$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: 74CQtE2H0xUeFfAS/3WJl4t2V8mhid0eI/r673LK+jw= Subject key identifier: 29:A6:B4:63:0C:F7:6E:C0:98:91:F6:15:5A:2B:B6:9D:37:90:EB:F0 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 78A3591BED95C0CD339D29733F6743C99A88B629 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Sat 02 Aug 2025 00:00:01 +0000 ROA not before: Sat 02 Aug 2025 00:00:01 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:a3:59:1b:ed:95:c0:cd:33:9d:29:73:3f:67:43:c9:9a:88:b6:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 2 00:00:01 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=826367d7af5d55ee951a799a85ddef94cc93733202fbe2bf1d16d2eefba1c195, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:fc:ac:1b:97:97:ee:3e:ad:b5:8c:9b:26:07: 6e:e5:9f:58:e9:39:26:94:92:a4:0a:ea:1c:fc:24: a4:01:86:e0:af:db:a7:01:a0:17:2c:61:74:fc:e9: 71:5c:2a:11:4b:f6:08:29:2b:72:9a:3b:e6:23:6d: d3:dc:55:75:01:6c:48:4f:48:77:43:f2:5a:7b:57: 34:69:0d:3f:cb:9d:36:d6:e9:f0:75:d6:14:62:6a: 5d:df:82:ba:6f:3e:5e:29:5a:fe:a1:72:64:02:e7: 2f:03:51:28:93:2a:f3:ef:7d:25:e8:63:e1:1a:eb: 53:8b:66:a0:cd:69:b0:04:24:fc:12:ad:6b:ed:06: 01:37:83:2f:e6:38:5c:b7:bc:52:18:be:8e:46:6a: 67:12:bd:bc:1c:fb:bb:7e:02:82:16:1e:2c:a1:4d: 40:e9:6d:3e:26:21:f5:c4:af:e5:59:cc:06:42:fe: 80:52:3d:3a:aa:50:5e:1d:30:5b:a0:39:27:16:3a: 33:63:22:40:dd:c7:3f:fa:a1:bf:dd:b0:85:6a:d5: 72:d7:37:18:a9:af:a5:84:fd:bc:d0:ad:dc:cb:fd: 1d:94:6b:63:7a:ed:fa:99:0a:3a:da:7a:2c:91:87: 86:01:d0:22:6f:bc:87:9d:91:8c:78:ec:70:b6:5a: 50:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A6:B4:63:0C:F7:6E:C0:98:91:F6:15:5A:2B:B6:9D:37:90:EB:F0 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 0f:26:57:be:81:03:d2:a3:e2:50:cc:a6:ce:29:d1:b4:6b:28: 73:ab:a6:76:3c:0e:6e:8c:0c:75:e6:83:09:de:fb:3c:45:ab: b7:11:3a:15:fc:74:86:76:f5:d0:1a:5b:d5:cc:6c:e0:82:c8: 29:6b:80:fd:ea:04:c2:49:da:6a:53:a3:97:46:09:71:d4:2a: 77:4e:d5:7c:a6:4e:23:1f:49:10:1c:49:d2:84:48:ff:6d:bf: a4:54:8e:ea:de:aa:fe:f9:05:93:40:8f:cc:2f:76:34:67:c2: 11:42:3b:37:55:93:b0:f7:5f:1c:b8:a9:1e:b6:92:18:5d:98: 83:e7:4f:1a:76:d1:78:55:31:92:9f:c9:5a:da:5d:e1:b6:af: 7d:39:82:e2:14:6b:66:23:06:2b:ff:7e:26:44:db:8e:78:4e: e5:58:21:e6:fa:2e:55:73:a7:84:56:75:01:4c:58:5e:c0:b7: fa:28:8f:06:e6:90:0f:60:bb:33:ad:56:7b:96:59:54:69:28: 5a:55:21:6f:87:f1:98:50:fb:1f:2e:6b:eb:1f:bc:53:d1:f7: 6e:2f:44:65:b0:1f:3e:6c:14:2a:1d:74:a7:40:1b:99:18:d2: 6b:53:55:2b:0a:88:5f:33:14:09:54:f7:23:ab:7f:71:3e:53: 0d:f1:c9:9b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUeKNZG+2VwM0znSlzP2dDyZqItikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwMjAwMDAwMVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAODI2MzY3ZDdhZjVkNTVlZTk1MWE3 OTlhODVkZGVmOTRjYzkzNzMzMjAyZmJlMmJmMWQxNmQyZWVmYmExYzE5NTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfysG5eX7j6ttYybJgdu5Z9Y6Tkm lJKkCuoc/CSkAYbgr9unAaAXLGF0/OlxXCoRS/YIKStymjvmI23T3FV1AWxIT0h3 Q/Jae1c0aQ0/y5021unwddYUYmpd34K6bz5eKVr+oXJkAucvA1Eokyrz730l6GPh GutTi2agzWmwBCT8Eq1r7QYBN4Mv5jhct7xSGL6ORmpnEr28HPu7fgKCFh4soU1A 6W0+JiH1xK/lWcwGQv6AUj06qlBeHTBboDknFjozYyJA3cc/+qG/3bCFatVy1zcY qa+lhP280K3cy/0dlGtjeu36mQo62noskYeGAdAib7yHnZGMeOxwtlpQkwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCmmtGMM927AmJH2FVortp03kOvwMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQAPJle+gQPSo+JQzKbOKdG0 ayhzq6Z2PA5ujAx15oMJ3vs8Rau3EToV/HSGdvXQGlvVzGzggsgpa4D96gTCSdpq U6OXRglx1Cp3TtV8pk4jH0kQHEnShEj/bb+kVI7q3qr++QWTQI/ML3Y0Z8IRQjs3 VZOw918cuKketpIYXZiD508adtF4VTGSn8la2l3htq99OYLiFGtmIwYr/34mRNuO eE7lWCHm+i5Vc6eEVnUBTFhewLf6KI8G5pAPYLszrVZ7lllUaShaVSFvh/GYUPsf LmvrH7xT0fduL0RlsB8+bBQqHXSnQBuZGNJrU1UrCohfMxQJVPcjq39xPlMN8cmb -----END CERTIFICATE-----Generated at Mon Aug 4 14:54:31 2025 by rpki-client