$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa File: 05bc8dbb-c70a-48da-b45b-4448364614ff.roa (raw, json) Hash identifier: ZZs9u1Lh4hvO6JI/dChCfEx6Ns4RMglfTnUllYnU0rs= Subject key identifier: 80:12:8F:51:A1:6C:65:35:E1:7A:64:8F:F6:52:0F:10:81:40:D6:84 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 10EDB47C77B81EF1372832212C068140EA7BA4D1 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa Signing time: Tue 08 Jul 2025 00:00:17 +0000 ROA not before: Tue 08 Jul 2025 00:00:17 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.208.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:ed:b4:7c:77:b8:1e:f1:37:28:32:21:2c:06:81:40:ea:7b:a4:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 8 00:00:17 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=764145f5e1a2978b13e48e8a10548d110f76a8da76eb189f7617ce9061e1c171, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:09:84:af:4c:92:e2:59:6f:a9:a6:7e:dc:a8: 09:4a:5b:7d:87:24:bc:71:7d:b4:9a:96:b1:6d:10: f2:58:b9:08:e4:61:e6:86:fa:a8:09:b9:cd:7f:7a: a9:be:51:82:10:da:c7:ba:e0:8a:97:32:7d:fa:4e: 4b:4e:c6:13:43:65:86:f3:cf:89:53:40:13:81:15: 0e:33:e4:3c:4b:cd:1b:2c:80:80:7e:77:58:21:e6: e7:e7:55:bf:c9:94:42:a4:94:6a:ef:38:cb:28:8e: 38:7c:4e:fc:8b:20:e3:dd:f0:f1:06:6e:d7:c2:ac: 19:e2:1d:b5:a1:26:9a:95:0a:52:3d:a9:3f:1e:d2: cc:31:47:a9:a7:26:af:d5:9d:db:e0:c7:86:a9:c3: 89:11:5a:e8:f0:5e:15:59:93:e3:a6:18:95:11:98: 9b:1f:89:0d:5c:a5:65:50:0f:40:c0:6e:0e:83:a1: 37:cd:4c:6b:ec:ce:c6:f3:e0:3e:a0:1f:72:10:65: 48:c3:9b:3c:03:6f:22:0c:6d:13:e8:62:b7:39:b4: 01:6a:60:03:e6:e3:99:f7:7e:ca:88:93:66:f9:5d: bd:2f:65:ca:8f:39:d8:6b:59:7c:5a:ff:5f:22:fa: 85:dc:5d:93:b7:81:46:1b:70:f4:d3:4f:80:fd:cd: a7:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:12:8F:51:A1:6C:65:35:E1:7A:64:8F:F6:52:0F:10:81:40:D6:84 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.208.0/20 Signature Algorithm: sha256WithRSAEncryption aa:9a:84:1f:63:50:09:48:5e:01:f7:33:47:15:66:31:c7:86: 77:a4:6a:28:0d:b7:f1:fd:c6:b5:78:c3:d0:9d:25:f2:a5:b8: 6f:28:0e:49:32:8d:e1:ea:aa:4c:71:c6:2a:6b:06:5b:2d:f9: e4:ae:8c:b9:1a:21:16:e0:e7:5c:5f:ec:25:0e:8e:d6:b8:43: ac:82:de:2f:bd:c8:63:10:5b:d4:f0:de:b4:2a:76:27:5f:ab: a5:2c:b6:0c:90:ef:fc:38:1b:1d:58:9d:bd:17:43:f8:ea:fc: 27:d8:81:f8:e9:81:76:dc:4d:c9:cd:c4:65:1e:9c:4c:a8:19: 9f:76:6d:ad:ef:08:aa:d1:f7:50:9e:26:89:7f:b2:ac:49:ed: 5c:97:fd:17:59:82:d2:cf:b6:ba:0c:f8:b0:f3:48:0b:c0:e4: f6:87:ce:d3:0e:32:c9:14:99:4d:fe:f1:d8:c8:d3:5c:28:56: ca:43:5e:ff:e3:e2:13:1d:8a:4d:8c:58:5d:9d:0c:53:5a:db: 55:45:17:4f:cb:d8:bd:8b:2a:9c:05:2a:93:8f:64:a1:64:61: 66:d8:a0:73:3c:ba:10:30:f1:46:2e:c0:8e:91:1a:c6:d6:ed: d7:37:5c:35:36:69:b9:95:71:84:46:1e:44:06:55:ff:a0:b2: 2b:96:8a:77 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEO20fHe4HvE3KDIhLAaBQOp7pNEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwODAwMDAxN1oX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNANzY0MTQ1ZjVlMWEyOTc4YjEzZTQ4 ZThhMTA1NDhkMTEwZjc2YThkYTc2ZWIxODlmNzYxN2NlOTA2MWUxYzE3MTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQmEr0yS4llvqaZ+3KgJSlt9hyS8 cX20mpaxbRDyWLkI5GHmhvqoCbnNf3qpvlGCENrHuuCKlzJ9+k5LTsYTQ2WG88+J U0ATgRUOM+Q8S80bLICAfndYIebn51W/yZRCpJRq7zjLKI44fE78iyDj3fDxBm7X wqwZ4h21oSaalQpSPak/HtLMMUeppyav1Z3b4MeGqcOJEVro8F4VWZPjphiVEZib H4kNXKVlUA9AwG4Og6E3zUxr7M7G8+A+oB9yEGVIw5s8A28iDG0T6GK3ObQBamAD 5uOZ937KiJNm+V29L2XKjznYa1l8Wv9fIvqF3F2Tt4FGG3D000+A/c2nLQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIASj1GhbGU14Xpkj/ZSDxCBQNaEMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzA1YmM4ZGJiLWM3MGEtNDhkYS1iNDViLTQ0NDgzNjQ2MTRmZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQErynQMA0GCSqGSIb3DQEBCwUAA4IBAQCqmoQfY1AJSF4B9zNHFWYx x4Z3pGooDbfx/ca1eMPQnSXypbhvKA5JMo3h6qpMccYqawZbLfnkroy5GiEW4Odc X+wlDo7WuEOsgt4vvchjEFvU8N60KnYnX6ulLLYMkO/8OBsdWJ29F0P46vwn2IH4 6YF23E3JzcRlHpxMqBmfdm2t7wiq0fdQniaJf7KsSe1cl/0XWYLSz7a6DPiw80gL wOT2h87TDjLJFJlN/vHYyNNcKFbKQ17/4+ITHYpNjFhdnQxTWttVRRdPy9i9iyqc BSqTj2ShZGFm2KBzPLoQMPFGLsCOkRrG1u3XN1w1Nmm5lXGERh5EBlX/oLIrlop3 -----END CERTIFICATE-----Generated at Tue Jul 22 11:45:15 2025 by rpki-client