$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa File: 2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa (raw, json) Hash identifier: 0C7Nv1Y8OiwG/GydIvjI6Z/RsI3vhVG/3sqaQKkSFZM= Subject key identifier: 3E:19:6B:25:EB:A3:0F:60:86:13:F3:53:97:30:4C:F6:BA:B4:62:C1 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 52AF785511244D274C17DC7A7271F83826EFCE17 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa Signing time: Sat 02 Aug 2025 00:00:02 +0000 ROA not before: Sat 02 Aug 2025 00:00:02 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:af:78:55:11:24:4d:27:4c:17:dc:7a:72:71:f8:38:26:ef:ce:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 2 00:00:02 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=1a7019b5e8b7827787394ec8883231b477e08e9d81283958aaec303934a83ef3, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:dc:09:5d:f4:d4:b2:bf:2b:bb:cd:b8:a0:6a: 69:e8:49:17:6f:65:1e:d5:40:b2:a3:93:48:92:18: 87:fe:53:ac:43:7a:4a:4d:2d:56:7c:b9:54:20:1e: c2:aa:2f:0a:9b:60:ce:27:67:4b:70:0b:b4:e0:9b: c3:d1:e0:18:50:c3:c5:31:cb:33:31:55:54:8b:40: 60:32:df:83:cb:20:fd:bc:a5:62:2c:5f:8a:94:31: ca:e8:42:3b:91:27:94:45:50:65:74:07:07:9a:36: 29:4e:8a:02:ef:47:10:78:0d:f8:e0:03:bd:9b:92: 57:fa:75:34:88:6a:7d:e1:eb:03:7a:c7:1f:5d:78: 7f:05:fa:a8:f1:b1:45:0d:21:b5:89:70:4c:d8:0a: 1a:f1:57:03:5a:33:78:ee:26:68:3b:fb:96:41:2b: 9e:8d:88:65:da:7b:f3:25:e7:7d:fc:fc:e4:2b:55: 04:eb:d1:63:55:f9:00:3f:af:86:e2:f8:fa:b4:cc: bc:e3:83:f9:78:3b:00:08:62:c2:07:e2:3c:d0:2d: 6e:d5:5b:3a:63:1d:a6:8d:22:53:0a:6e:1c:ec:b7: de:45:f7:89:e9:12:23:dc:7d:86:0c:94:bf:35:fe: c6:4c:df:05:a7:8c:ec:f3:79:bb:39:4d:0c:2e:71: 8f:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:19:6B:25:EB:A3:0F:60:86:13:F3:53:97:30:4C:F6:BA:B4:62:C1 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.193.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:d1:64:d6:b9:92:a5:77:76:60:3d:a6:b2:b6:b2:b0:77:02: 55:44:f7:fc:61:e3:67:84:5f:8b:00:97:b1:0a:93:2d:6e:8e: fa:94:1f:a2:59:94:93:10:4f:69:b0:a8:86:b3:a1:b1:a6:74: e7:2f:f7:34:13:c2:c9:57:c8:ca:d8:cd:0b:d4:7f:8b:2c:ce: 2a:01:8f:6e:e8:db:be:1e:f6:b7:d0:4c:b5:3c:4e:2d:e3:a5: 67:c5:c5:8a:4f:65:5e:63:cc:1b:42:91:68:1c:df:8c:1c:59: 27:33:43:a0:fc:0c:67:ee:8a:c3:be:9a:7d:83:31:b0:b7:7b: af:5e:03:58:4b:c1:e0:97:55:39:dd:e1:9e:3b:7b:9d:9c:20: cf:5c:5b:28:57:0a:83:e9:50:b1:44:39:a7:b4:1d:a7:3e:0b: 2f:ea:fc:49:d8:74:65:da:82:d2:0f:36:48:61:64:fe:9f:d6: 6e:32:e4:97:91:be:ad:3e:b6:7f:16:a5:bb:14:4f:bb:e0:21: 3c:28:6d:b5:b3:0f:33:89:f8:00:97:a3:dc:d7:99:58:72:bf: 84:b6:78:31:44:2e:2a:fd:9d:41:ee:4d:08:39:df:61:8c:83: 1d:05:95:9d:d8:b7:be:21:4f:40:94:57:b0:fc:99:0f:cf:f4: a7:03:e4:4f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUq94VREkTSdMF9x6cnH4OCbvzhcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwMjAwMDAwMloX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAMWE3MDE5YjVlOGI3ODI3Nzg3Mzk0 ZWM4ODgzMjMxYjQ3N2UwOGU5ZDgxMjgzOTU4YWFlYzMwMzkzNGE4M2VmMzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dwJXfTUsr8ru824oGpp6EkXb2Ue 1UCyo5NIkhiH/lOsQ3pKTS1WfLlUIB7Cqi8Km2DOJ2dLcAu04JvD0eAYUMPFMcsz MVVUi0BgMt+DyyD9vKViLF+KlDHK6EI7kSeURVBldAcHmjYpTooC70cQeA344AO9 m5JX+nU0iGp94esDescfXXh/Bfqo8bFFDSG1iXBM2Aoa8VcDWjN47iZoO/uWQSue jYhl2nvzJed9/PzkK1UE69FjVfkAP6+G4vj6tMy844P5eDsACGLCB+I80C1u1Vs6 Yx2mjSJTCm4c7LfeRfeJ6RIj3H2GDJS/Nf7GTN8Fp4zs83m7OU0MLnGPXQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFD4ZayXrow9ghhPzU5cwTPa6tGLBMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzJmNDdkY2RkLWMzODQtNGViMi1hZWZkLWY0YWQ2NGYyNmNjZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynBMA0GCSqGSIb3DQEBCwUAA4IBAQAv0WTWuZKld3ZgPaaytrKw dwJVRPf8YeNnhF+LAJexCpMtbo76lB+iWZSTEE9psKiGs6GxpnTnL/c0E8LJV8jK 2M0L1H+LLM4qAY9u6Nu+Hva30Ey1PE4t46VnxcWKT2VeY8wbQpFoHN+MHFknM0Og /Axn7orDvpp9gzGwt3uvXgNYS8Hgl1U53eGeO3udnCDPXFsoVwqD6VCxRDmntB2n Pgsv6vxJ2HRl2oLSDzZIYWT+n9ZuMuSXkb6tPrZ/FqW7FE+74CE8KG21sw8zifgA l6Pc15lYcr+EtngxRC4q/Z1B7k0IOd9hjIMdBZWd2Le+IU9AlFew/JkPz/SnA+RP -----END CERTIFICATE-----Generated at Mon Aug 4 13:59:45 2025 by rpki-client