$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa File: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (raw, json) Hash identifier: pFn2xgAAxPr7bRer7U3jziShEPfk4bh3VwR+jFrTcdk= Subject key identifier: 4C:94:C7:A0:F4:19:B3:55:6B:9F:8E:D0:87:46:82:62:B4:CD:B1:51 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 427BD81FE4BC6A04D9D5C2AF29DDC2DFC54317D4 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa Signing time: Mon 04 Aug 2025 15:00:19 +0000 ROA not before: Mon 04 Aug 2025 15:00:19 +0000 ROA not after: Mon 08 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:7b:d8:1f:e4:bc:6a:04:d9:d5:c2:af:29:dd:c2:df:c5:43:17:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Aug 4 15:00:19 2025 GMT Not After : Sep 8 23:59:59 2025 GMT Subject: serialNumber=a9bb063eb99d3045416a3282d8887cca09a86d1413d4b2e877f594c472fc87fc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:a3:2e:bb:66:b3:8f:66:06:1b:5d:1e:87:99: 6f:da:27:a0:ac:cb:0c:05:d5:45:30:14:6b:09:f1: d1:5e:a1:bc:87:9d:7d:80:bf:a6:db:b4:c8:81:0b: a9:ac:85:cc:04:c3:ca:03:48:d5:a4:b8:27:e3:a6: db:3e:84:88:a4:3f:79:51:ac:f2:bb:c6:14:de:09: f9:f0:0a:ff:b2:28:37:44:a5:fa:9e:18:41:b5:dc: af:da:24:f8:56:34:ec:bb:b2:3c:3c:d7:91:1e:00: 8d:e9:ae:24:73:25:4e:41:e0:f2:fd:fc:a3:2d:c6: 5b:db:e1:b5:13:8b:1f:ca:6d:91:cb:d9:5a:2a:69: c0:e6:70:84:5a:d2:50:c7:2f:f2:61:51:0b:4d:c8: f2:ae:d6:78:59:0d:63:a4:33:9d:62:93:19:99:58: 74:65:7a:92:9c:ea:ce:03:1c:74:6e:16:4d:24:75: ab:ac:a7:31:34:fb:ed:8a:fe:f4:b9:44:e2:28:d1: 98:2b:d7:5d:75:cc:57:4a:fd:57:8d:ed:7c:89:4f: 5c:98:df:1a:3d:08:d7:47:e2:9b:6d:b1:f8:42:29: 57:ce:a3:0e:45:ab:d0:60:0c:7a:a9:bd:b5:e9:cc: 41:a0:79:37:e2:85:c9:5a:4a:91:f1:a1:8b:c6:8a: 25:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:94:C7:A0:F4:19:B3:55:6B:9F:8E:D0:87:46:82:62:B4:CD:B1:51 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 9a:6a:7c:a7:6d:f4:2f:d8:04:a0:30:1f:4e:86:8f:ad:c7:02: f9:c1:4b:96:c7:f6:40:8a:d6:fe:a4:f3:e2:1d:3e:c5:bf:67: f0:27:4b:15:1e:0c:b0:e0:b4:02:7d:d1:7e:d4:95:6e:1b:16: 49:f8:73:00:b5:08:c6:1b:40:fc:db:0e:93:05:75:fe:12:b6: 8a:e6:59:9d:f7:9d:15:8f:aa:1e:3a:22:7d:54:4b:48:94:f5: 46:f8:d5:29:fa:c8:c6:ce:56:90:33:4d:a3:33:0a:81:79:bc: 00:85:4c:df:fb:4b:6a:b9:d7:d1:99:c7:b8:bf:5f:64:c7:16: 6e:38:9f:3f:a8:6c:d8:e6:87:dd:b5:7b:05:ca:df:d6:b0:cd: 14:d9:62:6c:bc:9f:72:46:8c:d0:5a:5c:3d:89:96:b2:9c:7a: cb:d4:2f:70:9b:c9:de:90:16:f8:46:ae:41:55:39:76:a5:91: 83:32:ae:18:e1:84:bc:94:bf:4b:17:e8:dc:9e:7a:02:fd:34: d6:7e:0b:a9:48:43:6f:82:90:76:b8:58:0c:86:b1:81:ee:7d: ca:87:9d:d9:5a:96:17:5d:50:67:41:4d:aa:8c:c0:40:ff:7b: 3e:ba:3f:fb:f7:70:df:10:bb:e5:76:4d:73:a4:6d:5d:a0:2b: eb:ce:61:a1 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQnvYH+S8agTZ1cKvKd3C38VDF9QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDgwNDE1MDAxOVoX DTI1MDkwODIzNTk1OVowejFJMEcGA1UEBRNAYTliYjA2M2ViOTlkMzA0NTQxNmEz MjgyZDg4ODdjY2EwOWE4NmQxNDEzZDRiMmU4NzdmNTk0YzQ3MmZjODdmYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKMuu2azj2YGG10eh5lv2iegrMsM BdVFMBRrCfHRXqG8h519gL+m27TIgQuprIXMBMPKA0jVpLgn46bbPoSIpD95Uazy u8YU3gn58Ar/sig3RKX6nhhBtdyv2iT4VjTsu7I8PNeRHgCN6a4kcyVOQeDy/fyj LcZb2+G1E4sfym2Ry9laKmnA5nCEWtJQxy/yYVELTcjyrtZ4WQ1jpDOdYpMZmVh0 ZXqSnOrOAxx0bhZNJHWrrKcxNPvtiv70uUTiKNGYK9dddcxXSv1Xje18iU9cmN8a PQjXR+KbbbH4QilXzqMORavQYAx6qb216cxBoHk34oXJWkqR8aGLxoolnQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEyUx6D0GbNVa5+O0IdGgmK0zbFRMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1ZDZjYmFlLThiN2YtNDVhOS04ZDliLTQ1OGQxMGE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQCaanynbfQv2ASgMB9Oho+t xwL5wUuWx/ZAitb+pPPiHT7Fv2fwJ0sVHgyw4LQCfdF+1JVuGxZJ+HMAtQjGG0D8 2w6TBXX+EraK5lmd950Vj6oeOiJ9VEtIlPVG+NUp+sjGzlaQM02jMwqBebwAhUzf +0tqudfRmce4v19kxxZuOJ8/qGzY5ofdtXsFyt/WsM0U2WJsvJ9yRozQWlw9iZay nHrL1C9wm8nekBb4Rq5BVTl2pZGDMq4Y4YS8lL9LF+jcnnoC/TTWfgupSENvgpB2 uFgMhrGB7n3Kh53ZWpYXXVBnQU2qjMBA/3s+uj/793DfELvldk1zpG1doCvrzmGh -----END CERTIFICATE-----Generated at Mon Aug 4 22:19:10 2025 by rpki-client