$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa File: 3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa (raw, json) Hash identifier: amkVtT5O0C2NbJL88E9FOLSqLSjYan3d8UkmnxNtxG4= Subject key identifier: 0B:4D:49:BD:C9:A7:F5:32:B1:74:D7:F4:06:E3:84:DB:1D:ED:64:C8 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 3B2FDA6042F666768D199DE5809AA828CD3C73A2 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa Signing time: Sat 02 Aug 2025 00:00:13 +0000 ROA not before: Sat 02 Aug 2025 00:00:13 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.136.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:2f:da:60:42:f6:66:76:8d:19:9d:e5:80:9a:a8:28:cd:3c:73:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:13 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=7821b68e72e6494010d16d1cd8dbf83483bded34204d0b8cdd18e5905719d1c3, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:6b:63:de:40:c4:b7:ff:b5:fa:09:09:70:84: 11:48:0d:28:37:87:82:cf:d2:ff:44:99:e1:e9:5c: 42:50:3e:25:c9:c8:2e:c5:ef:7b:29:e0:3f:18:15: dc:c0:40:f8:c9:d7:2a:24:3a:66:30:f5:ee:54:27: 8d:04:5d:c6:16:20:9f:59:f2:63:91:b5:33:7b:eb: 7e:06:91:62:a0:bf:f0:48:6c:af:8a:da:4c:30:6e: 2c:8b:1e:a1:ec:43:29:fc:5b:be:f4:86:18:1c:39: 3d:42:18:7d:ad:d9:9c:20:f6:e5:19:30:7c:51:e8: c1:75:5b:74:05:ff:ba:6a:32:38:b1:ee:25:86:77: 34:2c:fb:d5:62:27:a1:ea:1e:1b:f9:86:38:43:86: 04:01:03:2b:1c:e4:6b:57:9f:96:cd:bf:d0:a9:9e: d3:23:86:a2:4f:b5:ac:18:ba:10:90:a7:66:32:db: 95:1a:53:2d:ad:d5:24:e3:51:b9:41:12:fd:ff:fb: fc:10:38:82:d4:b8:f5:c1:0b:21:f1:ba:7e:5b:d1: 43:70:79:58:66:a4:47:36:9f:4c:5c:a3:0a:58:02: 4b:73:a3:1b:33:ef:cd:0d:3c:38:83:ff:ad:d3:93: b5:a7:6a:d3:12:bd:35:38:23:2d:ef:56:73:a1:81: ca:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:4D:49:BD:C9:A7:F5:32:B1:74:D7:F4:06:E3:84:DB:1D:ED:64:C8 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.136.0/21 Signature Algorithm: sha256WithRSAEncryption 67:d0:60:9a:85:88:31:12:26:18:02:1d:9d:a1:0c:8e:78:f2: 84:9c:07:62:5c:66:7e:fe:da:4d:72:14:d8:cd:7d:2d:32:0c: ae:df:d4:58:1a:0c:db:1e:b5:8e:96:96:47:5f:43:6d:e7:04: 87:39:a7:f3:71:f2:5d:ca:cf:0d:9c:48:c5:87:f3:48:c9:cb: 6c:3b:14:80:c5:8d:b3:f0:9e:f0:5a:01:6a:26:a8:79:f3:9e: 90:8f:13:2f:60:00:55:46:5d:51:1c:0c:ff:ed:03:84:f3:19: e5:f2:a4:06:90:d5:65:bc:48:19:bf:58:12:4e:25:ab:89:56: c0:44:37:8d:27:4e:84:b9:df:af:3a:d0:58:fd:91:24:34:1d: 5d:f1:c2:f4:37:ba:0c:de:15:8c:2c:45:8a:81:02:b4:aa:9c: 14:36:5c:c4:ff:ce:84:ce:f6:b6:a7:0c:92:25:3e:75:7f:ce: d6:de:15:38:d6:9f:2e:95:0e:37:00:b4:34:51:8c:a3:b5:bb: c5:ff:2e:f6:26:fe:80:ce:75:67:ca:fb:8d:f1:d3:34:53:ed: 03:6e:9c:3a:96:77:28:d0:28:a8:d6:3f:dd:99:48:89:03:bf: f2:0a:f4:c1:0c:ff:61:56:e0:74:bb:f4:05:96:55:ba:e0:88: 32:7d:b9:86 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOy/aYEL2ZnaNGZ3lgJqoKM08c6IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAxM1oX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNANzgyMWI2OGU3MmU2NDk0MDEwZDE2 ZDFjZDhkYmY4MzQ4M2JkZWQzNDIwNGQwYjhjZGQxOGU1OTA1NzE5ZDFjMzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02tj3kDEt/+1+gkJcIQRSA0oN4eC z9L/RJnh6VxCUD4lycguxe97KeA/GBXcwED4ydcqJDpmMPXuVCeNBF3GFiCfWfJj kbUze+t+BpFioL/wSGyvitpMMG4six6h7EMp/Fu+9IYYHDk9Qhh9rdmcIPblGTB8 UejBdVt0Bf+6ajI4se4lhnc0LPvVYieh6h4b+YY4Q4YEAQMrHORrV5+Wzb/QqZ7T I4aiT7WsGLoQkKdmMtuVGlMtrdUk41G5QRL9//v8EDiC1Lj1wQsh8bp+W9FDcHlY ZqRHNp9MXKMKWAJLc6MbM+/NDTw4g/+t05O1p2rTEr01OCMt71ZzoYHK7wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAtNSb3Jp/UysXTX9AbjhNsd7WTIMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzNiODU1N2MwLWQ1ZWUtNGY5ZC04MGFjLWU0MWEzN2ZmZmYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymIMA0GCSqGSIb3DQEBCwUAA4IBAQBn0GCahYgxEiYYAh2doQyO ePKEnAdiXGZ+/tpNchTYzX0tMgyu39RYGgzbHrWOlpZHX0Nt5wSHOafzcfJdys8N nEjFh/NIyctsOxSAxY2z8J7wWgFqJqh5856QjxMvYABVRl1RHAz/7QOE8xnl8qQG kNVlvEgZv1gSTiWriVbARDeNJ06Eud+vOtBY/ZEkNB1d8cL0N7oM3hWMLEWKgQK0 qpwUNlzE/86Ezva2pwySJT51f87W3hU41p8ulQ43ALQ0UYyjtbvF/y72Jv6AznVn yvuN8dM0U+0Dbpw6lnco0Cio1j/dmUiJA7/yCvTBDP9hVuB0u/QFllW64IgyfbmG -----END CERTIFICATE-----Generated at Mon Aug 4 15:38:11 2025 by rpki-client