$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: DCGKvsSNO3W7cQ63C72x+p0Jo8dEJch5e/Vwj3sRnW8= Subject key identifier: 7F:D3:39:A4:9C:A4:3C:7F:E7:E8:CC:88:C0:B2:94:CD:A1:40:2A:89 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5BAD8839C2E2DE4F9F5697FBA394FD89DF4077A2 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Mon 21 Jul 2025 15:00:03 +0000 ROA not before: Mon 21 Jul 2025 15:00:03 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 00:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:ad:88:39:c2:e2:de:4f:9f:56:97:fb:a3:94:fd:89:df:40:77:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jul 21 15:00:03 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=87594f7e2b494191acb9ebc580b0b21ef61d26e59c7205966e6b579118ed8a47, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:2e:8d:2d:f5:22:d9:37:21:a8:71:1c:90:4d: a7:ac:c9:ba:f2:30:00:8c:4d:f2:c9:8e:08:d9:88: 8e:08:61:2d:a8:60:c0:aa:2a:58:6e:7e:97:56:ee: 14:7d:ce:88:69:3d:a6:15:96:8b:20:27:9f:44:e1: 3b:c9:af:3e:20:1c:f2:13:0d:63:5d:1b:5e:7e:26: ee:ce:a9:b6:65:77:51:d2:96:8c:c6:87:78:4d:15: 0a:86:d0:64:70:60:5b:b9:c6:e0:db:e4:61:08:76: 0f:6c:a9:26:e1:e4:b8:e3:3c:b5:ab:f8:fc:bf:49: fe:07:8b:a1:f8:9c:4a:e6:3e:70:c9:04:98:dc:2c: fc:85:62:3d:e4:4b:65:12:d7:6e:1d:ad:e7:62:08: 3a:e3:06:3b:f9:e6:07:f3:51:d5:0d:17:c5:69:0b: e0:97:48:14:29:19:04:a1:81:98:b0:f1:d0:06:97: 13:9a:4a:bc:ee:e3:04:71:22:7a:59:bf:d3:33:41: c8:43:c0:49:8a:d8:17:0f:c9:6a:c9:00:43:20:84: 9d:13:df:10:74:cf:a9:75:13:6c:74:9f:59:e0:e5: 8f:9b:27:8a:98:44:b1:4d:fd:f8:c6:64:ba:28:2b: 80:f2:0a:87:71:65:11:3e:94:3c:af:83:04:59:f0: 24:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:D3:39:A4:9C:A4:3C:7F:E7:E8:CC:88:C0:B2:94:CD:A1:40:2A:89 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:d1:90:f9:61:58:33:83:e2:9e:6d:b7:c0:cf:7e:af:31:36: 99:cd:94:95:82:8d:1c:c4:0c:7c:ab:f9:db:ae:4a:98:6f:c6: 88:04:a2:7f:dd:6a:17:b2:b4:60:85:87:a2:64:1e:f0:38:aa: f1:8e:46:08:ec:38:51:99:e3:c8:7e:62:fa:d4:b6:b8:13:0d: e4:3d:68:ba:f7:41:7c:1a:17:ef:02:9e:b5:9c:57:11:62:64: a3:64:e1:98:32:b6:9d:3c:4d:23:30:c0:1e:1a:23:46:8f:23: 5b:66:a1:02:f4:20:98:57:4c:15:28:d6:0a:65:f1:7d:e4:77: 3d:b3:f9:03:86:62:7c:f4:54:d0:fc:41:7e:4d:a0:11:88:55: a9:1d:4d:39:98:2d:7b:9c:63:55:a1:fa:d2:b0:90:e2:82:c9: b7:2e:a7:92:e6:3c:a0:24:a8:1e:68:c9:eb:87:7b:fe:d9:8d: 88:35:fa:a8:72:de:2d:37:da:e6:0c:58:d0:f5:07:52:2a:f3: 87:09:83:33:51:75:86:9c:9e:cb:c1:62:46:94:20:e9:e6:61: c3:87:1e:91:b5:9e:de:0b:2a:99:5f:1c:43:11:49:3f:f8:21: f5:d0:5d:06:79:6e:dc:cd:df:65:4f:b5:2c:53:f5:c3:e8:98: df:53:74:e3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUW62IOcLi3k+fVpf7o5T9id9Ad6IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDcyMTE1MDAwM1oX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAODc1OTRmN2UyYjQ5NDE5MWFjYjll YmM1ODBiMGIyMWVmNjFkMjZlNTljNzIwNTk2NmU2YjU3OTExOGVkOGE0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC6NLfUi2TchqHEckE2nrMm68jAA jE3yyY4I2YiOCGEtqGDAqipYbn6XVu4Ufc6IaT2mFZaLICefROE7ya8+IBzyEw1j XRtefibuzqm2ZXdR0paMxod4TRUKhtBkcGBbucbg2+RhCHYPbKkm4eS44zy1q/j8 v0n+B4uh+JxK5j5wyQSY3Cz8hWI95EtlEtduHa3nYgg64wY7+eYH81HVDRfFaQvg l0gUKRkEoYGYsPHQBpcTmkq87uMEcSJ6Wb/TM0HIQ8BJitgXD8lqyQBDIISdE98Q dM+pdRNsdJ9Z4OWPmyeKmESxTf34xmS6KCuA8gqHcWURPpQ8r4MEWfAkuQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFH/TOaScpDx/5+jMiMCylM2hQCqJMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQCO0ZD5YVgzg+KebbfAz36v MTaZzZSVgo0cxAx8q/nbrkqYb8aIBKJ/3WoXsrRghYeiZB7wOKrxjkYI7DhRmePI fmL61La4Ew3kPWi690F8GhfvAp61nFcRYmSjZOGYMradPE0jMMAeGiNGjyNbZqEC 9CCYV0wVKNYKZfF95Hc9s/kDhmJ89FTQ/EF+TaARiFWpHU05mC17nGNVofrSsJDi gsm3LqeS5jygJKgeaMnrh3v+2Y2INfqoct4tN9rmDFjQ9QdSKvOHCYMzUXWGnJ7L wWJGlCDp5mHDhx6RtZ7eCyqZXxxDEUk/+CH10F0GeW7czd9lT7UsU/XD6JjfU3Tj -----END CERTIFICATE-----Generated at Wed Aug 6 00:42:54 2025 by rpki-client