$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json) Hash identifier: bzh2GGDOS5aX2WkxaXpOroA1RoAFzIFSKM1sVAYNCUc= Subject key identifier: 52:08:F7:9A:8F:E3:03:DA:C8:FE:02:C8:78:D6:87:8D:9F:32:37:DD Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 3831D0517304353BEDD32DFDDBDB220CF5B68F75 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa Signing time: Sat 02 Aug 2025 00:00:11 +0000 ROA not before: Sat 02 Aug 2025 00:00:11 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:31:d0:51:73:04:35:3b:ed:d3:2d:fd:db:db:22:0c:f5:b6:8f:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 2 00:00:11 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=99cebb5cdff9347cdc1b1bb8828f3dd021dadea473c028af45541ef625c8e4b4, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e7:d4:31:84:e0:1a:bb:33:f6:66:97:34:d3: 12:c3:c6:9f:96:86:b1:55:12:11:19:7a:41:1d:aa: 38:47:40:f5:5d:3e:40:88:30:87:ef:7c:e1:55:38: 10:9b:d6:3a:0d:a4:99:70:4c:44:a1:da:97:40:56: a9:00:ff:14:31:44:e5:2e:b2:91:ac:38:7e:05:12: 32:4d:2f:07:8e:0e:f3:f6:fa:57:8c:0d:93:7a:a4: 0b:33:a4:bf:cc:a5:13:97:1b:60:0a:46:c3:b9:88: e5:79:c2:0a:6f:bd:1e:af:40:40:ec:a8:a1:fe:4b: d5:9f:a0:dc:f8:e9:82:ac:07:ec:69:c0:ff:8a:9e: 1d:0e:0f:1e:79:97:50:20:d7:8a:bb:a3:2f:f4:e7: 3d:c3:ea:21:c4:81:85:34:09:22:05:3c:10:a1:e1: c6:79:35:08:fe:4f:4f:d7:63:07:c6:40:20:7a:c7: fb:75:a2:2d:95:2f:e7:10:45:5c:0a:92:5c:dc:95: 27:75:d4:61:a5:0b:eb:be:8e:c5:f5:d0:f7:ab:1a: b0:3e:18:07:84:19:71:c0:5e:5b:d7:47:f9:e5:09: a0:e6:1b:bb:7e:a0:73:0a:59:5c:04:98:f8:61:63: 16:a8:b1:a3:51:ee:8a:48:d4:ef:97:79:5c:38:e8: 99:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:08:F7:9A:8F:E3:03:DA:C8:FE:02:C8:78:D6:87:8D:9F:32:37:DD X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.224.0/21 Signature Algorithm: sha256WithRSAEncryption 07:f8:95:ef:af:23:df:23:fc:98:81:07:5d:16:a3:86:62:95: 38:a9:d2:a2:52:3a:72:43:47:fc:0a:8b:ed:bd:05:5a:84:cd: a8:64:f7:d9:80:82:ef:de:e8:f9:70:a0:17:16:d0:d7:19:7e: 7e:22:23:87:06:ed:c8:f2:c0:93:e7:5f:fa:1f:39:3c:d2:04: 72:c9:54:51:29:bf:44:02:9d:8c:50:c0:65:55:48:a2:c9:cb: ea:9f:87:c8:56:93:c8:ff:c0:16:44:3d:aa:1c:96:bd:46:f1: 0c:91:a5:5c:95:37:88:0f:73:32:26:22:39:17:f3:0c:24:eb: 3e:36:74:17:03:e7:d8:73:e6:13:ea:ba:b8:c8:da:8a:d2:b4: 58:a4:b9:a1:e4:d0:e2:43:6d:fd:9d:12:b2:d3:a4:95:e0:ab: 83:ef:d9:0e:d4:e8:31:c0:3b:d2:f4:85:a2:36:42:ba:9e:4d: 86:81:8c:2a:8c:60:a8:8b:52:86:26:ed:97:e1:b7:83:56:65: 16:5d:f2:ab:67:82:da:7d:b2:21:47:1a:9a:13:7e:a9:90:1f: cd:1c:3e:61:f7:5e:45:fa:55:8e:01:f1:bc:6d:af:f7:e0:76: 51:66:02:0a:c5:48:dd:3b:17:d0:12:0e:77:e0:1b:a3:cf:2c: 4b:db:8f:be -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUODHQUXMENTvt0y3929siDPW2j3UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwMjAwMDAxMVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAOTljZWJiNWNkZmY5MzQ3Y2RjMWIx YmI4ODI4ZjNkZDAyMWRhZGVhNDczYzAyOGFmNDU1NDFlZjYyNWM4ZTRiNDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+fUMYTgGrsz9maXNNMSw8afloax VRIRGXpBHao4R0D1XT5AiDCH73zhVTgQm9Y6DaSZcExEodqXQFapAP8UMUTlLrKR rDh+BRIyTS8Hjg7z9vpXjA2TeqQLM6S/zKUTlxtgCkbDuYjlecIKb70er0BA7Kih /kvVn6Dc+OmCrAfsacD/ip4dDg8eeZdQINeKu6Mv9Oc9w+ohxIGFNAkiBTwQoeHG eTUI/k9P12MHxkAgesf7daItlS/nEEVcCpJc3JUnddRhpQvrvo7F9dD3qxqwPhgH hBlxwF5b10f55Qmg5hu7fqBzCllcBJj4YWMWqLGjUe6KSNTvl3lcOOiZFQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFII95qP4wPayP4CyHjWh42fMjfdMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQAH+JXvryPfI/yYgQddFqOG YpU4qdKiUjpyQ0f8CovtvQVahM2oZPfZgILv3uj5cKAXFtDXGX5+IiOHBu3I8sCT 51/6Hzk80gRyyVRRKb9EAp2MUMBlVUiiycvqn4fIVpPI/8AWRD2qHJa9RvEMkaVc lTeID3MyJiI5F/MMJOs+NnQXA+fYc+YT6rq4yNqK0rRYpLmh5NDiQ239nRKy06SV 4KuD79kO1OgxwDvS9IWiNkK6nk2GgYwqjGCoi1KGJu2X4beDVmUWXfKrZ4LafbIh RxqaE36pkB/NHD5h915F+lWOAfG8ba/34HZRZgIKxUjdOxfQEg534BujzyxL24++ -----END CERTIFICATE-----Generated at Mon Aug 4 13:58:40 2025 by rpki-client