$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa File: 43fd8687-12d4-49b5-9958-8536ce8160b4.roa (raw, json) Hash identifier: hcBCz8pjSbZBwEsa41ey2guhkl5K7x9KUwBIbfqn6Jc= Subject key identifier: 3D:96:B7:88:1A:7B:04:75:93:06:87:18:CA:CE:F9:63:27:D0:8B:B4 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2F421A48B0292C78ABEF3BF37AF1FEE0A6A809AA Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa Signing time: Sat 02 Aug 2025 00:00:15 +0000 ROA not before: Sat 02 Aug 2025 00:00:15 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.160.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:42:1a:48:b0:29:2c:78:ab:ef:3b:f3:7a:f1:fe:e0:a6:a8:09:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:15 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=ded04418f6add9766cf69d84e4c54c2e4946020aaf0f2eb9ac1e894de484ef78, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:34:a0:a4:56:59:ab:3f:26:89:8f:08:b1:a0: df:fc:35:0d:c8:99:bd:94:c9:db:d9:b6:be:f6:f6: cf:cd:b9:20:fa:04:42:72:3d:1c:14:c3:cb:98:32: 91:b5:09:cb:ef:b7:cf:d6:fb:86:db:24:d9:e7:38: 14:3e:bd:7c:9a:e2:33:37:62:6d:8b:57:ff:6b:a8: 04:19:38:a1:22:b7:05:74:ea:9c:49:0c:98:cd:49: 94:8a:bd:75:9e:f8:ac:c3:18:6e:61:66:c4:2d:a8: 85:1b:00:e0:c5:8e:6b:e6:81:cf:93:ed:b3:89:12: f8:0e:fe:46:1e:01:b9:7f:b6:62:7c:6a:78:94:ad: 8a:86:13:f3:86:b3:f3:f5:41:27:d2:99:2b:60:d0: dc:7e:9d:c3:5c:5c:d2:d7:f1:32:53:ac:13:49:e1: 29:c7:42:d1:2e:6f:f7:9f:f3:0d:22:18:a2:18:df: 15:98:fd:f8:18:51:7b:1f:fa:74:1e:48:42:12:37: ae:60:40:fc:23:49:19:78:ef:72:d4:0d:88:11:2d: 84:0f:7b:41:46:33:ce:2f:18:2b:55:16:ca:a1:cf: 8c:02:c6:5b:08:a4:6f:58:08:33:36:d0:3d:36:af: 5a:29:53:d2:4c:d1:40:5c:9c:de:c8:bd:0f:e9:59: 4d:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:96:B7:88:1A:7B:04:75:93:06:87:18:CA:CE:F9:63:27:D0:8B:B4 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.160.0/19 Signature Algorithm: sha256WithRSAEncryption 56:1d:31:01:55:46:52:29:93:da:5b:ef:5b:6d:fb:d8:89:09: 7b:36:d2:92:37:5e:2e:86:9a:e0:73:64:9a:06:19:16:f6:19: ed:9f:f2:d7:cc:65:30:a1:b0:74:8c:66:b8:61:50:9b:ea:1c: 53:3b:a7:55:45:25:26:73:17:77:4b:0a:62:3e:a1:3d:a2:67: 5f:9d:84:2b:0a:a7:15:b7:9c:49:45:b0:52:07:64:27:d6:5b: 39:7a:a0:80:34:bc:6e:99:78:bb:6d:cd:70:fc:4b:ad:4d:80: 62:d2:f9:78:0f:27:e3:a0:f7:3f:63:c3:88:55:33:8c:aa:51: d9:a5:52:07:9e:65:9a:a4:f7:95:7c:df:55:b6:fc:10:f6:b6: 12:24:ad:3c:aa:81:d8:6d:63:5d:b8:83:f4:fe:62:28:ea:11: a0:20:78:68:95:00:d9:8a:eb:08:4f:f2:55:75:c8:48:bf:90: 88:68:76:10:e3:50:4e:f5:49:f1:b3:e7:b1:ff:70:69:42:bb: 12:6e:3a:d2:e0:65:0c:8a:99:34:5d:ed:b2:3e:80:99:ae:94: bd:4b:43:79:da:f3:24:77:a5:87:b9:1c:09:43:e5:d7:23:a8: bd:58:68:26:7f:e2:8a:40:5c:2c:19:78:db:6a:cd:b6:e3:f6: 51:1b:a7:f6 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUL0IaSLApLHir7zvzevH+4KaoCaowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAxNVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAZGVkMDQ0MThmNmFkZDk3NjZjZjY5 ZDg0ZTRjNTRjMmU0OTQ2MDIwYWFmMGYyZWI5YWMxZTg5NGRlNDg0ZWY3ODEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTSgpFZZqz8miY8IsaDf/DUNyJm9 lMnb2ba+9vbPzbkg+gRCcj0cFMPLmDKRtQnL77fP1vuG2yTZ5zgUPr18muIzN2Jt i1f/a6gEGTihIrcFdOqcSQyYzUmUir11nviswxhuYWbELaiFGwDgxY5r5oHPk+2z iRL4Dv5GHgG5f7ZifGp4lK2KhhPzhrPz9UEn0pkrYNDcfp3DXFzS1/EyU6wTSeEp x0LRLm/3n/MNIhiiGN8VmP34GFF7H/p0HkhCEjeuYED8I0kZeO9y1A2IES2ED3tB RjPOLxgrVRbKoc+MAsZbCKRvWAgzNtA9Nq9aKVPSTNFAXJzeyL0P6VlNSQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFD2Wt4gaewR1kwaHGMrO+WMn0Iu0MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQzZmQ4Njg3LTEyZDQtNDliNS05OTU4LTg1MzZjZTgxNjBiNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQFrymgMA0GCSqGSIb3DQEBCwUAA4IBAQBWHTEBVUZSKZPaW+9bbfvY iQl7NtKSN14uhprgc2SaBhkW9hntn/LXzGUwobB0jGa4YVCb6hxTO6dVRSUmcxd3 SwpiPqE9omdfnYQrCqcVt5xJRbBSB2Qn1ls5eqCANLxumXi7bc1w/EutTYBi0vl4 DyfjoPc/Y8OIVTOMqlHZpVIHnmWapPeVfN9VtvwQ9rYSJK08qoHYbWNduIP0/mIo 6hGgIHholQDZiusIT/JVdchIv5CIaHYQ41BO9Unxs+ex/3BpQrsSbjrS4GUMipk0 Xe2yPoCZrpS9S0N52vMkd6WHuRwJQ+XXI6i9WGgmf+KKQFwsGXjbas224/ZRG6f2 -----END CERTIFICATE-----Generated at Mon Aug 4 16:05:04 2025 by rpki-client