$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa File: 245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa (raw, json) Hash identifier: lg1YUGhW4/UQUdrKyIyy9Kwc8htsOn7PAyEoxCHWx20= Subject key identifier: B4:66:41:B3:3D:CF:E4:B9:F3:DC:63:CA:E4:53:B3:DC:91:34:C2:80 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 46561EB704FE1C157E8EEAC7B8BB89264BDF9A5D Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa Signing time: Sat 02 Aug 2025 00:00:05 +0000 ROA not before: Sat 02 Aug 2025 00:00:05 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:56:1e:b7:04:fe:1c:15:7e:8e:ea:c7:b8:bb:89:26:4b:df:9a:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:05 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=6c40174d6cfb6543b2c28214d3473d46dcbb6e61eb9e98c9d8c3dea67f340bbc, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:81:1c:34:a1:26:35:8b:a1:28:fe:bb:11:63: 15:48:a2:df:ae:f3:32:8b:97:31:b0:e3:e4:f7:01: 4b:e0:1a:a7:72:77:29:8d:8a:c0:30:4f:ee:2d:bc: b2:81:24:8b:fd:ec:dd:61:9d:7f:b5:91:75:c8:b2: f1:48:52:29:42:5e:bb:40:fe:43:09:6d:4e:e3:5f: 14:74:3c:0f:5c:75:44:e3:13:8b:c0:f6:41:d2:88: 48:03:d5:5b:cb:1d:99:37:49:ae:86:88:c8:2c:95: f8:a1:e6:ad:55:1a:8e:32:44:17:43:d3:0a:1e:61: 5c:c0:fb:a9:0c:9a:b4:78:43:61:fa:45:9c:72:0d: a4:08:5a:01:e0:23:e9:ce:b4:a1:2d:6b:7b:f6:80: 78:f6:c3:45:2a:64:a8:0f:32:2b:58:ed:69:c8:60: 3d:72:27:16:ad:e6:3b:36:60:83:26:28:cf:94:7d: 11:5d:04:0f:2c:60:ab:dc:4c:ec:5c:a1:a9:05:89: 17:fd:de:f4:20:9d:58:c9:3c:67:c7:6a:18:12:d4: 1a:22:91:49:16:24:a2:f1:f7:f9:6b:9c:0f:e0:ec: 2d:d5:6f:5f:e6:fe:cf:32:70:15:eb:9d:5c:ed:25: 17:bb:93:1e:23:98:1d:1b:f4:5d:8f:a7:03:8d:48: 4d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:66:41:B3:3D:CF:E4:B9:F3:DC:63:CA:E4:53:B3:DC:91:34:C2:80 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/245fa4eb-6d0d-4df7-9e2d-29a7d39adcb9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/19 Signature Algorithm: sha256WithRSAEncryption c9:04:ed:12:bf:1a:e2:f9:e2:59:e1:55:51:a5:0f:27:53:5b: 00:36:c6:23:40:75:c6:1e:82:95:d7:10:b9:3a:55:c1:52:0a: ab:06:47:54:a9:57:c7:1b:b4:8a:f3:97:14:fc:5a:f4:c8:23: 77:7f:c6:33:35:30:3d:3d:15:fb:f0:4f:72:8d:be:78:c3:6b: 39:85:54:26:d9:67:59:54:45:ce:81:28:5a:e1:28:26:d3:b9: 21:9c:50:7d:68:32:fe:7b:0f:c3:46:d6:0d:4f:78:5d:57:54: 30:fb:29:2f:36:4d:20:9c:ec:65:a1:96:7a:ed:e5:cc:36:14: da:c4:f3:e4:bb:44:7d:a2:ff:1d:5f:a4:22:89:df:fc:6b:aa: 96:39:73:82:26:b1:f6:cc:ef:2a:f7:f7:11:6e:a3:e0:d3:00: f6:03:c4:b4:2a:79:26:c2:1f:d2:28:72:2a:bd:8d:e0:91:57: f4:9d:85:67:ef:56:de:25:9b:3d:f8:49:bc:d2:be:16:19:d5: 13:fb:e2:1e:b0:7a:e9:99:41:d5:c8:7c:26:4e:d5:15:4f:cd: bb:a0:e3:fd:82:b4:d4:70:76:c1:3c:cd:c8:64:82:29:18:5c: 0c:01:65:8d:ae:e3:65:f2:4b:cc:32:89:c1:87:c3:b9:f0:2d: 91:41:8d:5a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIURlYetwT+HBV+jurHuLuJJkvfml0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAwNVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNANmM0MDE3NGQ2Y2ZiNjU0M2IyYzI4 MjE0ZDM0NzNkNDZkY2JiNmU2MWViOWU5OGM5ZDhjM2RlYTY3ZjM0MGJiYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4EcNKEmNYuhKP67EWMVSKLfrvMy i5cxsOPk9wFL4BqncncpjYrAME/uLbyygSSL/ezdYZ1/tZF1yLLxSFIpQl67QP5D CW1O418UdDwPXHVE4xOLwPZB0ohIA9Vbyx2ZN0muhojILJX4oeatVRqOMkQXQ9MK HmFcwPupDJq0eENh+kWccg2kCFoB4CPpzrShLWt79oB49sNFKmSoDzIrWO1pyGA9 cicWreY7NmCDJijPlH0RXQQPLGCr3EzsXKGpBYkX/d70IJ1YyTxnx2oYEtQaIpFJ FiSi8ff5a5wP4Owt1W9f5v7PMnAV651c7SUXu5MeI5gdG/Rdj6cDjUhNJwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLRmQbM9z+S589xjyuRTs9yRNMKAMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzI0NWZhNGViLTZkMGQtNGRmNy05ZTJkLTI5YTdkMzlhZGNiOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQFevjAMA0GCSqGSIb3DQEBCwUAA4IBAQDJBO0Svxri+eJZ4VVRpQ8n U1sANsYjQHXGHoKV1xC5OlXBUgqrBkdUqVfHG7SK85cU/Fr0yCN3f8YzNTA9PRX7 8E9yjb54w2s5hVQm2WdZVEXOgSha4Sgm07khnFB9aDL+ew/DRtYNT3hdV1Qw+ykv Nk0gnOxloZZ67eXMNhTaxPPku0R9ov8dX6Qiid/8a6qWOXOCJrH2zO8q9/cRbqPg 0wD2A8S0Knkmwh/SKHIqvY3gkVf0nYVn71beJZs9+Em80r4WGdUT++IesHrpmUHV yHwmTtUVT827oOP9grTUcHbBPM3IZIIpGFwMAWWNruNl8kvMMonBh8O58C2RQY1a -----END CERTIFICATE-----Generated at Mon Aug 4 19:13:13 2025 by rpki-client