$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa File: 0bf15d3f-c546-4bb6-a764-82165c384d37.roa (raw, json) Hash identifier: wqmtLRiTOx+XRP0Hu5wCz4zM4dDDbcy4bbYs4TUuE9A= Subject key identifier: E4:85:58:82:9A:E7:1F:90:6D:CC:B1:87:A3:0B:66:56:97:88:35:DA Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 0C41B322EF05B2047D6EAD0DCECB7C7991CE40EF Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa Signing time: Sat 02 Aug 2025 00:00:11 +0000 ROA not before: Sat 02 Aug 2025 00:00:11 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:41:b3:22:ef:05:b2:04:7d:6e:ad:0d:ce:cb:7c:79:91:ce:40:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 2 00:00:11 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=7eb158b2c18f9906ce7174dcb594937ec52e06ef936ea848b40b2b46bebf576d, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:c1:0c:bc:7f:ea:dd:3a:7e:22:3e:57:4c:af: 9d:65:0f:43:e5:49:4a:a1:66:84:86:e3:ff:34:b2: ce:3c:a7:39:27:35:de:8c:18:aa:5f:7e:07:f4:28: f9:9a:b8:94:d0:af:4a:8f:8a:ad:11:6c:89:45:c1: 61:e4:23:59:9f:b9:e7:5a:1b:a8:f2:e6:ee:fc:e0: 94:50:01:d5:f4:4a:f5:2d:91:2f:89:f5:8b:c0:87: cb:08:92:a8:2a:3a:3b:64:53:cb:05:76:44:74:4e: a2:1e:db:93:06:ed:e0:92:aa:97:7b:84:8f:37:a3: 3d:ec:e9:84:b3:95:ba:a6:fa:5c:cf:29:97:11:41: 6b:8f:87:a0:7e:3e:9e:98:4b:30:48:dd:2e:f2:3f: 44:96:21:b2:c7:da:b7:af:69:6c:42:cf:b2:a5:67: 4f:c5:01:91:3b:9d:34:63:7a:de:7b:c9:2d:b2:7d: 00:e6:24:fd:fa:3a:82:8c:5f:cd:73:22:10:5b:7e: 38:12:30:fd:6c:46:37:1a:49:f1:8e:74:0c:a2:ae: 9e:f3:60:24:2b:b6:fe:6f:88:a5:68:54:ab:48:40: 7f:bf:71:bc:1c:77:43:ea:8c:80:62:2e:23:97:b8: 2b:cc:86:b8:f4:dd:36:eb:a5:02:76:30:f3:94:1f: 8f:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:85:58:82:9A:E7:1F:90:6D:CC:B1:87:A3:0B:66:56:97:88:35:DA X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.200.0/21 Signature Algorithm: sha256WithRSAEncryption af:9f:b9:3b:cf:fd:29:e6:f8:75:bb:64:05:1c:53:d4:b0:70: 5f:16:f8:13:90:b2:fb:10:df:d5:63:59:dc:15:3b:e4:53:d8: ec:5a:47:82:d7:6b:bb:15:26:c5:29:5c:0d:27:c7:69:36:41: e7:c4:9a:9a:8a:7f:30:f6:44:46:cd:98:f9:2e:b3:33:1d:1c: b5:4e:d8:9c:81:41:66:bc:a7:40:a3:56:22:fa:f2:95:88:89: 1e:29:54:6b:77:71:f3:70:ce:9e:b9:45:d2:96:d9:15:3a:65: e5:e3:ec:7f:0c:aa:b1:85:7b:62:63:a9:44:cb:7e:4a:f6:7b: 86:0c:3a:0f:33:0d:d1:eb:36:e8:f7:00:58:8a:ac:3d:90:20: f2:d4:eb:17:a1:a0:45:68:37:35:84:e7:c8:15:cb:d6:00:5f: 01:f9:23:fe:c3:8b:27:c7:13:b3:30:ef:4e:74:3f:10:c4:32: 3b:7f:a4:e2:3b:8e:22:45:43:60:7b:5f:be:5d:e1:d1:d6:99: ed:e8:08:a7:42:0a:c9:aa:68:bb:6c:97:e5:45:f8:1b:49:c7: 78:c3:16:a5:9b:8b:ad:c6:6b:40:2f:b8:6f:ea:3e:3e:72:84: 1a:9b:42:96:c0:d9:58:b3:a6:a7:c1:85:fc:5f:34:7b:09:91: af:15:0e:47 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDEGzIu8FsgR9bq0Nzst8eZHOQO8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwMjAwMDAxMVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAN2ViMTU4YjJjMThmOTkwNmNlNzE3 NGRjYjU5NDkzN2VjNTJlMDZlZjkzNmVhODQ4YjQwYjJiNDZiZWJmNTc2ZDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8EMvH/q3Tp+Ij5XTK+dZQ9D5UlK oWaEhuP/NLLOPKc5JzXejBiqX34H9Cj5mriU0K9Kj4qtEWyJRcFh5CNZn7nnWhuo 8ubu/OCUUAHV9Er1LZEvifWLwIfLCJKoKjo7ZFPLBXZEdE6iHtuTBu3gkqqXe4SP N6M97OmEs5W6pvpczymXEUFrj4egfj6emEswSN0u8j9EliGyx9q3r2lsQs+ypWdP xQGRO500Y3ree8ktsn0A5iT9+jqCjF/NcyIQW344EjD9bEY3GknxjnQMoq6e82Ak K7b+b4ilaFSrSEB/v3G8HHdD6oyAYi4jl7grzIa49N0266UCdjDzlB+PxwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOSFWIKa5x+Qbcyxh6MLZlaXiDXaMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzBiZjE1ZDNmLWM1NDYtNGJiNi1hNzY0LTgyMTY1YzM4NGQzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrynIMA0GCSqGSIb3DQEBCwUAA4IBAQCvn7k7z/0p5vh1u2QFHFPU sHBfFvgTkLL7EN/VY1ncFTvkU9jsWkeC12u7FSbFKVwNJ8dpNkHnxJqain8w9kRG zZj5LrMzHRy1TticgUFmvKdAo1Yi+vKViIkeKVRrd3HzcM6euUXSltkVOmXl4+x/ DKqxhXtiY6lEy35K9nuGDDoPMw3R6zbo9wBYiqw9kCDy1OsXoaBFaDc1hOfIFcvW AF8B+SP+w4snxxOzMO9OdD8QxDI7f6TiO44iRUNge1++XeHR1pnt6AinQgrJqmi7 bJflRfgbScd4wxalm4utxmtAL7hv6j4+coQam0KWwNlYs6anwYX8XzR7CZGvFQ5H -----END CERTIFICATE-----Generated at Mon Aug 4 14:52:11 2025 by rpki-client