$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa File: 43fd8687-12d4-49b5-9958-8536ce8160b4.roa (raw, json) Hash identifier: 3jf21F4EwMQSQt0fNSk0MM+jNDxWR8oVCU+iS20AUhU= Subject key identifier: 3C:A3:B3:A3:C3:E5:CF:6C:69:82:F4:6D:3C:C2:56:AB:E2:1A:A6:49 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4CD9ED14D1ACE1B3A5F9D8F6A8223084A9539A72 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa Signing time: Fri 17 Oct 2025 00:01:31 +0000 ROA not before: Fri 17 Oct 2025 00:01:31 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.160.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:02:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:d9:ed:14:d1:ac:e1:b3:a5:f9:d8:f6:a8:22:30:84:a9:53:9a:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:31 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=dc86a2a59ec4487de687c4c169c41f7cb3bcd476082dd14486fae20ad4111f32, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:6a:d8:18:cf:19:96:6d:22:a7:f5:21:e9:26: 10:a5:fe:5a:93:90:d6:f1:97:46:cb:5e:a7:72:9b: 3b:60:4f:d2:f2:ca:90:1f:d5:fb:e8:1a:b9:b4:2d: 45:51:f2:b4:d4:0f:c6:d0:71:c4:3f:a9:a2:76:7a: e7:e8:c6:d8:6e:57:84:39:60:2f:39:fa:9b:8b:2e: 9f:20:18:0c:dc:92:d9:53:3a:fd:3e:e0:b4:65:d5: 22:b7:0c:d7:95:40:43:49:3d:c3:87:1a:7b:d9:25: 6b:0f:f2:29:33:2b:3b:8e:7c:fa:11:35:99:80:d9: cf:6e:fb:96:a8:d7:1a:da:42:b5:f5:26:ad:85:c1: 36:15:4c:85:de:2a:75:cf:58:3b:6b:65:35:f1:f3: 48:a3:6a:07:56:40:3e:d8:82:45:05:84:9e:73:ad: d6:8a:99:a8:aa:c0:9b:bd:47:b0:e7:d2:8e:58:f6: 6b:bf:c2:cf:31:ff:d9:0a:ce:e1:c6:18:cd:75:ce: 15:09:73:f6:66:80:11:d4:24:68:fa:ed:bf:46:85: be:7c:97:1e:11:4a:36:e5:76:b3:43:9a:80:9a:d3: 6b:78:17:06:84:e3:20:49:c5:7f:3b:26:b7:0d:c9: 1a:fd:56:dc:9e:f4:a0:12:7e:ed:ca:b0:f1:b2:2a: 82:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:A3:B3:A3:C3:E5:CF:6C:69:82:F4:6D:3C:C2:56:AB:E2:1A:A6:49 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.160.0/19 Signature Algorithm: sha256WithRSAEncryption ba:a4:da:49:22:0a:50:5d:d0:49:8a:b5:eb:21:18:e6:60:3c: d5:17:3d:3f:5e:bc:74:d3:48:5d:c4:76:d5:ee:e4:9b:2b:10: 46:07:06:1c:0f:7d:9c:28:72:61:80:06:93:3b:c1:5e:75:47: 09:06:11:7a:20:7e:01:60:3e:99:0b:e6:c2:36:71:24:1e:1a: aa:57:92:36:c1:55:2f:47:cc:f3:0e:ef:77:24:fa:f2:3c:87: d8:d0:45:d7:77:89:5d:6b:73:e5:cc:cb:17:89:fd:92:64:68: 99:19:1d:c4:74:ff:bf:6b:9b:d0:6f:6c:42:aa:67:95:f5:1b: 71:e1:32:3b:06:fc:7b:c5:76:0e:87:d9:a3:ac:3f:73:df:65: f1:e7:80:ce:63:83:64:a0:46:8e:c5:40:f0:aa:12:b6:bb:28: bb:6f:08:8b:65:a7:0d:fb:d5:7a:bb:c4:8c:f5:2c:c8:09:66: c1:6a:3c:a0:15:8b:d9:38:bf:65:fc:b7:8a:e2:4a:9e:32:18: 65:28:fc:b8:99:64:51:2a:d3:17:b1:81:20:e6:14:dd:01:e0: 43:d6:c8:3d:bd:23:25:2b:2c:46:e6:3e:18:0c:b1:2b:5f:3d: 63:72:cc:30:16:02:88:2a:fb:d7:c6:40:ff:f1:2f:62:11:a3: ca:41:f1:1e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTNntFNGs4bOl+dj2qCIwhKlTmnIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEzMVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAZGM4NmEyYTU5ZWM0NDg3ZGU2ODdj NGMxNjljNDFmN2NiM2JjZDQ3NjA4MmRkMTQ0ODZmYWUyMGFkNDExMWYzMjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8WrYGM8Zlm0ip/Uh6SYQpf5ak5DW 8ZdGy16ncps7YE/S8sqQH9X76Bq5tC1FUfK01A/G0HHEP6midnrn6MbYbleEOWAv Ofqbiy6fIBgM3JLZUzr9PuC0ZdUitwzXlUBDST3Dhxp72SVrD/IpMys7jnz6ETWZ gNnPbvuWqNca2kK19SathcE2FUyF3ip1z1g7a2U18fNIo2oHVkA+2IJFBYSec63W ipmoqsCbvUew59KOWPZrv8LPMf/ZCs7hxhjNdc4VCXP2ZoAR1CRo+u2/RoW+fJce EUo25XazQ5qAmtNreBcGhOMgScV/Oya3Dcka/VbcnvSgEn7tyrDxsiqCJQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDyjs6PD5c9saYL0bTzCVqviGqZJMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQzZmQ4Njg3LTEyZDQtNDliNS05OTU4LTg1MzZjZTgxNjBiNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQFrymgMA0GCSqGSIb3DQEBCwUAA4IBAQC6pNpJIgpQXdBJirXrIRjm YDzVFz0/Xrx000hdxHbV7uSbKxBGBwYcD32cKHJhgAaTO8FedUcJBhF6IH4BYD6Z C+bCNnEkHhqqV5I2wVUvR8zzDu93JPryPIfY0EXXd4lda3PlzMsXif2SZGiZGR3E dP+/a5vQb2xCqmeV9Rtx4TI7Bvx7xXYOh9mjrD9z32Xx54DOY4NkoEaOxUDwqhK2 uyi7bwiLZacN+9V6u8SM9SzICWbBajygFYvZOL9l/LeK4kqeMhhlKPy4mWRRKtMX sYEg5hTdAeBD1sg9vSMlKyxG5j4YDLErXz1jcswwFgKIKvvXxkD/8S9iEaPKQfEe -----END CERTIFICATE-----Generated at Wed Nov 5 11:26:30 2025 by rpki-client