$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa File: adf75e2e-9d2c-4718-a49d-ad44079b266b.roa (raw, json) Hash identifier: sKPpAS9zxq4u3F00zpIE53W6iu679gdzmw2+O/AYu64= Subject key identifier: C3:C7:70:8F:F8:72:F4:EB:DA:A0:6E:9D:A2:23:8B:86:87:7D:9A:75 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 08B71C5749C2F60C0C3E10082DBD73355D2F5082 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa Signing time: Fri 17 Oct 2025 00:01:30 +0000 ROA not before: Fri 17 Oct 2025 00:01:30 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 00:02:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:b7:1c:57:49:c2:f6:0c:0c:3e:10:08:2d:bd:73:35:5d:2f:50:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:30 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=bbc6d48a81f5e3e696dce3a25bbf1de67c51494961122e1821928b1fb9b3e1ac, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d3:25:ac:39:81:b9:89:6a:29:8b:60:57:15: f4:d8:83:4c:ab:4f:3a:7f:d5:92:6a:f3:d7:b9:9a: 65:6f:74:4f:f9:51:9c:30:1a:ac:b5:2e:ae:ef:90: 8c:ae:31:14:75:28:02:f0:3f:7a:b6:70:23:3c:c2: a4:ab:41:7e:60:fe:b8:91:05:dd:1b:71:36:bd:df: 20:25:34:f8:d4:49:20:96:4c:e0:d4:45:b6:de:a7: 77:fb:f0:28:56:f8:bc:8c:71:cf:1f:ac:76:df:ae: 16:68:0c:b8:c3:7d:5a:06:97:b3:63:de:e0:f1:17: b1:69:4a:da:43:c3:a9:84:63:a4:ea:e2:7d:d4:9e: 7d:e6:46:e4:7a:5c:a3:9e:85:80:8b:c9:47:44:2a: e3:f3:e8:cc:4f:24:79:9e:3f:7c:ce:ec:71:16:d6: 00:4a:50:89:eb:11:8b:fb:e6:39:90:eb:f3:a8:5b: 54:0f:b4:87:39:f1:14:79:8e:8e:f3:f5:c7:77:1e: b7:88:97:60:fc:c1:62:6b:a1:50:ae:53:b5:d8:db: 69:d9:0c:35:9f:63:6a:c6:3a:32:2c:9a:8e:2d:51: e5:fc:8f:5e:61:30:5a:d1:3f:37:5c:2a:19:60:81: 7e:31:41:1f:04:e8:b9:11:95:46:8f:47:ce:3b:db: b5:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:C7:70:8F:F8:72:F4:EB:DA:A0:6E:9D:A2:23:8B:86:87:7D:9A:75 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/adf75e2e-9d2c-4718-a49d-ad44079b266b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.152.0/21 Signature Algorithm: sha256WithRSAEncryption 32:ba:cc:98:1e:b5:65:75:27:5e:87:11:5d:e6:b0:e1:0d:03: bd:ee:ab:97:43:49:b6:41:ca:00:9a:6b:ea:75:e6:ea:05:10: 0f:9a:e3:65:b3:8a:b9:c1:87:66:d2:a9:99:1b:db:64:9d:6f: 0b:d9:a3:0a:d2:75:5a:72:f2:61:40:d2:0e:69:ca:c6:17:91: 81:1c:31:4b:55:a7:a1:0e:d2:ec:35:de:79:e5:78:f3:6a:00: 74:a3:9a:8a:a5:e9:d1:bb:7e:ba:32:65:0c:e7:b2:85:42:61: 78:52:4c:c3:62:62:33:ac:38:0d:32:a1:a3:bf:b1:fd:20:6f: 52:02:24:aa:84:82:8c:97:0e:92:7c:91:51:71:6b:21:44:5d: ba:01:4e:4f:75:9b:9c:04:f2:0a:fc:9c:a3:2a:2b:53:e7:46: e2:a0:81:5e:54:3c:58:26:58:dc:7e:48:39:45:78:91:c8:84: 2d:44:2d:3c:b7:f2:53:60:6d:08:0a:94:25:f5:8b:f7:ce:59: 14:f0:98:57:be:6f:b1:60:af:f7:8b:be:c4:f5:89:2e:55:7a: a9:70:31:ea:9e:39:b5:48:3a:b3:19:b2:b2:71:75:c4:20:f4: 24:4d:c9:98:e6:33:82:e4:ea:df:06:f8:1c:d1:08:3a:24:d0: 5c:62:2d:f5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUCLccV0nC9gwMPhAILb1zNV0vUIIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEzMFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAYmJjNmQ0OGE4MWY1ZTNlNjk2ZGNl M2EyNWJiZjFkZTY3YzUxNDk0OTYxMTIyZTE4MjE5MjhiMWZiOWIzZTFhYzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttMlrDmBuYlqKYtgVxX02INMq086 f9WSavPXuZplb3RP+VGcMBqstS6u75CMrjEUdSgC8D96tnAjPMKkq0F+YP64kQXd G3E2vd8gJTT41Ekglkzg1EW23qd3+/AoVvi8jHHPH6x2364WaAy4w31aBpezY97g 8RexaUraQ8OphGOk6uJ91J595kbkelyjnoWAi8lHRCrj8+jMTyR5nj98zuxxFtYA SlCJ6xGL++Y5kOvzqFtUD7SHOfEUeY6O8/XHdx63iJdg/MFia6FQrlO12Ntp2Qw1 n2NqxjoyLJqOLVHl/I9eYTBa0T83XCoZYIF+MUEfBOi5EZVGj0fOO9u1SQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMPHcI/4cvTr2qBunaIji4aHfZp1MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2FkZjc1ZTJlLTlkMmMtNDcxOC1hNDlkLWFkNDQwNzliMjY2Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymYMA0GCSqGSIb3DQEBCwUAA4IBAQAyusyYHrVldSdehxFd5rDh DQO97quXQ0m2QcoAmmvqdebqBRAPmuNls4q5wYdm0qmZG9tknW8L2aMK0nVacvJh QNIOacrGF5GBHDFLVaehDtLsNd555XjzagB0o5qKpenRu366MmUM57KFQmF4UkzD YmIzrDgNMqGjv7H9IG9SAiSqhIKMlw6SfJFRcWshRF26AU5PdZucBPIK/JyjKitT 50bioIFeVDxYJljcfkg5RXiRyIQtRC08t/JTYG0ICpQl9Yv3zlkU8JhXvm+xYK/3 i77E9YkuVXqpcDHqnjm1SDqzGbKycXXEIPQkTcmY5jOC5OrfBvgc0Qg6JNBcYi31 -----END CERTIFICATE-----Generated at Wed Nov 5 00:51:30 2025 by rpki-client