$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: txvWBLi+ZIkOLsusN4SjGxDvmm9EM7mUiNeN99eJu/A= Subject key identifier: 53:B6:66:69:5E:5A:EC:41:0B:AE:0A:7E:E0:93:BE:7E:9C:D3:B6:B6 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4AC984E15D5F6181B38734D0134F296DF3273A54 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Fri 01 Aug 2025 00:50:03 +0000 ROA not before: Fri 01 Aug 2025 00:50:03 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:c9:84:e1:5d:5f:61:81:b3:87:34:d0:13:4f:29:6d:f3:27:3a:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 1 00:50:03 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=6f612cce0263e61310004be059164da27b43eba3b7eece441128bcd684badba6, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d9:be:c3:cf:fd:66:3e:e4:7f:a4:58:c4:43: 85:e7:5a:20:ba:af:bd:20:c8:ea:7b:5e:e7:c2:5e: f3:c7:21:11:e7:5c:08:c4:19:51:9f:3f:be:31:2b: d1:72:1d:3d:bc:47:c5:8b:f0:70:72:39:e9:06:55: 1c:38:2e:5d:05:bf:79:21:48:ae:99:46:c1:bd:1c: c7:9e:37:ca:e5:70:39:da:e7:3b:23:9a:9e:1c:49: 52:70:79:f0:24:fe:26:e7:78:2e:78:0b:5d:8f:ed: cf:09:57:9d:fc:fe:8e:85:04:65:7f:bd:1d:ed:ac: 02:8a:3e:24:73:e1:54:00:82:f6:a2:23:21:3a:60: 8d:a5:12:2f:4d:42:04:c0:29:1d:b4:68:a0:c1:56: df:fd:7e:85:1f:45:59:39:50:3a:b5:44:df:f4:98: 71:d5:22:05:49:d6:a0:4e:e5:3d:06:8a:c4:75:5d: 07:b4:51:7f:ea:27:9f:83:f5:b2:05:f4:03:83:0f: b2:46:52:d9:ca:e3:13:2f:a1:57:17:23:2c:27:aa: 4a:a3:f0:eb:5b:3d:af:31:45:d9:22:7e:12:19:cb: 4c:15:cb:34:7f:47:1b:bd:dc:0d:84:f4:e0:11:2c: e6:52:b0:0c:c5:a4:73:fe:05:60:0d:f8:eb:bf:a0: 49:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:B6:66:69:5E:5A:EC:41:0B:AE:0A:7E:E0:93:BE:7E:9C:D3:B6:B6 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 5d:df:72:21:60:e9:53:2e:c8:35:3b:60:de:87:bf:3f:2e:52: 1b:98:a6:78:df:5b:d2:7e:55:07:b5:51:22:7b:7c:1b:1b:2a: 21:57:ad:4c:4d:fc:26:d2:ef:12:fa:56:c6:60:da:ae:8a:ba: 21:68:a6:08:7d:9c:40:b1:7d:bf:61:12:dd:1b:7b:e3:ab:18: b5:c7:3b:85:c5:c1:bf:16:7b:2c:76:10:9c:2b:d7:c8:7b:7f: b8:61:e4:3f:ab:72:8a:15:e8:d8:ee:0f:b7:b9:d1:b0:f1:5c: 4d:7f:a9:31:e4:11:88:80:7b:67:af:3a:15:7b:a4:07:0d:5e: d3:e1:d3:04:69:33:be:24:25:1d:f6:d7:a5:d2:86:a3:97:8e: f7:a9:f8:e0:bd:a5:57:d7:89:aa:7e:70:54:9c:ec:ac:da:f6: 47:ca:a6:57:8a:dc:3c:2b:93:18:ec:d9:54:97:70:6b:09:b1: e2:d5:fd:6b:b8:f0:54:56:4e:d7:01:81:52:58:9e:bd:c2:7f: db:fb:41:64:d6:19:53:89:df:20:d6:53:d9:eb:c9:67:4e:9d: eb:23:c7:b3:a2:10:84:81:09:8e:f8:41:d9:f9:ba:7e:42:df: 83:c0:5b:3f:c1:15:85:b2:ca:db:8f:d2:98:17:9b:8d:34:6f: 79:37:01:64 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSsmE4V1fYYGzhzTQE08pbfMnOlQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgwMTAwNTAwM1oX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNANmY2MTJjY2UwMjYzZTYxMzEwMDA0 YmUwNTkxNjRkYTI3YjQzZWJhM2I3ZWVjZTQ0MTEyOGJjZDY4NGJhZGJhNjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtm+w8/9Zj7kf6RYxEOF51oguq+9 IMjqe17nwl7zxyER51wIxBlRnz++MSvRch09vEfFi/BwcjnpBlUcOC5dBb95IUiu mUbBvRzHnjfK5XA52uc7I5qeHElScHnwJP4m53gueAtdj+3PCVed/P6OhQRlf70d 7awCij4kc+FUAIL2oiMhOmCNpRIvTUIEwCkdtGigwVbf/X6FH0VZOVA6tUTf9Jhx 1SIFSdagTuU9BorEdV0HtFF/6iefg/WyBfQDgw+yRlLZyuMTL6FXFyMsJ6pKo/Dr Wz2vMUXZIn4SGctMFcs0f0cbvdwNhPTgESzmUrAMxaRz/gVgDfjrv6BJaQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFO2ZmleWuxBC64KfuCTvn6c07a2MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQBd33IhYOlTLsg1O2Deh78/ LlIbmKZ431vSflUHtVEie3wbGyohV61MTfwm0u8S+lbGYNquirohaKYIfZxAsX2/ YRLdG3vjqxi1xzuFxcG/FnssdhCcK9fIe3+4YeQ/q3KKFejY7g+3udGw8VxNf6kx 5BGIgHtnrzoVe6QHDV7T4dMEaTO+JCUd9tel0oajl473qfjgvaVX14mqfnBUnOys 2vZHyqZXitw8K5MY7NlUl3BrCbHi1f1ruPBUVk7XAYFSWJ69wn/b+0Fk1hlTid8g 1lPZ68lnTp3rI8ezohCEgQmO+EHZ+bp+Qt+DwFs/wRWFssrbj9KYF5uNNG95NwFk -----END CERTIFICATE-----Generated at Mon Aug 4 21:40:24 2025 by rpki-client