$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa File: d953b731-7921-47dd-abf3-b7b8cc367900.roa (raw, json) Hash identifier: h4ZB/MWEgyJ8LZrf1SxnyFlIxQ+R+CVKJktPaoigBZ4= Subject key identifier: 66:94:1E:D8:0A:15:47:4B:E1:82:79:BF:32:DB:2F:7E:41:22:83:74 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 6780C2DE3666FBDFD2BE662B30496638AFBB807F Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa Signing time: Sat 02 Aug 2025 00:00:02 +0000 ROA not before: Sat 02 Aug 2025 00:00:02 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 15:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:80:c2:de:36:66:fb:df:d2:be:66:2b:30:49:66:38:af:bb:80:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:02 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=c25462e5608247ed3d2c3e26fc14eef5bb9a5fd279a5e2869b5bb05fea6834f3, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:85:47:d1:09:0c:f8:e3:81:7b:63:9a:fd:3c: 25:31:bd:c7:1d:fb:6b:18:ad:69:58:5f:d6:17:f4: b9:0d:ed:72:c0:3f:fb:a7:0a:1b:e1:ef:02:a8:5d: 70:8a:70:a8:b5:06:06:e5:99:14:b3:f8:67:4a:28: e2:48:cb:0c:be:9f:52:7d:d8:b7:02:c0:b0:7f:04: d7:ed:b8:85:29:65:68:62:f0:5a:10:b9:54:de:33: 20:06:98:36:90:7a:87:a2:a9:b3:02:36:c9:c5:25: af:19:98:ce:c6:bd:fb:a6:ff:4f:aa:5a:e3:f9:03: 13:20:8e:5c:ef:f2:d8:1c:89:e6:76:1a:37:da:9c: d2:cb:4c:6d:73:03:a1:33:77:fd:6d:7c:d2:9c:60: 97:43:80:a7:aa:1d:f5:1b:5c:18:bf:9f:a3:63:0e: a1:a7:03:7c:e9:57:05:df:90:c5:79:c7:0e:51:a3: 08:ad:2d:be:dc:f4:f2:4b:15:17:4c:be:0e:71:2d: 23:81:66:ac:52:96:a7:0c:24:fe:0a:bc:aa:b4:36: 89:17:a9:97:30:03:87:cd:9b:52:7f:14:48:e9:74: 83:3e:e2:66:bc:f4:b4:3f:4c:b0:39:32:ab:43:d6: 5f:70:c2:9f:0e:38:72:55:b2:5d:ad:7b:ab:82:de: 4e:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:94:1E:D8:0A:15:47:4B:E1:82:79:BF:32:DB:2F:7E:41:22:83:74 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d953b731-7921-47dd-abf3-b7b8cc367900.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/18 Signature Algorithm: sha256WithRSAEncryption 6b:3c:ae:f5:26:d7:87:ed:93:ee:67:08:79:ed:d3:04:8b:50: 41:80:ba:49:90:3e:68:df:e4:bd:da:7e:9d:67:b5:36:ac:6b: 8b:8c:71:f2:60:5d:99:cd:09:81:3d:56:ad:2a:46:9d:a2:6b: da:20:14:db:ef:07:55:91:37:28:c7:ab:a3:20:8f:3c:4c:6c: 1d:38:18:c5:9c:a7:b4:8a:4d:53:52:d5:c3:89:32:83:0f:c0: 52:6a:eb:da:dc:fd:ba:3d:10:ad:94:cc:c9:14:db:2d:fc:0f: 1c:c3:2c:e1:0a:dc:70:1d:b6:23:66:b3:f1:a7:4d:b8:4d:94: a7:0d:1b:5c:a6:2f:56:1d:de:e2:8b:5f:3f:48:4a:d7:60:2e: 54:67:10:e8:c0:3a:dc:45:6f:19:ca:e8:95:b7:9d:50:8a:ba: 36:01:1b:56:ba:79:85:c7:19:14:8e:f7:eb:74:d4:35:41:7f: 45:41:2b:30:8b:18:7d:e2:ff:af:5b:06:24:59:17:22:a8:06: 58:8b:d4:a9:33:b4:08:3a:12:17:d9:01:2f:87:46:2b:e8:ba: 78:97:80:a3:bc:65:ee:be:aa:ae:e0:df:62:57:e5:d8:c4:62: 5e:92:26:df:66:11:54:15:33:db:fc:fc:56:83:3d:b9:40:89: 29:b5:df:90 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZ4DC3jZm+9/SvmYrMElmOK+7gH8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAwMloX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAYzI1NDYyZTU2MDgyNDdlZDNkMmMz ZTI2ZmMxNGVlZjViYjlhNWZkMjc5YTVlMjg2OWI1YmIwNWZlYTY4MzRmMzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34VH0QkM+OOBe2Oa/TwlMb3HHftr GK1pWF/WF/S5De1ywD/7pwob4e8CqF1winCotQYG5ZkUs/hnSijiSMsMvp9Sfdi3 AsCwfwTX7biFKWVoYvBaELlU3jMgBpg2kHqHoqmzAjbJxSWvGZjOxr37pv9Pqlrj +QMTII5c7/LYHInmdho32pzSy0xtcwOhM3f9bXzSnGCXQ4Cnqh31G1wYv5+jYw6h pwN86VcF35DFeccOUaMIrS2+3PTySxUXTL4OcS0jgWasUpanDCT+CryqtDaJF6mX MAOHzZtSfxRI6XSDPuJmvPS0P0ywOTKrQ9ZfcMKfDjhyVbJdrXurgt5OgwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGaUHtgKFUdL4YJ5vzLbL35BIoN0MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2Q5NTNiNzMxLTc5MjEtNDdkZC1hYmYzLWI3YjhjYzM2NzkwMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQBrPK71JteH7ZPuZwh57dME i1BBgLpJkD5o3+S92n6dZ7U2rGuLjHHyYF2ZzQmBPVatKkadomvaIBTb7wdVkTco x6ujII88TGwdOBjFnKe0ik1TUtXDiTKDD8BSauva3P26PRCtlMzJFNst/A8cwyzh CtxwHbYjZrPxp024TZSnDRtcpi9WHd7ii18/SErXYC5UZxDowDrcRW8ZyuiVt51Q iro2ARtWunmFxxkUjvfrdNQ1QX9FQSswixh94v+vWwYkWRciqAZYi9SpM7QIOhIX 2QEvh0Yr6Lp4l4CjvGXuvqqu4N9iV+XYxGJekibfZhFUFTPb/PxWgz25QIkptd+Q -----END CERTIFICATE-----Generated at Wed Aug 6 04:00:12 2025 by rpki-client