$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa File: 42932dd4-2720-47b3-a472-fc2c8a50a46c.roa (raw, json) Hash identifier: waiHC2uvQ/JWWGj6dv0+Jnvjhmk720UW4x8oKc0eTrA= Subject key identifier: F1:4A:69:3E:3A:8A:DB:B9:8F:8D:F0:AA:7F:B7:FE:4C:21:08:7F:A0 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 375BA41131A3B67F45D1533942A92E491F8C8BD0 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa Signing time: Sat 02 Aug 2025 00:00:09 +0000 ROA not before: Sat 02 Aug 2025 00:00:09 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.130.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 15:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:5b:a4:11:31:a3:b6:7f:45:d1:53:39:42:a9:2e:49:1f:8c:8b:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:09 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=6834742c61f76cd28d06139f7105026eb0a58815fcd6405d0f4c2616d73283d6, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:18:35:5e:11:50:62:f6:89:83:d3:b4:19:a2: 6c:05:3b:39:07:09:51:18:86:10:13:98:58:96:24: 69:f8:fe:f9:25:76:05:3c:9c:2c:bc:be:32:27:d1: df:d6:66:3a:da:f3:63:e8:7f:70:4a:73:cd:4d:aa: 66:77:c3:ff:ab:8a:05:15:3b:08:15:42:65:a0:88: 55:56:72:c7:86:fe:e4:a7:b5:5b:ba:f1:34:74:e1: cd:cf:3f:c2:60:93:a3:8f:65:8a:01:b9:21:a8:56: 41:7a:31:e7:01:9f:75:1e:4e:4e:c6:5d:e9:d1:80: 73:88:dd:32:c0:a7:1a:5c:07:19:a1:f5:13:1e:5b: 13:1e:03:38:5f:ea:01:b4:be:29:24:ec:1a:30:72: 02:ee:c7:2b:39:8d:02:6f:7d:83:3f:4b:be:09:15: d2:9d:60:fd:db:ef:89:18:a2:71:4d:39:6b:5b:93: 04:1c:55:ad:b4:67:24:1f:5c:29:5c:0a:0c:0c:fb: 36:d2:58:f1:3a:aa:39:bf:72:08:4e:04:ae:0a:35: b8:f9:26:29:76:84:69:55:41:8a:1c:17:5e:a6:3a: 12:f7:b1:05:0a:9a:72:f4:e0:72:b3:b7:8d:5c:5b: 2b:6a:dd:ef:57:fc:5c:7d:48:fb:cb:17:21:2f:39: 28:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:4A:69:3E:3A:8A:DB:B9:8F:8D:F0:AA:7F:B7:FE:4C:21:08:7F:A0 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.130.0/23 Signature Algorithm: sha256WithRSAEncryption c1:f1:d6:1f:c9:22:b4:15:ca:0c:2a:0c:db:c8:fb:0e:a9:1e: 8a:3a:79:a2:d2:f5:47:b2:03:ac:cd:d7:fb:b0:11:2e:dc:4d: 23:6f:91:69:0e:86:32:1d:30:62:1c:e2:29:82:72:b2:eb:71: 53:f0:53:4d:42:fc:f9:93:05:c2:fb:11:e8:e9:cc:2b:d0:66: 38:d1:88:6a:58:72:9e:be:c6:56:9f:b0:28:34:79:87:b3:41: 27:9c:9e:ff:d6:57:cc:05:88:2e:35:83:ae:25:8f:d7:89:3f: 1e:f7:3d:97:91:d7:d9:5a:b7:94:16:2e:e3:d8:93:85:62:2c: 97:93:5a:b9:5b:41:f3:ec:fe:8a:9d:b7:9c:73:fd:21:a9:06: 8e:bf:cb:cd:a1:b5:17:33:b0:f7:8d:db:1c:23:06:29:37:95: 79:45:a3:9d:3d:c6:49:cc:8b:15:8c:f0:be:a4:32:b4:4d:44: 1e:8b:14:40:2f:a3:91:b9:93:e0:3c:65:08:bf:13:b2:43:ba: ff:cc:50:78:9b:70:1f:da:8e:33:cb:3e:09:f1:b4:3e:24:ab: 9c:64:bd:e6:3d:a9:ed:4a:e1:4e:e9:81:73:30:2e:69:e9:f7: 47:34:dd:b7:66:3a:f3:85:93:90:13:12:65:49:5e:ed:e9:b4: 3c:58:a0:1b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUN1ukETGjtn9F0VM5QqkuSR+Mi9AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAwOVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNANjgzNDc0MmM2MWY3NmNkMjhkMDYx MzlmNzEwNTAyNmViMGE1ODgxNWZjZDY0MDVkMGY0YzI2MTZkNzMyODNkNjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxg1XhFQYvaJg9O0GaJsBTs5BwlR GIYQE5hYliRp+P75JXYFPJwsvL4yJ9Hf1mY62vNj6H9wSnPNTapmd8P/q4oFFTsI FUJloIhVVnLHhv7kp7VbuvE0dOHNzz/CYJOjj2WKAbkhqFZBejHnAZ91Hk5Oxl3p 0YBziN0ywKcaXAcZofUTHlsTHgM4X+oBtL4pJOwaMHIC7scrOY0Cb32DP0u+CRXS nWD92++JGKJxTTlrW5MEHFWttGckH1wpXAoMDPs20ljxOqo5v3IITgSuCjW4+SYp doRpVUGKHBdepjoS97EFCppy9OBys7eNXFsrat3vV/xcfUj7yxchLzkoeQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPFKaT46itu5j43wqn+3/kwhCH+gMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQyOTMyZGQ0LTI3MjAtNDdiMy1hNDcyLWZjMmM4YTUwYTQ2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrymCMA0GCSqGSIb3DQEBCwUAA4IBAQDB8dYfySK0FcoMKgzbyPsO qR6KOnmi0vVHsgOszdf7sBEu3E0jb5FpDoYyHTBiHOIpgnKy63FT8FNNQvz5kwXC +xHo6cwr0GY40YhqWHKevsZWn7AoNHmHs0EnnJ7/1lfMBYguNYOuJY/XiT8e9z2X kdfZWreUFi7j2JOFYiyXk1q5W0Hz7P6Knbecc/0hqQaOv8vNobUXM7D3jdscIwYp N5V5RaOdPcZJzIsVjPC+pDK0TUQeixRAL6ORuZPgPGUIvxOyQ7r/zFB4m3Af2o4z yz4J8bQ+JKucZL3mPantSuFO6YFzMC5p6fdHNN23ZjrzhZOQExJlSV7t6bQ8WKAb -----END CERTIFICATE-----Generated at Wed Aug 6 04:17:05 2025 by rpki-client