:46:8e:d4:7e:43:3e:ea:7b:23:c3:76:44:9c: e0:54:33:eb:db:e0:a8:21:16:2f:b6:d1:8e:05:c2:d4:61:37: 9c:a4:08:37:d7:92:ed:1f:60:0d:d9:8f:14:c5:7c:82:50:1f: 56:b5:7a:05:0c:50:91:e0:7d:72:ca:3a:07:dd:c0:1d:1a:64: 80:e3:d5:39:a0:c6:6b:4f:1b:c0:d4:53:e9:32:72:a2:aa:13: a3:73:20:24:1c:2b:77:1c:00:03:6a:ea:1f:48:e5:8b:ba:77: 1b:fc:fc:85:73:4d:93:60:3a:02:88:d4:f2:7d:ab:d5:c3:28: f2:9a:23:ca -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQCLKRSSAxLPrYf7a8SkRouGRQJ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTAyNDAwMDAwMVoX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNAN2QxNzMzYTY4NzhmMzgyY2RkYjEw NDExOGVjMTkxY2UxZGM0NjVhMmIyMWFiYjBhMDAyM2IwMmQyY2IwMDBlNTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Zp+gtYxVL5QktPxXwv/BL04Svn3 6a0AmgY2SPqLQ+YyV+dmS3snwbldRU96vqtWzIXiq8JKjtxmobqw9McRbS+UtD8b nCE0KX0912hGmKirHiu2yvjQB8Tskc82csuyIX62lS1VuhCGGkMlKsti2d7uVlQr tsqrWElUa9vPVQO7WiyXXLK9n1lk6M5RmY2ofNSjXrYvoQRHfNXYN+a/gFbY61ER CtwME0QNjz410wada2quKHB89rRDhI9/amYuE2yJ7CisaRe8kFBj8y91qmZE1m0S sqPsFDOKzpqhiIC+xKdXh7/fuJIsBTSBKRDJOIF3jvW9YwHj5wjXsqRQdQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFM/BwC5W/NvfK0sBzPRRg650XRyBMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBUOG+eT9HriSODvi6hq47Y FQHLuElrhg0lNn4VZaIUMo8azJOAFqyUD0ZI/VKSSq+FD7awPAzw6ffrcFO2MvHk NQ0H/thg+hwL/poKgTFofXjNtWSoc/v04DHrNkxkGznY99Kdci9c8vwjLIfrecOs fxEGCtOvltZ7ekLIKriAvGOz0UaO1H5DPup7I8N2RJzgVDPr2+CoIRYvttGOBcLU YTecpAg315LtH2AN2Y8UxXyCUB9WtXoFDFCR4H1yyjoH3cAdGmSA49U5oMZrTxvA 1FPpMnKiqhOjcyAkHCt3HAADauofSOWLuncb/PyFc02TYDoCiNTyfavVwyjymiPK -----END CERTIFICATE-----Generated at Sun Oct 26 10:38:22 2025 by rpki-client