$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa File: 48a67156-122e-41d4-a2a8-8046cc5ecc41.roa (raw, json) Hash identifier: TmvV23v8BfdrADDunzEgadF+v1dR5s9dUQIw7sTW4eg= Subject key identifier: CB:02:B6:9C:7D:1D:F9:35:A9:6C:00:F2:1A:58:FE:76:7C:68:12:75 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 1EDDBE0321BD93678633B91F3F39E9AE5515F93F Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa Signing time: Fri 13 Jun 2025 00:00:07 +0000 ROA not before: Fri 13 Jun 2025 00:00:07 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.238.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:dd:be:03:21:bd:93:67:86:33:b9:1f:3f:39:e9:ae:55:15:f9:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jun 13 00:00:07 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=e2be4a507d5ae4e2ec2a3b43f93eb1019a72cf8d77ec64ac0a7b92488b3d5e22, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:6e:05:33:f2:a9:47:47:b3:f7:0e:9b:b1:d6: 84:a5:a0:f2:99:67:86:04:ac:44:4e:c5:f8:d4:1a: 4d:78:eb:33:a4:88:77:98:ce:81:7b:64:7a:1b:60: 25:b3:96:0d:c3:de:24:3a:84:40:d5:80:46:45:0d: 14:d3:e2:d9:72:cf:6f:97:9c:85:f5:30:25:82:dd: 06:fe:a4:04:05:ef:be:aa:0d:42:2f:a6:e7:64:68: f7:1a:84:37:9e:e3:f4:b6:6a:12:4c:2c:2e:a0:14: e1:1a:1c:d7:bd:d6:1d:15:f9:92:6d:81:75:53:9d: db:8f:fe:b7:57:a5:92:0c:e7:a6:d1:0d:3f:03:cf: fa:83:e7:62:be:4b:3b:54:65:32:02:21:3d:17:2e: f3:47:13:34:f6:f0:bf:5d:8f:7c:23:81:b4:36:39: a4:41:b0:b5:10:71:35:7d:1e:1e:ff:44:fc:4f:b9: d8:0f:ef:67:03:e0:7a:d1:4a:e8:32:42:af:b5:a0: 29:bb:bb:ad:a0:22:42:ed:5b:69:86:15:83:a0:04: 19:2f:33:d5:2d:36:47:6a:8e:c3:47:02:39:bc:ca: da:b9:0e:1f:2b:7a:d9:8a:53:13:84:f1:d0:15:88: 13:b1:00:78:a5:0a:5e:d3:a8:37:1e:38:3a:19:8e: fe:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:02:B6:9C:7D:1D:F9:35:A9:6C:00:F2:1A:58:FE:76:7C:68:12:75 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.238.0/23 Signature Algorithm: sha256WithRSAEncryption a9:e2:80:04:5c:a5:e3:99:47:71:ef:44:d3:b1:3a:b2:d1:f2: 08:16:ce:6f:03:1c:12:f4:9a:6b:85:1b:47:c5:8d:e3:30:b1: 5f:2b:0a:8d:5a:b3:96:88:f2:f6:ea:fb:a2:fa:fb:73:c5:6d: 3a:ed:7c:e8:b3:f5:e5:b6:fa:c6:dc:3f:5b:43:99:b5:09:05: 53:6c:8f:c2:dc:16:1d:93:85:7a:65:97:fc:6f:76:ff:ec:36: e4:13:5b:b0:4c:6f:0e:0b:41:76:e8:78:76:fa:e7:1d:b0:26: 5f:30:c2:d1:77:2a:0a:89:3a:39:31:1f:5e:98:66:43:35:1e: 67:67:ef:7a:f0:cb:21:5d:1c:12:dc:9b:ab:40:09:a0:82:95: 43:cb:07:1d:fb:77:83:62:78:05:70:64:a3:32:9e:b8:ed:33: fe:b8:97:84:2e:eb:8d:6d:0b:c2:78:a9:8b:86:1f:a4:2e:4a: e6:57:ad:a1:90:f1:6a:4e:93:ac:48:93:77:40:9b:3f:a8:d1: d1:c2:69:07:59:73:ea:25:29:dd:9a:f3:fb:3f:5f:8a:7a:09: 9f:79:d0:0e:1e:86:06:24:83:d7:86:94:dc:30:3b:95:bd:23: 2a:33:f7:d8:1c:46:81:47:70:ac:d1:61:fd:08:75:9c:ea:9f: 88:ad:9a:69 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUHt2+AyG9k2eGM7kfPznprlUV+T8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDYxMzAwMDAwN1oX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAZTJiZTRhNTA3ZDVhZTRlMmVjMmEz YjQzZjkzZWIxMDE5YTcyY2Y4ZDc3ZWM2NGFjMGE3YjkyNDg4YjNkNWUyMjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi24FM/KpR0ez9w6bsdaEpaDymWeG BKxETsX41BpNeOszpIh3mM6Be2R6G2Als5YNw94kOoRA1YBGRQ0U0+LZcs9vl5yF 9TAlgt0G/qQEBe++qg1CL6bnZGj3GoQ3nuP0tmoSTCwuoBThGhzXvdYdFfmSbYF1 U53bj/63V6WSDOem0Q0/A8/6g+divks7VGUyAiE9Fy7zRxM09vC/XY98I4G0Njmk QbC1EHE1fR4e/0T8T7nYD+9nA+B60UroMkKvtaApu7utoCJC7VtphhWDoAQZLzPV LTZHao7DRwI5vMrauQ4fK3rZilMThPHQFYgTsQB4pQpe06g3Hjg6GY7+HQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMsCtpx9Hfk1qWwA8hpY/nZ8aBJ1MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzQ4YTY3MTU2LTEyMmUtNDFkNC1hMmE4LTgwNDZjYzVlY2M0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrynuMA0GCSqGSIb3DQEBCwUAA4IBAQCp4oAEXKXjmUdx70TTsTqy 0fIIFs5vAxwS9JprhRtHxY3jMLFfKwqNWrOWiPL26vui+vtzxW067Xzos/XltvrG 3D9bQ5m1CQVTbI/C3BYdk4V6ZZf8b3b/7DbkE1uwTG8OC0F26Hh2+ucdsCZfMMLR dyoKiTo5MR9emGZDNR5nZ+968MshXRwS3JurQAmggpVDywcd+3eDYngFcGSjMp64 7TP+uJeELuuNbQvCeKmLhh+kLkrmV62hkPFqTpOsSJN3QJs/qNHRwmkHWXPqJSnd mvP7P1+KegmfedAOHoYGJIPXhpTcMDuVvSMqM/fYHEaBR3Cs0WH9CHWc6p+IrZpp -----END CERTIFICATE-----Generated at Sat Jun 14 06:18:21 2025 by rpki-client