$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa File: adf75e2e-9d2c-4718-a49d-ad44079b266b.roa (raw, json) Hash identifier: Kvmc/hqY/vogQCWVl6vkaYesnaU1vHdvynPTnINrqQw= Subject key identifier: 14:CA:F8:D1:0E:72:BB:3E:85:72:F7:4D:BC:2C:62:1C:9F:50:A4:89 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 26A5F5B07055CA545E31FDC9AA01035614135FFD Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa Signing time: Sat 02 Aug 2025 00:00:14 +0000 ROA not before: Sat 02 Aug 2025 00:00:14 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:a5:f5:b0:70:55:ca:54:5e:31:fd:c9:aa:01:03:56:14:13:5f:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:14 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=9ed25ba071cf9adf464a50cc390bbc89d4ef4b74a30bb54a4639b10b5b06cff2, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:d9:57:4d:65:71:7f:99:29:97:4c:c6:ac:35: b5:04:1b:86:5f:c2:78:bf:b1:68:7b:1f:30:6b:36: 1d:5a:4a:61:53:b7:d5:fb:6d:65:e5:11:95:3d:f6: e9:73:9a:a3:9d:4d:3b:86:27:56:02:ab:cb:ac:47: a6:6f:ff:dd:be:11:7d:ae:8c:1a:e2:a7:d3:b7:a8: 3a:fe:55:a0:12:e2:49:08:f7:a2:e5:4c:05:10:cd: 1e:aa:51:88:ee:f6:72:5e:12:56:40:fa:ac:2c:2a: ee:82:45:37:86:79:6a:e7:5e:81:06:dc:8b:7f:b4: 02:a3:01:c7:a6:e1:9e:b7:52:87:47:8c:e9:d7:33: 13:0f:ad:44:cc:8c:8a:37:8b:54:af:f7:b0:09:f9: ed:9c:82:74:a9:15:c0:55:95:24:28:42:13:92:28: 03:bc:4c:ed:92:d9:7c:21:4d:ea:97:9c:2f:1f:7f: 81:e8:6a:50:c3:20:2e:37:67:85:d0:bb:6d:34:e4: 90:7a:f5:de:fa:3a:b8:91:04:78:28:18:97:2f:07: 12:1e:b6:dd:2f:2a:5a:2c:dd:83:d1:6f:2b:bb:af: 75:4b:55:85:a7:be:1a:a9:85:d6:dc:0f:c4:9a:3e: 02:34:ee:40:80:fc:43:ea:a6:3a:50:66:de:44:9a: ac:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:CA:F8:D1:0E:72:BB:3E:85:72:F7:4D:BC:2C:62:1C:9F:50:A4:89 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.152.0/21 Signature Algorithm: sha256WithRSAEncryption 02:80:48:47:47:2a:b0:82:c0:d6:0a:58:7f:e7:1b:6a:60:b2: 66:08:9d:d3:47:94:ac:ce:1f:ff:22:2d:2c:0e:14:1c:a6:1c: c7:fd:40:a5:ef:14:b3:02:4d:0a:91:c5:08:ed:2c:20:10:d8: 47:f5:87:06:80:a3:bb:f5:7d:21:35:21:38:55:09:1f:b5:09: 28:2e:f3:e9:15:a0:66:6f:ba:bc:2e:dd:f1:e1:3f:c6:8d:19: 4d:76:46:18:b1:a4:ff:70:91:ac:2e:a2:f8:e5:0a:27:01:97: 94:e4:b8:9f:af:82:dd:6a:8b:36:e2:c8:41:dc:ea:3e:9f:bc: 89:48:3c:de:9d:b2:38:aa:10:be:92:6b:99:8f:41:d3:b7:69: 52:54:ff:b6:de:4e:33:03:3d:c8:81:c7:bd:67:99:83:30:01: 80:2b:42:40:88:0f:35:d0:b8:b7:4a:b0:16:c1:18:2a:71:62: 4e:61:fa:30:55:05:ba:73:85:ac:2e:c9:bd:cb:54:c3:84:f1: 5f:d1:30:a5:d7:49:e9:dc:55:87:e9:91:b8:8b:6b:0d:f1:38: ec:4e:3a:ab:e2:1b:6d:3a:0c:c4:4d:20:c5:7a:6a:2b:ee:99: c9:c8:72:83:f2:9e:4f:95:49:de:2d:18:e5:d9:0d:19:f3:58: 62:aa:2f:0f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUJqX1sHBVylReMf3JqgEDVhQTX/0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAxNFoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAOWVkMjViYTA3MWNmOWFkZjQ2NGE1 MGNjMzkwYmJjODlkNGVmNGI3NGEzMGJiNTRhNDYzOWIxMGI1YjA2Y2ZmMjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotlXTWVxf5kpl0zGrDW1BBuGX8J4 v7Foex8wazYdWkphU7fV+21l5RGVPfbpc5qjnU07hidWAqvLrEemb//dvhF9rowa 4qfTt6g6/lWgEuJJCPei5UwFEM0eqlGI7vZyXhJWQPqsLCrugkU3hnlq516BBtyL f7QCowHHpuGet1KHR4zp1zMTD61EzIyKN4tUr/ewCfntnIJ0qRXAVZUkKEITkigD vEztktl8IU3ql5wvH3+B6GpQwyAuN2eF0LttNOSQevXe+jq4kQR4KBiXLwcSHrbd LypaLN2D0W8ru691S1WFp74aqYXW3A/Emj4CNO5AgPxD6qY6UGbeRJqsCQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBTK+NEOcrs+hXL3TbwsYhyfUKSJMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2FkZjc1ZTJlLTlkMmMtNDcxOC1hNDlkLWFkNDQwNzliMjY2Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymYMA0GCSqGSIb3DQEBCwUAA4IBAQACgEhHRyqwgsDWClh/5xtq YLJmCJ3TR5Sszh//Ii0sDhQcphzH/UCl7xSzAk0KkcUI7SwgENhH9YcGgKO79X0h NSE4VQkftQkoLvPpFaBmb7q8Lt3x4T/GjRlNdkYYsaT/cJGsLqL45QonAZeU5Lif r4Ldaos24shB3Oo+n7yJSDzenbI4qhC+kmuZj0HTt2lSVP+23k4zAz3Igce9Z5mD MAGAK0JAiA810Li3SrAWwRgqcWJOYfowVQW6c4WsLsm9y1TDhPFf0TCl10np3FWH 6ZG4i2sN8TjsTjqr4httOgzETSDFemor7pnJyHKD8p5PlUneLRjl2Q0Z81hiqi8P -----END CERTIFICATE-----Generated at Mon Aug 4 14:07:14 2025 by rpki-client