$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa File: 7b26d410-17d7-4310-bb58-41c465f8eef2.roa (raw, json) Hash identifier: Xr7nLPSK2ZSyjI0rCOlF0AuSHNbswrAss87oZHF4EXo= Subject key identifier: 44:53:C8:27:A3:DC:28:90:1F:92:0B:86:0A:B9:26:4F:34:31:5E:9E Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 7A9A8FAC9C6A3CD5C95045F84234832742D646F2 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa Signing time: Sat 02 Aug 2025 00:00:11 +0000 ROA not before: Sat 02 Aug 2025 00:00:11 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.148.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 15:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:9a:8f:ac:9c:6a:3c:d5:c9:50:45:f8:42:34:83:27:42:d6:46:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:11 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=33a2b472d2a370f190fb7760b812d43e628c8743ce32c440690e7843f36bf564, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7c:b2:e7:75:83:54:6c:ff:7c:f1:39:87:bf: cf:cc:20:35:f1:22:a2:c8:f7:f3:74:c1:e6:06:98: f5:97:a9:a5:1b:50:dc:07:7e:5a:55:04:ca:b7:85: 57:f7:e3:7f:4b:ba:cf:fe:e4:58:dc:58:fc:3f:3a: 65:3f:58:c6:f9:50:07:47:ea:d8:17:9a:0b:1f:6c: 56:80:0a:ab:de:e6:35:a7:3b:50:fb:29:f0:0a:7a: dc:53:62:11:d5:9a:d7:c3:80:15:9e:51:ce:41:11: 16:4d:6c:d7:02:d7:6f:4a:89:f4:35:b9:c3:41:92: b2:50:83:09:5e:4e:20:d7:70:8e:db:2c:1a:5c:71: 63:5c:ac:57:5a:e9:77:b3:04:8f:84:1c:89:00:ad: 88:f6:58:07:e2:eb:eb:fa:34:bc:5b:87:cc:0a:6e: b5:65:50:94:22:3a:33:62:47:49:6d:08:c1:33:55: 6e:94:fb:5a:94:df:e2:65:ad:2f:3c:af:b1:23:fb: 78:ff:a1:e1:5b:1b:1d:db:f4:07:63:c0:79:d2:f3: 4d:84:8f:a0:c6:9a:18:00:b5:43:8d:ea:d0:1e:35: 0e:9e:84:8a:cd:e1:cb:8f:37:b8:93:70:fb:e7:03: d2:21:ae:74:67:a4:3c:3f:e6:2d:e3:81:5c:7b:81: 48:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:53:C8:27:A3:DC:28:90:1F:92:0B:86:0A:B9:26:4F:34:31:5E:9E X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.148.0/23 Signature Algorithm: sha256WithRSAEncryption 18:80:f0:93:04:9b:86:48:21:03:f4:7c:4d:88:c1:b7:f6:00: 6f:64:6c:de:98:8b:16:b0:a5:58:e8:b0:b8:54:bc:aa:a1:88: 79:0d:d8:7a:91:b0:7e:36:35:ae:16:4d:f5:01:c1:7f:5d:4e: 2a:31:76:b2:c5:14:eb:3a:b3:c8:0a:65:2c:a4:0d:1f:2a:8f: 65:f8:2e:3a:de:fe:a3:e3:f1:d0:eb:61:84:40:3e:56:38:f1: 1c:7b:18:7b:d9:89:5f:1e:06:da:a9:9c:b4:97:f6:87:07:f8: 58:70:bf:4a:cc:55:ec:a9:cf:c8:67:3d:17:7c:ed:87:c8:27: d3:5a:e6:59:88:0f:bf:55:77:dd:f7:f9:c6:69:8a:a9:34:38: 28:b8:3c:9f:ef:d2:68:cb:5e:6f:2d:98:e4:3c:08:df:b2:31: 16:2b:c4:6c:43:31:61:9c:e3:23:2f:32:61:5d:01:28:42:6b: c0:ba:88:42:ea:6b:36:2e:3d:41:1a:8b:01:71:ee:de:89:82: e9:95:08:6b:1c:fc:6e:6c:c9:54:52:9c:cb:ab:1d:48:97:54: 0d:d5:b8:af:31:fe:61:aa:de:cf:c7:db:bd:6f:1c:24:f7:52: c0:57:74:5e:44:ae:19:03:02:c5:68:65:29:bb:78:92:2e:3b: 8b:1e:43:f0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUepqPrJxqPNXJUEX4QjSDJ0LWRvIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAxMVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAMzNhMmI0NzJkMmEzNzBmMTkwZmI3 NzYwYjgxMmQ0M2U2MjhjODc0M2NlMzJjNDQwNjkwZTc4NDNmMzZiZjU2NDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXyy53WDVGz/fPE5h7/PzCA18SKi yPfzdMHmBpj1l6mlG1DcB35aVQTKt4VX9+N/S7rP/uRY3Fj8PzplP1jG+VAHR+rY F5oLH2xWgAqr3uY1pztQ+ynwCnrcU2IR1ZrXw4AVnlHOQREWTWzXAtdvSon0NbnD QZKyUIMJXk4g13CO2ywaXHFjXKxXWul3swSPhByJAK2I9lgH4uvr+jS8W4fMCm61 ZVCUIjozYkdJbQjBM1VulPtalN/iZa0vPK+xI/t4/6HhWxsd2/QHY8B50vNNhI+g xpoYALVDjerQHjUOnoSKzeHLjze4k3D75wPSIa50Z6Q8P+Yt44Fce4FIIQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFERTyCej3CiQH5ILhgq5Jk80MV6eMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzdiMjZkNDEwLTE3ZDctNDMxMC1iYjU4LTQxYzQ2NWY4ZWVmMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrymUMA0GCSqGSIb3DQEBCwUAA4IBAQAYgPCTBJuGSCED9HxNiMG3 9gBvZGzemIsWsKVY6LC4VLyqoYh5Ddh6kbB+NjWuFk31AcF/XU4qMXayxRTrOrPI CmUspA0fKo9l+C463v6j4/HQ62GEQD5WOPEcexh72YlfHgbaqZy0l/aHB/hYcL9K zFXsqc/IZz0XfO2HyCfTWuZZiA+/VXfd9/nGaYqpNDgouDyf79Joy15vLZjkPAjf sjEWK8RsQzFhnOMjLzJhXQEoQmvAuohC6ms2Lj1BGosBce7eiYLplQhrHPxubMlU UpzLqx1Il1QN1bivMf5hqt7Px9u9bxwk91LAV3ReRK4ZAwLFaGUpu3iSLjuLHkPw -----END CERTIFICATE-----Generated at Tue Aug 5 17:08:36 2025 by rpki-client