$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa File: 197500e2-3802-44b2-a561-ca3dad01e209.roa (raw, json) Hash identifier: tbAbfaC2RuFNWZiog/TRY+SJFGIcDojyat8DSXiGpj4= Subject key identifier: 27:AD:19:2F:5B:DA:31:07:6D:7D:B9:90:F7:92:0F:EC:82:34:AE:33 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 6AE333A5F4A34ABA22F6A88104D526CE45698FE7 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa Signing time: Sat 02 Aug 2025 00:00:08 +0000 ROA not before: Sat 02 Aug 2025 00:00:08 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 15:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:e3:33:a5:f4:a3:4a:ba:22:f6:a8:81:04:d5:26:ce:45:69:8f:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:08 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=efe664887d95051b316496567ec2fa80c3ba8a0af0b151609f527272244aa876, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:1b:0e:85:2f:d8:52:52:80:e1:8f:cf:a2:3f: 18:d9:c3:04:de:2d:0f:72:fe:a8:5f:ae:34:14:d6: 02:c5:87:45:f6:56:00:d6:dd:bc:f2:75:ee:15:5b: 91:ce:bb:da:80:cf:b8:f9:1a:bd:50:2e:da:76:b6: 3d:52:ef:a7:e3:9a:a7:38:53:f7:ea:82:c7:47:83: 27:39:e4:b4:0b:21:b7:59:e4:95:7c:4c:7d:ca:ff: 7a:ed:c8:ec:b1:7c:27:eb:42:8b:f5:80:aa:5d:64: 71:40:d5:7f:cc:a9:06:4b:33:bf:4b:ea:7b:0a:f2: 9f:4e:be:f5:ab:16:8c:51:42:54:8c:59:a6:c8:59: b8:ce:e3:2f:c8:8b:b6:35:33:f5:ba:9f:f4:49:e1: ef:4b:ac:03:a6:80:8f:6c:b7:c1:69:18:c8:2b:69: 11:26:88:c7:85:26:f0:eb:62:14:8c:a0:84:cc:54: 8c:94:9a:29:38:23:d3:7e:98:f5:9f:35:4a:33:ea: a7:c4:13:44:c0:dc:a5:80:a9:e0:5a:51:8c:2b:32: 16:c8:9c:33:3f:27:5f:9b:ea:b9:72:78:b4:43:9b: d3:e4:63:ea:2a:ad:e8:fe:20:13:d3:bb:ee:dd:5a: de:ca:22:49:c1:8e:89:38:19:98:1c:45:e2:88:2e: 1c:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:AD:19:2F:5B:DA:31:07:6D:7D:B9:90:F7:92:0F:EC:82:34:AE:33 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.128.0/24 Signature Algorithm: sha256WithRSAEncryption 15:9d:57:66:63:60:1a:42:e0:cc:12:0d:02:d7:88:47:f7:db: 80:8b:2d:e2:da:24:62:c7:ee:15:69:c7:20:a6:92:08:ba:d9: 3e:f9:21:8d:ed:1a:9f:39:d4:8c:4d:b9:f5:6e:c6:02:72:ce: f4:f8:0c:c1:8e:df:c8:53:c7:34:0c:1f:d2:fe:80:d1:04:a8: c7:f8:1c:99:ce:b8:8f:8a:1b:35:9c:ac:4a:4b:8e:95:53:8e: 49:57:95:0f:e3:a7:9b:6e:10:12:6c:66:1f:10:7d:c5:b8:2a: 99:b9:e1:3e:83:4b:8d:50:11:29:b4:c1:2f:b1:52:ff:f8:10: 01:08:ad:3d:ed:b7:17:ee:e2:06:28:7d:5b:d2:01:2c:04:63: 0f:1d:1c:65:5a:0a:36:6d:e9:66:5b:d6:f1:e4:58:47:b6:e0: d9:87:e0:1a:72:fa:96:d9:6a:65:b7:2b:e4:ba:08:4b:e4:62: d2:24:b2:3c:8c:90:b7:ff:63:f8:01:5a:4e:bd:b1:f9:8b:a6: 37:a5:c6:67:e8:b0:a0:0b:90:5e:e5:bd:b0:cb:70:76:94:5f: df:fd:52:91:05:96:1b:87:8a:11:dd:74:bc:16:3e:24:76:31: 9b:51:63:4c:ac:30:01:8e:fc:18:5c:72:cd:2f:70:f4:2a:26: 99:31:79:23 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUauMzpfSjSroi9qiBBNUmzkVpj+cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAwOFoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAZWZlNjY0ODg3ZDk1MDUxYjMxNjQ5 NjU2N2VjMmZhODBjM2JhOGEwYWYwYjE1MTYwOWY1MjcyNzIyNDRhYTg3NjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBsOhS/YUlKA4Y/Poj8Y2cME3i0P cv6oX640FNYCxYdF9lYA1t288nXuFVuRzrvagM+4+Rq9UC7adrY9Uu+n45qnOFP3 6oLHR4MnOeS0CyG3WeSVfEx9yv967cjssXwn60KL9YCqXWRxQNV/zKkGSzO/S+p7 CvKfTr71qxaMUUJUjFmmyFm4zuMvyIu2NTP1up/0SeHvS6wDpoCPbLfBaRjIK2kR JojHhSbw62IUjKCEzFSMlJopOCPTfpj1nzVKM+qnxBNEwNylgKngWlGMKzIWyJwz Pydfm+q5cni0Q5vT5GPqKq3o/iAT07vu3VreyiJJwY6JOBmYHEXiiC4c1wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCetGS9b2jEHbX25kPeSD+yCNK4zMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzE5NzUwMGUyLTM4MDItNDRiMi1hNTYxLWNhM2RhZDAxZTIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArymAMA0GCSqGSIb3DQEBCwUAA4IBAQAVnVdmY2AaQuDMEg0C14hH 99uAiy3i2iRix+4VaccgppIIutk++SGN7RqfOdSMTbn1bsYCcs70+AzBjt/IU8c0 DB/S/oDRBKjH+ByZzriPihs1nKxKS46VU45JV5UP46ebbhASbGYfEH3FuCqZueE+ g0uNUBEptMEvsVL/+BABCK097bcX7uIGKH1b0gEsBGMPHRxlWgo2belmW9bx5FhH tuDZh+AacvqW2WpltyvkughL5GLSJLI8jJC3/2P4AVpOvbH5i6Y3pcZn6LCgC5Be 5b2wy3B2lF/f/VKRBZYbh4oR3XS8Fj4kdjGbUWNMrDABjvwYXHLNL3D0KiaZMXkj -----END CERTIFICATE-----Generated at Thu Aug 7 05:05:39 2025 by rpki-client