$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa File: b3ba338e-4843-454b-abe5-65f09756225a.roa (raw, json) Hash identifier: F1S7aL2OH792Xc6MBeE49bybnAL3ejnqZlK8r/EsuAE= Subject key identifier: A0:DB:15:89:9C:1F:B3:E4:22:F3:2B:82:7D:3F:2E:5D:EF:57:B0:20 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 1A51C81468712D56F1FED24EFA2FEA7A1C43ED56 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa Signing time: Sat 02 Aug 2025 00:00:04 +0000 ROA not before: Sat 02 Aug 2025 00:00:04 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:51:c8:14:68:71:2d:56:f1:fe:d2:4e:fa:2f:ea:7a:1c:43:ed:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 2 00:00:04 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=6c88d43fa974ed05cfad3df2248e2eda9bb296f9fae863e73cf41ee030f60237, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d1:5b:b4:ff:1f:6e:53:7e:ac:6c:95:8b:2a: 30:d5:d7:e8:69:28:9b:45:f5:d2:05:01:a4:0e:11: 32:66:70:db:a5:f6:74:db:6f:6e:80:53:ff:a3:b0: c2:b5:59:3a:7d:34:98:5c:83:fd:1b:70:6e:1e:47: 81:32:f4:89:b0:8c:6a:2d:7e:d6:59:d9:35:0d:db: 7c:ba:c9:98:54:fe:f5:74:a2:3c:4f:35:bf:25:72: 96:5a:70:1c:92:40:85:8b:08:12:d6:18:28:12:eb: 61:02:5a:d1:03:d9:5c:e1:b9:e5:40:37:3c:16:ad: 2d:63:71:5d:86:6b:2f:7e:03:5c:8b:a2:49:21:61: 5d:91:a6:f8:3b:ab:02:5c:95:3a:dc:ef:88:e0:b5: 90:fd:47:a8:5b:1c:90:47:91:50:09:1a:03:77:0a: f7:cd:e3:2d:27:57:bc:8b:f9:b0:36:c2:28:a0:55: 81:d0:34:12:21:ca:7a:fb:76:e9:62:cd:f7:87:a6: 3c:f7:7b:01:f9:48:1c:b5:0c:10:a9:a6:cf:12:68: 1e:70:78:2f:3b:c0:57:14:34:a4:43:08:7d:d1:f0: 18:33:58:c5:97:ae:77:96:9f:b1:a1:e7:66:19:ab: 32:1e:ae:2c:e8:2d:bf:64:b0:4e:af:d1:1d:12:90: 92:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:DB:15:89:9C:1F:B3:E4:22:F3:2B:82:7D:3F:2E:5D:EF:57:B0:20 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.192.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:6b:42:da:93:3d:a6:7d:2a:df:c8:ee:61:ff:fb:34:43:c5: af:13:34:ed:98:7b:f5:0d:c4:96:91:9d:f3:fa:0a:04:16:66: 47:85:fb:d3:fb:84:22:ef:d2:c8:9c:f5:01:69:61:73:d6:00: 96:e6:f1:67:df:64:a9:04:36:ec:8d:8b:e4:be:6c:7d:82:62: 4c:ad:6e:ea:3e:6f:cb:b9:66:af:d8:74:f0:97:0a:d1:b0:bb: d3:e5:0e:0c:34:d0:e3:4d:f2:34:03:56:df:11:5f:6a:85:33: 6a:34:c2:af:8c:9b:28:bb:5d:28:23:cd:c1:1e:ec:53:24:7a: 20:33:45:7f:2c:8a:ce:95:f0:cd:f3:f3:96:89:a1:92:cb:03: ee:12:27:c8:20:a9:96:31:8c:08:2e:d6:e4:b6:97:1d:46:43: 77:c4:f2:28:b2:d9:7b:f2:34:29:48:71:0e:cf:ce:c0:5b:c0: e6:30:d9:92:8d:38:05:7b:49:c9:2c:74:bc:2f:18:22:ec:92: f4:53:c2:2a:ad:87:74:91:26:cd:b9:1d:eb:23:37:8c:dd:e9: a9:a1:5e:6f:8f:28:6d:cd:ce:4d:a4:09:87:03:5b:a9:3b:3b: e5:34:5e:ea:5f:69:d2:7e:c2:38:06:15:69:d1:6d:6a:b9:1c: 7b:e4:d1:f3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGlHIFGhxLVbx/tJO+i/qehxD7VYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwMjAwMDAwNFoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNANmM4OGQ0M2ZhOTc0ZWQwNWNmYWQz ZGYyMjQ4ZTJlZGE5YmIyOTZmOWZhZTg2M2U3M2NmNDFlZTAzMGY2MDIzNzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NFbtP8fblN+rGyViyow1dfoaSib RfXSBQGkDhEyZnDbpfZ0229ugFP/o7DCtVk6fTSYXIP9G3BuHkeBMvSJsIxqLX7W Wdk1Ddt8usmYVP71dKI8TzW/JXKWWnAckkCFiwgS1hgoEuthAlrRA9lc4bnlQDc8 Fq0tY3FdhmsvfgNci6JJIWFdkab4O6sCXJU63O+I4LWQ/UeoWxyQR5FQCRoDdwr3 zeMtJ1e8i/mwNsIooFWB0DQSIcp6+3bpYs33h6Y893sB+UgctQwQqabPEmgecHgv O8BXFDSkQwh90fAYM1jFl653lp+xoedmGasyHq4s6C2/ZLBOr9EdEpCSvQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKDbFYmcH7PkIvMrgn0/Ll3vV7AgMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2IzYmEzMzhlLTQ4NDMtNDU0Yi1hYmU1LTY1ZjA5NzU2MjI1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynAMA0GCSqGSIb3DQEBCwUAA4IBAQAca0Lakz2mfSrfyO5h//s0 Q8WvEzTtmHv1DcSWkZ3z+goEFmZHhfvT+4Qi79LInPUBaWFz1gCW5vFn32SpBDbs jYvkvmx9gmJMrW7qPm/LuWav2HTwlwrRsLvT5Q4MNNDjTfI0A1bfEV9qhTNqNMKv jJsou10oI83BHuxTJHogM0V/LIrOlfDN8/OWiaGSywPuEifIIKmWMYwILtbktpcd RkN3xPIostl78jQpSHEOz87AW8DmMNmSjTgFe0nJLHS8Lxgi7JL0U8IqrYd0kSbN uR3rIzeM3empoV5vjyhtzc5NpAmHA1upOzvlNF7qX2nSfsI4BhVp0W1quRx75NHz -----END CERTIFICATE-----Generated at Mon Aug 4 22:22:10 2025 by rpki-client