$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa File: 0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa (raw, json) Hash identifier: FW+/bZ8D2oaWvqulksoq9njFTMeu5cp/8WiR4QH8EBA= Subject key identifier: EC:63:F9:BC:9B:55:19:EA:0D:21:C1:EB:B3:42:9D:8F:C5:F0:74:07 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 14B715547978A6BDFA45464B4828D27D48B06D22 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa Signing time: Sat 02 Aug 2025 00:00:10 +0000 ROA not before: Sat 02 Aug 2025 00:00:10 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.232.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:b7:15:54:79:78:a6:bd:fa:45:46:4b:48:28:d2:7d:48:b0:6d:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 2 00:00:10 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=af5c94874088095017350f677c1bc96de06668a2ebeb82d4fcf262af9d5d9db3, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0b:f0:39:f5:c9:6e:32:6b:6a:84:81:95:af: c5:9e:eb:6a:d8:e7:14:30:85:2f:4d:5a:c0:09:24: 08:55:91:d8:64:d1:f6:17:04:f3:02:93:39:23:7a: 55:83:ec:8f:da:4b:e3:25:2a:43:d0:62:68:3e:96: ee:44:37:9b:d7:a8:86:fe:a2:44:aa:43:07:5c:2e: a9:32:45:44:99:7e:6d:7e:05:97:4f:72:03:4f:25: fc:91:80:9a:7a:f4:f3:4b:be:cb:c4:f7:56:a2:5f: e6:8d:d7:2c:88:c7:49:bb:5c:57:d9:e7:aa:6f:80: 4b:31:ae:02:76:99:29:16:ba:04:2d:92:09:28:5e: e3:d8:74:02:25:b6:ff:2c:35:15:02:e4:ad:cf:1e: cd:94:6c:d2:99:4a:2c:e9:c8:0e:3b:20:52:fc:da: d3:d5:49:fa:a9:05:66:6a:f7:24:7b:c1:e3:93:3d: 68:94:5e:89:1c:de:c4:64:ca:1c:af:48:c6:65:98: b6:86:24:6f:fb:81:c4:82:88:c4:f9:39:76:dc:4b: 5f:ad:0c:44:e3:4d:bf:9e:50:56:32:55:19:1c:c9: 00:07:2c:d7:69:50:77:90:07:09:f4:7e:e7:1d:7a: ec:27:b9:82:a6:fd:98:3b:f4:07:ab:0c:5b:c4:50: 02:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:63:F9:BC:9B:55:19:EA:0D:21:C1:EB:B3:42:9D:8F:C5:F0:74:07 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.232.0/22 Signature Algorithm: sha256WithRSAEncryption 6b:68:bb:89:72:8e:d3:c6:15:7d:a4:16:2e:88:00:15:90:63: ab:24:4f:ca:d5:6f:77:63:67:51:85:8d:cb:a2:0b:54:53:a9: 63:e6:e2:17:a1:ef:6e:a6:49:9f:82:85:61:b5:2f:59:ed:a2: 70:d4:f7:a4:82:96:91:46:30:8b:83:a3:09:08:11:a5:1e:ae: e1:0c:12:94:9f:4b:cd:41:9b:85:0e:5f:85:7f:82:fc:7d:33: 9f:e4:39:7c:d5:53:c4:d7:ce:2f:f1:fd:4f:bd:ee:e5:cc:dc: d0:7d:be:0c:26:ce:b6:54:a2:0c:69:15:d9:7e:57:14:44:61: e4:b0:15:a0:5f:a7:1b:27:f8:97:ca:f5:8a:a5:56:98:3c:bf: 0f:59:17:67:49:5b:15:af:01:e1:10:b9:d7:5b:af:2e:65:4f: 6b:4b:77:40:b3:d5:7e:1a:8c:75:04:1e:f0:d7:29:a4:da:76: 54:9e:69:c8:45:96:c1:50:23:e0:5d:64:7f:d0:e7:e2:07:6f: 4c:6d:4e:a8:f3:d8:59:91:88:7a:65:45:b7:ce:bf:39:b2:b3: 29:cd:d8:22:11:51:2a:7e:83:86:89:68:1a:e8:71:38:76:54: 50:79:e5:17:d3:d6:be:47:8e:c7:6c:b6:62:bd:90:e1:8e:72: e5:1d:aa:a5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFLcVVHl4pr36RUZLSCjSfUiwbSIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwMjAwMDAxMFoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAYWY1Yzk0ODc0MDg4MDk1MDE3MzUw ZjY3N2MxYmM5NmRlMDY2NjhhMmViZWI4MmQ0ZmNmMjYyYWY5ZDVkOWRiMzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgvwOfXJbjJraoSBla/Fnutq2OcU MIUvTVrACSQIVZHYZNH2FwTzApM5I3pVg+yP2kvjJSpD0GJoPpbuRDeb16iG/qJE qkMHXC6pMkVEmX5tfgWXT3IDTyX8kYCaevTzS77LxPdWol/mjdcsiMdJu1xX2eeq b4BLMa4CdpkpFroELZIJKF7j2HQCJbb/LDUVAuStzx7NlGzSmUos6cgOOyBS/NrT 1Un6qQVmavcke8Hjkz1olF6JHN7EZMocr0jGZZi2hiRv+4HEgojE+Tl23EtfrQxE 402/nlBWMlUZHMkAByzXaVB3kAcJ9H7nHXrsJ7mCpv2YO/QHqwxbxFACEwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOxj+bybVRnqDSHB67NCnY/F8HQHMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzBjNWM1NGZmLWY5NzctNGI5Ni04Y2U5LWExZWFmMDgyZmU5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrynoMA0GCSqGSIb3DQEBCwUAA4IBAQBraLuJco7TxhV9pBYuiAAV kGOrJE/K1W93Y2dRhY3LogtUU6lj5uIXoe9upkmfgoVhtS9Z7aJw1PekgpaRRjCL g6MJCBGlHq7hDBKUn0vNQZuFDl+Ff4L8fTOf5Dl81VPE184v8f1Pve7lzNzQfb4M Js62VKIMaRXZflcURGHksBWgX6cbJ/iXyvWKpVaYPL8PWRdnSVsVrwHhELnXW68u ZU9rS3dAs9V+Gox1BB7w1ymk2nZUnmnIRZbBUCPgXWR/0OfiB29MbU6o89hZkYh6 ZUW3zr85srMpzdgiEVEqfoOGiWga6HE4dlRQeeUX09a+R47HbLZivZDhjnLlHaql -----END CERTIFICATE-----Generated at Mon Aug 4 14:08:25 2025 by rpki-client