$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa File: e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa (raw, json) Hash identifier: dClEonqXxXGeK3AlK7PwDwEIvV/bh31mEliYfQYbDzE= Subject key identifier: A1:C2:FF:B5:6A:5D:24:77:A8:68:7D:5C:7B:B7:39:8D:C5:8D:AF:A0 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 065574D7FD49000F793CDFF6F5D83B3916207AB3 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa Signing time: Sat 02 Aug 2025 00:00:01 +0000 ROA not before: Sat 02 Aug 2025 00:00:01 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:55:74:d7:fd:49:00:0f:79:3c:df:f6:f5:d8:3b:39:16:20:7a:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Aug 2 00:00:01 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=4609d7e236393e27107c68f3abede4009d0e542648e944b60ef70e58595d5ffe, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:65:54:cb:25:29:33:69:80:ab:a6:08:19:ca: 7e:bd:eb:b5:6b:f8:2b:ab:7b:97:13:53:84:a9:7b: 2f:1a:2c:00:fe:e5:61:a0:5c:89:9f:b2:3b:58:9e: 94:d5:e9:c0:0d:f7:34:ae:6b:2a:5d:b1:2e:1b:5b: 01:19:49:f2:e4:43:52:28:25:8f:7f:93:4f:26:d4: 9e:e4:48:34:6a:13:7c:91:9f:4d:c4:26:8b:49:c6: fc:c4:f6:73:32:ca:4e:16:3c:0a:80:b7:ce:5d:4e: d7:d7:86:bb:a6:8c:37:92:ba:ed:19:d6:fa:04:45: b6:81:68:ee:56:90:1f:40:6c:2a:77:48:fa:0f:8c: 5e:16:78:5e:a7:d6:b8:bc:4d:29:e8:c0:43:d3:cc: 96:55:3e:bc:5c:0f:05:a7:04:31:30:04:b6:be:f2: e6:4c:ad:09:d1:92:79:38:48:06:44:87:e3:ce:79: bd:00:bf:71:d7:55:17:ef:b3:08:51:f7:f7:52:a0: 62:11:61:0e:7f:13:e3:87:23:5c:8c:4c:e3:28:98: ca:5b:b0:ef:a9:c4:8b:01:9f:7b:8b:e2:15:b6:9b: f0:58:c6:cc:aa:46:fe:67:c3:f2:ca:7d:0f:aa:9b: 79:c5:28:ed:a5:46:d2:58:9b:a7:1a:e9:42:6b:1c: e5:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:C2:FF:B5:6A:5D:24:77:A8:68:7D:5C:7B:B7:39:8D:C5:8D:AF:A0 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption b6:82:3c:d8:99:48:00:94:cf:00:73:7e:7e:3e:13:b1:d2:3f: ae:80:13:f2:47:50:27:e6:89:00:ff:b8:b2:43:aa:64:d3:6a: e8:bc:6f:43:4d:5c:2a:ff:2e:cd:72:14:18:b8:76:09:aa:06: 3d:a7:30:39:73:81:06:0b:00:c6:ef:e0:18:65:0b:ef:03:46: 94:d1:71:a4:9a:7e:3f:b2:69:28:b2:1d:45:10:52:2f:9d:cf: cc:ff:80:e2:4c:14:6d:7c:ee:b6:d8:de:2c:c0:88:9d:d5:d8: bb:a7:1f:ec:1a:42:e5:7f:e6:a9:c7:dd:97:a3:4b:e4:6b:0b: 13:94:b1:37:3c:28:a8:0e:ac:d1:92:5b:b0:87:33:39:d2:76: 23:a9:51:7d:e7:a3:57:ee:45:79:8a:c6:1b:4c:7b:81:10:90: ad:10:ed:ee:08:17:28:ba:24:22:9f:b9:4b:16:ef:0b:25:4b: 5d:af:09:c1:36:3c:0f:b4:69:c8:dd:80:97:13:d2:20:7c:28: e5:3b:0a:e2:33:36:3c:49:9b:37:09:c3:19:df:0a:da:e7:49: 46:52:fd:6d:f5:1b:d7:81:d4:d0:99:8b:f3:c7:dc:7c:0b:a3: d7:02:c2:e5:96:b9:bc:07:a1:42:91:30:fb:48:4f:4e:1a:51: eb:94:33:3c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBlV01/1JAA95PN/29dg7ORYgerMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDgwMjAwMDAwMVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNANDYwOWQ3ZTIzNjM5M2UyNzEwN2M2 OGYzYWJlZGU0MDA5ZDBlNTQyNjQ4ZTk0NGI2MGVmNzBlNTg1OTVkNWZmZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mVUyyUpM2mAq6YIGcp+veu1a/gr q3uXE1OEqXsvGiwA/uVhoFyJn7I7WJ6U1enADfc0rmsqXbEuG1sBGUny5ENSKCWP f5NPJtSe5Eg0ahN8kZ9NxCaLScb8xPZzMspOFjwKgLfOXU7X14a7pow3krrtGdb6 BEW2gWjuVpAfQGwqd0j6D4xeFnhep9a4vE0p6MBD08yWVT68XA8FpwQxMAS2vvLm TK0J0ZJ5OEgGRIfjznm9AL9x11UX77MIUff3UqBiEWEOfxPjhyNcjEzjKJjKW7Dv qcSLAZ97i+IVtpvwWMbMqkb+Z8Pyyn0Pqpt5xSjtpUbSWJunGulCaxzlNwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKHC/7VqXSR3qGh9XHu3OY3Fja+gMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2UzMmM5Y2JkLWEyNDEtNGRmNi05OWJiLWU3ZDE1YWJlNGIzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjoMA0GCSqGSIb3DQEBCwUAA4IBAQC2gjzYmUgAlM8Ac35+PhOx 0j+ugBPyR1An5okA/7iyQ6pk02rovG9DTVwq/y7NchQYuHYJqgY9pzA5c4EGCwDG 7+AYZQvvA0aU0XGkmn4/smkosh1FEFIvnc/M/4DiTBRtfO622N4swIid1di7px/s GkLlf+apx92Xo0vkawsTlLE3PCioDqzRkluwhzM50nYjqVF956NX7kV5isYbTHuB EJCtEO3uCBcouiQin7lLFu8LJUtdrwnBNjwPtGnI3YCXE9IgfCjlOwriMzY8SZs3 CcMZ3wra50lGUv1t9RvXgdTQmYvzx9x8C6PXAsLllrm8B6FCkTD7SE9OGlHrlDM8 -----END CERTIFICATE-----Generated at Mon Aug 4 19:04:23 2025 by rpki-client