$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa File: 48a67156-122e-41d4-a2a8-8046cc5ecc41.roa (raw, json) Hash identifier: nT3fRBuWjgL7NLMLR3rizYWaYHWnLoIwxAWGtucJ3cg= Subject key identifier: 51:7F:A7:A1:8C:A3:42:38:8B:F4:D4:EC:60:34:34:29:8D:8B:01:B5 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 0C5F316D12A648D551E70BCA4EFA91736C3462BE Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa Signing time: Sat 02 Aug 2025 00:00:06 +0000 ROA not before: Sat 02 Aug 2025 00:00:06 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.238.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:5f:31:6d:12:a6:48:d5:51:e7:0b:ca:4e:fa:91:73:6c:34:62:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 2 00:00:06 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=e591082faf2964d0c9b0ebb931220894c4f14490c0172a6987f69cfeb5175551, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:b4:2b:2b:2a:1d:be:ff:3d:5d:c4:36:99:2f: 69:9b:79:2f:46:0d:9e:28:5d:53:dc:61:d3:9d:ac: 34:f2:62:31:9f:fd:75:2d:92:81:5f:c6:e8:9d:04: 3d:87:cd:f8:be:26:c7:46:da:3f:e6:77:24:ed:1e: ab:86:3b:bb:cb:bc:c7:37:a5:f8:db:f9:f7:cd:e7: cb:64:a8:37:88:d7:0b:5f:5b:0c:16:9e:ff:00:3d: 41:ae:07:f5:fa:1c:6a:8b:e3:f2:97:de:fc:83:fe: f0:ff:a5:2f:8a:30:ff:09:be:42:47:cc:87:ea:7e: 76:66:e3:99:db:5b:fa:dc:3a:43:74:e8:7a:ca:40: 3e:f7:a1:14:8e:b6:f0:fd:55:4f:28:69:b9:5e:7c: 9e:f8:da:b4:35:36:f9:2c:c4:da:7c:fa:23:5c:4e: f7:25:30:2a:b3:11:8d:9b:6e:91:ad:e8:6b:75:3c: 24:0f:cf:38:14:4f:c1:fd:a1:0e:d9:1c:eb:b6:33: 61:ac:70:86:1a:d4:1e:4f:b0:3d:1a:00:20:17:18: 05:2c:60:e4:29:ee:92:2d:46:fd:97:3f:87:23:b3: b9:e0:18:7a:6e:77:52:db:a5:ce:79:ad:f5:a9:d7: 10:48:b9:a8:7c:c3:1a:8d:e8:20:44:69:01:0c:d3: 9d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:7F:A7:A1:8C:A3:42:38:8B:F4:D4:EC:60:34:34:29:8D:8B:01:B5 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.238.0/23 Signature Algorithm: sha256WithRSAEncryption 5d:93:30:01:ca:29:45:26:6f:05:ea:6d:07:ea:51:51:5a:2e: 2a:9e:c3:70:a1:43:c2:d2:bc:ad:a9:5e:00:cf:01:ca:27:d3: a0:2b:2d:3c:e0:78:bb:a8:27:74:05:c1:45:4b:b2:8b:d2:8f: 49:a2:01:d2:90:bb:6d:48:0b:f8:2d:62:80:d9:a8:6b:c8:68: 53:66:26:0f:aa:2c:85:7e:f0:b1:5e:98:60:50:27:df:08:3f: 4e:a4:42:6a:cd:73:fa:37:be:92:18:0b:d0:e0:94:60:ff:e5: e8:b7:70:a3:ad:0e:32:6a:c6:fc:16:d7:93:da:a8:9d:71:0c: a0:93:80:ec:e5:e7:d1:f0:cc:f6:bb:78:97:b8:ee:1e:5d:53: 9a:fe:2c:6d:07:da:93:59:0d:2b:aa:15:7f:15:70:ea:af:aa: d5:f9:9b:44:bb:70:27:07:df:b4:7b:e7:d5:c6:a0:0a:16:96: 8c:b7:c5:b5:a7:cb:28:90:13:5f:5b:f0:20:f7:14:4a:2a:56: c2:b3:2c:ab:90:c5:55:b5:44:af:7f:c0:84:ab:02:be:e1:8f: 1f:f3:5a:e9:ef:36:c4:f6:66:87:dd:67:11:e2:9f:ff:ce:d9: c8:cf:d5:5e:13:4d:0b:9c:16:71:c3:ff:74:67:46:a1:af:28: ee:49:89:67 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDF8xbRKmSNVR5wvKTvqRc2w0Yr4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwMjAwMDAwNloX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAZTU5MTA4MmZhZjI5NjRkMGM5YjBl YmI5MzEyMjA4OTRjNGYxNDQ5MGMwMTcyYTY5ODdmNjljZmViNTE3NTU1MTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLQrKyodvv89XcQ2mS9pm3kvRg2e KF1T3GHTnaw08mIxn/11LZKBX8bonQQ9h834vibHRto/5nck7R6rhju7y7zHN6X4 2/n3zefLZKg3iNcLX1sMFp7/AD1Brgf1+hxqi+Pyl978g/7w/6UvijD/Cb5CR8yH 6n52ZuOZ21v63DpDdOh6ykA+96EUjrbw/VVPKGm5Xnye+Nq0NTb5LMTafPojXE73 JTAqsxGNm26RrehrdTwkD884FE/B/aEO2RzrtjNhrHCGGtQeT7A9GgAgFxgFLGDk Ke6SLUb9lz+HI7O54Bh6bndS26XOea31qdcQSLmofMMajeggRGkBDNOd6wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFF/p6GMo0I4i/TU7GA0NCmNiwG1MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzQ4YTY3MTU2LTEyMmUtNDFkNC1hMmE4LTgwNDZjYzVlY2M0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrynuMA0GCSqGSIb3DQEBCwUAA4IBAQBdkzAByilFJm8F6m0H6lFR Wi4qnsNwoUPC0rytqV4AzwHKJ9OgKy084Hi7qCd0BcFFS7KL0o9JogHSkLttSAv4 LWKA2ahryGhTZiYPqiyFfvCxXphgUCffCD9OpEJqzXP6N76SGAvQ4JRg/+Xot3Cj rQ4yasb8FteT2qidcQygk4Ds5efR8Mz2u3iXuO4eXVOa/ixtB9qTWQ0rqhV/FXDq r6rV+ZtEu3AnB9+0e+fVxqAKFpaMt8W1p8sokBNfW/Ag9xRKKlbCsyyrkMVVtUSv f8CEqwK+4Y8f81rp7zbE9maH3WcR4p//ztnIz9VeE00LnBZxw/90Z0ahryjuSYln -----END CERTIFICATE-----Generated at Mon Aug 4 15:04:15 2025 by rpki-client