$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa File: 0bf15d3f-c546-4bb6-a764-82165c384d37.roa (raw, json) Hash identifier: pKArkrWQ4QySI7LB9UAqjIdDLsYzJACTioibWL8VTKg= Subject key identifier: FF:C3:64:7A:60:16:E0:66:BE:75:CC:35:77:C9:0D:09:4B:12:44:D6 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 11001573FDB831503E57047FE48C795271232F18 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa Signing time: Tue 08 Jul 2025 00:00:14 +0000 ROA not before: Tue 08 Jul 2025 00:00:14 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:00:15:73:fd:b8:31:50:3e:57:04:7f:e4:8c:79:52:71:23:2f:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 8 00:00:14 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=26de463ff084a4e7612b73ab2d206a7c28145da74c0b368347328ba4c441ef69, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b8:e5:43:1a:e2:0a:05:2c:8a:17:c4:30:3f: 88:41:f9:37:72:c0:20:b4:5d:7b:db:7e:00:69:ab: b5:12:6c:c7:cd:01:c0:bd:ee:c6:26:ad:cb:a1:77: 88:62:33:53:bf:6e:f0:a8:53:af:95:34:e7:0c:2d: 5b:ce:69:10:65:d4:a4:8c:44:bf:7d:35:75:ff:08: 07:60:65:38:84:ba:66:ee:0c:61:ae:68:7a:8a:6f: ae:4e:aa:32:12:24:85:4d:af:34:cb:56:0a:af:1a: b6:08:af:a6:7f:b1:3d:03:45:73:d7:fd:d7:23:1a: ae:49:10:e4:53:d1:c5:1e:17:54:49:ae:e9:e8:cc: 13:79:a0:4c:dc:d5:77:c0:ca:d9:a9:1c:f3:58:9f: 18:1b:4e:79:ff:0d:b0:cf:87:6b:04:0a:cb:b1:99: 44:3d:ad:e4:f7:5d:d7:89:5a:cd:cc:1c:89:2e:db: 0b:11:2e:ec:7c:1a:78:e0:2c:02:fd:3d:88:12:bf: 0c:0a:25:ee:39:5b:90:53:86:96:01:78:3a:a8:07: 17:42:07:5d:b2:d7:15:10:b1:49:5c:fb:03:a9:0c: 64:00:36:60:a3:9a:06:de:16:56:4f:4a:22:31:87: 81:cf:49:ee:ff:7e:c2:34:95:0a:9f:dc:e9:16:09: 0e:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:C3:64:7A:60:16:E0:66:BE:75:CC:35:77:C9:0D:09:4B:12:44:D6 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.200.0/21 Signature Algorithm: sha256WithRSAEncryption a9:c8:9e:c5:70:b1:92:6d:fd:c0:ce:d9:7a:46:5c:dd:3f:75: 36:95:e8:e0:ef:7f:2b:67:cc:8b:57:3a:0f:18:70:e3:cb:0a: 08:59:1a:2d:31:a3:b0:26:1a:03:5a:30:a1:8b:e4:cf:05:14: db:a6:5d:e9:ff:bc:2d:1e:4f:ef:79:a2:5d:92:9c:a3:07:52: 48:a0:37:56:9c:9a:a0:83:eb:03:88:e6:8e:ec:47:37:d1:df: 93:3d:81:79:89:56:10:55:7a:e3:24:68:4d:92:89:c3:8e:98: 59:f6:21:6c:21:06:72:47:30:1d:67:7f:1d:a9:34:6b:59:49: 56:d1:31:23:bf:2e:59:33:97:c1:59:61:9f:c3:01:0f:99:2d: 3a:bd:3d:8f:34:ae:06:9a:7b:61:ed:02:0f:c2:4d:9b:57:ba: 1e:26:b4:3c:e2:6b:2e:7f:5f:d8:bd:c1:7c:be:a1:8c:c2:b0: 63:9b:df:26:3f:2c:61:90:2d:c1:10:9c:36:0a:5d:3c:72:87: 14:16:e9:04:c2:11:3e:65:33:80:c0:37:02:23:6a:07:4e:65: ea:db:47:a4:fc:1c:bc:a6:cf:b1:40:f0:4a:9c:ed:b1:99:34: 23:5b:aa:cd:10:28:3d:01:f9:5f:91:81:90:77:a7:69:5f:e4: d5:c9:6b:13 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEQAVc/24MVA+VwR/5Ix5UnEjLxgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwODAwMDAxNFoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAMjZkZTQ2M2ZmMDg0YTRlNzYxMmI3 M2FiMmQyMDZhN2MyODE0NWRhNzRjMGIzNjgzNDczMjhiYTRjNDQxZWY2OTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7jlQxriCgUsihfEMD+IQfk3csAg tF17234Aaau1EmzHzQHAve7GJq3LoXeIYjNTv27wqFOvlTTnDC1bzmkQZdSkjES/ fTV1/wgHYGU4hLpm7gxhrmh6im+uTqoyEiSFTa80y1YKrxq2CK+mf7E9A0Vz1/3X IxquSRDkU9HFHhdUSa7p6MwTeaBM3NV3wMrZqRzzWJ8YG055/w2wz4drBArLsZlE Pa3k913XiVrNzByJLtsLES7sfBp44CwC/T2IEr8MCiXuOVuQU4aWAXg6qAcXQgdd stcVELFJXPsDqQxkADZgo5oG3hZWT0oiMYeBz0nu/37CNJUKn9zpFgkOPwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFP/DZHpgFuBmvnXMNXfJDQlLEkTWMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzBiZjE1ZDNmLWM1NDYtNGJiNi1hNzY0LTgyMTY1YzM4NGQzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrynIMA0GCSqGSIb3DQEBCwUAA4IBAQCpyJ7FcLGSbf3Aztl6Rlzd P3U2lejg738rZ8yLVzoPGHDjywoIWRotMaOwJhoDWjChi+TPBRTbpl3p/7wtHk/v eaJdkpyjB1JIoDdWnJqgg+sDiOaO7Ec30d+TPYF5iVYQVXrjJGhNkonDjphZ9iFs IQZyRzAdZ38dqTRrWUlW0TEjvy5ZM5fBWWGfwwEPmS06vT2PNK4Gmnth7QIPwk2b V7oeJrQ84msuf1/YvcF8vqGMwrBjm98mPyxhkC3BEJw2Cl08cocUFukEwhE+ZTOA wDcCI2oHTmXq20ek/By8ps+xQPBKnO2xmTQjW6rNECg9AflfkYGQd6dpX+TVyWsT -----END CERTIFICATE-----Generated at Mon Jul 21 23:20:36 2025 by rpki-client