$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: EWyZQ0kD4O1likOe4tykuIu5kk0yH0Zz9dIOCoYFR6g= Subject key identifier: 82:16:3F:4F:BD:80:7B:55:B9:64:85:7C:57:1C:5C:3E:0D:BD:46:22 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 703335F6A6D6EDC85962C040B0340C943D452EAB Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Fri 24 Oct 2025 00:00:01 +0000 ROA not before: Fri 24 Oct 2025 00:00:01 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:33:35:f6:a6:d6:ed:c8:59:62:c0:40:b0:34:0c:94:3d:45:2e:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Oct 24 00:00:01 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=7176969ee9bc3858778887bf5f216cc2cdc42e5af8ad0e39cb1b94f0a87e0ec6, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:75:c3:ad:09:6e:68:e9:d0:59:dc:77:23:8e: d9:4c:b5:fd:20:89:f8:23:0a:0c:bd:53:6d:14:fd: 43:0f:b2:59:0d:5d:b8:03:ea:56:c8:48:06:3c:db: e2:96:23:89:f3:30:43:97:9a:c8:eb:64:f1:1d:d4: 01:2b:de:1d:bd:4a:3e:f4:61:0e:19:f7:65:8a:98: 0b:f2:d3:6c:0c:25:5d:a9:bb:2d:ee:a3:59:91:10: b9:d2:3f:bc:0e:a0:ee:74:df:8a:b1:13:bd:31:1e: d7:f2:97:4b:94:cc:41:2e:a0:55:bb:84:e9:8f:83: ed:de:83:c2:69:ec:73:3f:2c:cd:34:3d:a1:db:4b: 0b:cb:bb:44:0b:b2:85:3e:9a:63:86:24:4a:84:10: 21:14:28:2a:43:e3:c1:48:4a:15:98:65:27:8a:8a: 62:44:82:04:c0:c1:24:d9:54:c9:1b:75:10:02:d6: 9c:9c:02:3f:10:9c:6f:1e:7b:8d:35:f3:5d:50:fe: 1e:d5:53:94:75:f4:f1:14:4f:84:2d:0f:55:bf:c6: 95:23:65:cb:6f:0c:01:6b:dc:5d:41:16:1d:c7:33: ea:40:67:88:ff:c0:a3:44:97:6c:56:17:fe:06:06: 5e:d7:81:78:e1:2f:ad:1b:75:c8:53:07:2f:21:31: 1b:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:16:3F:4F:BD:80:7B:55:B9:64:85:7C:57:1C:5C:3E:0D:BD:46:22 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 2c:90:74:c4:d3:78:97:57:7e:67:2b:5a:c7:16:f4:40:84:e9: 43:15:fa:a5:96:75:e3:1e:2c:de:79:ff:a0:2d:73:bb:15:98: a8:2e:6a:18:27:53:ac:32:99:2d:3b:37:ac:64:25:16:dd:8e: fa:47:6f:62:ab:fa:9d:5a:16:27:76:99:e9:34:6c:e4:22:c9: 26:5c:a9:ea:44:d8:fb:95:1b:5b:a1:5d:0e:5e:e3:86:c8:79: 03:32:4c:66:66:bf:81:dd:e3:9e:4e:1e:9b:22:74:b0:89:1b: fd:37:4c:61:b9:67:8b:7a:0f:cd:47:78:58:f6:35:d0:52:e1: 6a:73:51:41:77:e0:c8:2d:03:52:8c:be:01:7d:5e:40:58:2a: d6:b3:40:23:0b:25:89:43:ce:1d:35:5b:6e:4b:dd:5d:59:13: 65:f4:44:b9:8d:c9:57:29:6d:b4:a5:1e:5a:28:31:f7:df:3f: ae:1c:fd:96:87:35:a3:54:5a:1f:eb:dd:ec:c3:c0:5c:bb:be: 38:44:fb:26:ee:cc:25:f9:51:b3:2d:fc:20:e0:00:b3:00:63: 84:4b:55:02:d6:04:2a:cc:7d:f2:95:ca:b3:ff:c8:2b:60:bb: e9:0d:4c:ea:c6:87:d5:1c:f7:7f:91:d1:fa:96:61:a5:d4:ca: d7:8e:30:e7 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcDM19qbW7chZYsBAsDQMlD1FLqswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MTAyNDAwMDAwMVoX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNANzE3Njk2OWVlOWJjMzg1ODc3ODg4 N2JmNWYyMTZjYzJjZGM0MmU1YWY4YWQwZTM5Y2IxYjk0ZjBhODdlMGVjNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnXDrQluaOnQWdx3I47ZTLX9IIn4 IwoMvVNtFP1DD7JZDV24A+pWyEgGPNviliOJ8zBDl5rI62TxHdQBK94dvUo+9GEO GfdlipgL8tNsDCVdqbst7qNZkRC50j+8DqDudN+KsRO9MR7X8pdLlMxBLqBVu4Tp j4Pt3oPCaexzPyzNND2h20sLy7tEC7KFPppjhiRKhBAhFCgqQ+PBSEoVmGUniopi RIIEwMEk2VTJG3UQAtacnAI/EJxvHnuNNfNdUP4e1VOUdfTxFE+ELQ9Vv8aVI2XL bwwBa9xdQRYdxzPqQGeI/8CjRJdsVhf+BgZe14F44S+tG3XIUwcvITEbwwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIIWP0+9gHtVuWSFfFccXD4NvUYiMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQAskHTE03iXV35nK1rHFvRA hOlDFfqllnXjHizeef+gLXO7FZioLmoYJ1OsMpktOzesZCUW3Y76R29iq/qdWhYn dpnpNGzkIskmXKnqRNj7lRtboV0OXuOGyHkDMkxmZr+B3eOeTh6bInSwiRv9N0xh uWeLeg/NR3hY9jXQUuFqc1FBd+DILQNSjL4BfV5AWCrWs0AjCyWJQ84dNVtuS91d WRNl9ES5jclXKW20pR5aKDH33z+uHP2WhzWjVFof693sw8Bcu744RPsm7swl+VGz Lfwg4ACzAGOES1UC1gQqzH3ylcqz/8grYLvpDUzqxofVHPd/kdH6lmGl1MrXjjDn -----END CERTIFICATE-----Generated at Wed Nov 5 05:43:16 2025 by rpki-client