$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/177c9702-ee39-42d1-b76f-6cee77f4fb45.roa File: 177c9702-ee39-42d1-b76f-6cee77f4fb45.roa (raw, json) Hash identifier: KY+3ez0xt27XvXV4Ptra/fdRkMmp3DQqO0tBL1+GFms= Subject key identifier: E5:EC:E4:06:E3:4D:54:B0:22:8B:CD:61:13:4F:CA:26:DF:ED:A5:16 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 263FBFF982F72B61B2221D35391A541BBAAAD25A Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/177c9702-ee39-42d1-b76f-6cee77f4fb45.roa Signing time: Sat 02 Aug 2025 00:00:05 +0000 ROA not before: Sat 02 Aug 2025 00:00:05 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:3f:bf:f9:82:f7:2b:61:b2:22:1d:35:39:1a:54:1b:ba:aa:d2:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:05 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=28f9b9e19f83cb5b17fc6844025f7ea72f281c1e63ffb99e0ecfe96f85ffd150, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d7:67:b4:fc:3f:86:7a:eb:e1:0b:91:01:ef: dd:73:a1:07:d3:81:1b:eb:10:a7:40:2f:06:ac:a8: e0:1e:77:2e:9e:f6:7a:d8:75:c7:c9:d3:e1:1e:8a: 4f:04:21:bb:3d:a8:16:1e:25:37:71:b3:cb:8a:d0: 9f:38:d1:fa:f3:f2:77:54:7e:7a:33:4f:5f:45:fd: 8e:5e:57:3f:4b:3e:7b:db:f5:fc:0a:f7:81:9d:29: fb:6d:85:30:36:da:2b:1b:f8:37:89:16:b3:8f:42: 32:f4:7d:a3:99:9c:80:b2:48:54:b0:9f:d9:75:2c: 9b:4e:d6:d4:89:08:ab:24:6c:60:69:2c:25:a0:8c: a2:32:9a:80:23:09:7e:ae:fa:b9:45:87:99:41:d6: 40:cb:3f:f6:a3:6a:ff:66:8b:d7:58:5a:1b:6d:81: 79:19:3b:1c:48:af:6c:65:a5:67:37:34:12:ab:c2: 7f:14:ef:74:8e:05:49:c1:75:a3:be:a7:43:dc:22: 20:52:fb:4b:58:1c:de:e2:2f:49:8b:36:16:7d:6d: 49:81:92:bd:0c:0f:99:97:02:8f:7a:f3:44:36:7c: 0a:b6:e5:f6:82:ee:d8:2e:83:29:26:72:ab:6e:11: f6:0d:fd:2c:55:6c:79:16:d4:62:df:0f:3e:b3:8d: 4a:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:EC:E4:06:E3:4D:54:B0:22:8B:CD:61:13:4F:CA:26:DF:ED:A5:16 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/177c9702-ee39-42d1-b76f-6cee77f4fb45.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.240.0/20 Signature Algorithm: sha256WithRSAEncryption 40:f1:c6:c4:b7:80:b9:b9:4f:f4:91:36:4e:63:4b:9c:65:3d: 73:7f:0b:26:8c:0c:4c:33:3f:fb:fe:01:7a:ea:89:e5:be:fa: ce:0f:d4:73:21:7b:5b:f5:dc:52:75:7a:0f:93:4e:a7:36:2c: 54:80:27:61:78:bd:28:af:60:37:d4:bb:fe:b7:a7:21:29:36: 61:23:50:49:b2:8c:76:1e:ae:5b:c6:6e:1c:07:e2:b0:0d:8b: d0:5e:d8:20:16:cf:69:b8:34:de:de:be:74:ba:d4:3c:74:e5: 0f:a3:03:8e:c5:66:f5:f4:45:bc:d8:41:cc:e0:17:e3:ff:bf: 32:26:3a:c9:5c:59:5f:cc:ab:ec:a3:8d:57:1e:9c:48:3f:88: 63:39:65:72:88:e6:29:b3:d4:e1:59:26:27:aa:84:c1:6a:93: 61:97:23:69:a8:51:7d:a5:a2:ea:e2:1d:5e:ac:4c:5c:2f:19: c5:c6:35:9d:2e:4e:95:0a:86:1d:00:a4:81:14:84:a6:96:9c: 69:0f:5d:eb:79:bf:75:0b:b3:77:af:4f:62:0c:91:d4:1c:5a: 3d:48:54:e7:a4:a4:25:df:76:7b:6b:03:44:cd:05:b4:f8:36: 66:e1:05:9f:54:56:67:3f:7c:eb:b9:08:d8:0f:2f:5e:72:3d: cc:38:d7:24 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUJj+/+YL3K2GyIh01ORpUG7qq0lowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAwNVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAMjhmOWI5ZTE5ZjgzY2I1YjE3ZmM2 ODQ0MDI1ZjdlYTcyZjI4MWMxZTYzZmZiOTllMGVjZmU5NmY4NWZmZDE1MDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoddntPw/hnrr4QuRAe/dc6EH04Eb 6xCnQC8GrKjgHncunvZ62HXHydPhHopPBCG7PagWHiU3cbPLitCfONH68/J3VH56 M09fRf2OXlc/Sz572/X8CveBnSn7bYUwNtorG/g3iRazj0Iy9H2jmZyAskhUsJ/Z dSybTtbUiQirJGxgaSwloIyiMpqAIwl+rvq5RYeZQdZAyz/2o2r/ZovXWFobbYF5 GTscSK9sZaVnNzQSq8J/FO90jgVJwXWjvqdD3CIgUvtLWBze4i9JizYWfW1JgZK9 DA+ZlwKPevNENnwKtuX2gu7YLoMpJnKrbhH2Df0sVWx5FtRi3w8+s41KEwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOXs5AbjTVSwIovNYRNPyibf7aUWMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzE3N2M5NzAyLWVlMzktNDJkMS1iNzZmLTZjZWU3N2Y0ZmI0NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQEevjwMA0GCSqGSIb3DQEBCwUAA4IBAQBA8cbEt4C5uU/0kTZOY0uc ZT1zfwsmjAxMMz/7/gF66onlvvrOD9RzIXtb9dxSdXoPk06nNixUgCdheL0or2A3 1Lv+t6chKTZhI1BJsox2Hq5bxm4cB+KwDYvQXtggFs9puDTe3r50utQ8dOUPowOO xWb19EW82EHM4Bfj/78yJjrJXFlfzKvso41XHpxIP4hjOWVyiOYps9ThWSYnqoTB apNhlyNpqFF9paLq4h1erExcLxnFxjWdLk6VCoYdAKSBFISmlpxpD13reb91C7N3 r09iDJHUHFo9SFTnpKQl33Z7awNEzQW0+DZm4QWfVFZnP3zruQjYDy9ecj3MONck -----END CERTIFICATE-----Generated at Mon Aug 4 14:56:16 2025 by rpki-client