$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa File: 2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa (raw, json) Hash identifier: QzQ+7K1nErMw0OmTNz2/ZHXa77CFf1ojC7r53TdGCZI= Subject key identifier: 33:5D:1B:83:A1:37:1C:71:B9:55:31:B8:14:50:D1:35:E2:0F:1C:12 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 5F625DA22407D9D6C8BBDFC02D2027AD991DCFAC Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa Signing time: Tue 08 Jul 2025 00:00:05 +0000 ROA not before: Tue 08 Jul 2025 00:00:05 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:62:5d:a2:24:07:d9:d6:c8:bb:df:c0:2d:20:27:ad:99:1d:cf:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 8 00:00:05 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=bcc5e8a14ed6e6576becf4c0e5701e1d4f5096a19cb658a983d6a3ed36d74ac7, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5e:f4:c5:0e:fd:30:51:de:6d:9e:75:91:4b: b9:62:a9:14:ce:19:e6:a1:2a:82:1c:d5:f1:0e:d3: 06:90:86:b1:2d:16:17:36:fc:fa:5d:68:cc:e0:69: a1:18:e5:2e:41:99:05:6a:74:55:42:bd:a1:7f:b3: 25:eb:38:62:93:29:7f:1a:99:06:e6:75:24:36:2f: 63:dd:12:f3:20:51:d3:0d:95:e2:84:f5:33:96:36: f5:62:80:e3:42:04:85:e9:f7:77:59:00:34:9f:ef: c4:8d:c9:76:15:70:1e:03:81:46:8f:b7:86:37:6a: 04:93:af:88:0a:9b:36:d9:dd:c5:43:0b:72:84:1a: 25:4e:90:4b:4b:d3:32:d3:05:4a:bb:bd:64:ca:d9: 62:1d:fe:d9:9b:1d:21:b1:6d:eb:54:ab:e8:05:70: e9:b8:0d:6b:68:ac:43:40:ca:ac:1a:be:af:ad:1e: 4b:3a:e8:5e:76:54:06:e9:1f:10:73:c8:22:61:08: 40:2f:39:5b:b2:a4:79:98:10:97:68:15:19:66:6b: 8a:cc:d4:10:4e:21:bb:eb:3f:da:81:99:cc:14:ec: bc:a5:a5:0b:08:0c:63:99:2d:f9:10:7c:07:dc:9f: d8:18:dd:0a:ab:24:b1:75:54:10:7b:ac:12:46:a2: e7:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:5D:1B:83:A1:37:1C:71:B9:55:31:B8:14:50:D1:35:E2:0F:1C:12 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.193.0/24 Signature Algorithm: sha256WithRSAEncryption 23:40:1f:02:6d:ef:4b:a5:e8:42:1d:ff:b4:b5:48:0e:54:2b: e6:9a:16:b9:ad:ef:72:e0:fa:12:ec:d9:28:2f:6e:15:c7:f4: 04:8a:56:f7:51:b2:37:90:e2:c0:ed:77:61:e1:80:62:5e:f2: 5b:1f:4d:45:ee:23:31:b5:87:4f:82:90:af:40:55:b7:fb:c7: c6:18:d7:bb:c5:d4:0c:bc:ad:87:b5:4b:d7:74:3b:49:3a:ff: f5:ef:fa:8e:3d:1d:12:75:d9:0e:e9:30:cc:7f:93:ae:b5:a9: c0:bd:19:dc:44:dc:58:51:58:52:9b:04:aa:4e:0c:2b:94:d9: a8:19:e3:93:95:d6:33:fb:d0:67:13:75:fd:91:5c:61:52:a2: 61:00:ec:d2:61:70:f6:8b:dc:75:38:b2:4e:f6:56:41:9b:5e: 1b:de:da:16:a3:85:81:ac:01:41:cf:49:0f:7e:b7:a2:b8:d2: bb:2a:95:fe:d7:d9:32:c8:f3:5b:a1:23:d8:78:86:5d:8e:cc: d3:ad:1f:9e:e2:64:99:83:84:9f:18:2d:dd:b6:0e:6f:9d:1d: ac:4e:91:8f:9e:4e:38:1a:c4:c8:9d:b6:7c:9d:17:4b:d7:ad: aa:53:32:d3:30:77:14:62:3a:ed:41:09:15:b6:ac:86:7c:97: 94:7a:6b:70 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUX2JdoiQH2dbIu9/ALSAnrZkdz6wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwODAwMDAwNVoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAYmNjNWU4YTE0ZWQ2ZTY1NzZiZWNm NGMwZTU3MDFlMWQ0ZjUwOTZhMTljYjY1OGE5ODNkNmEzZWQzNmQ3NGFjNzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxF70xQ79MFHebZ51kUu5YqkUzhnm oSqCHNXxDtMGkIaxLRYXNvz6XWjM4GmhGOUuQZkFanRVQr2hf7Ml6zhikyl/GpkG 5nUkNi9j3RLzIFHTDZXihPUzljb1YoDjQgSF6fd3WQA0n+/Ejcl2FXAeA4FGj7eG N2oEk6+ICps22d3FQwtyhBolTpBLS9My0wVKu71kytliHf7Zmx0hsW3rVKvoBXDp uA1raKxDQMqsGr6vrR5LOuhedlQG6R8Qc8giYQhALzlbsqR5mBCXaBUZZmuKzNQQ TiG76z/agZnMFOy8paULCAxjmS35EHwH3J/YGN0KqySxdVQQe6wSRqLnRQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDNdG4OhNxxxuVUxuBRQ0TXiDxwSMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzJmNDdkY2RkLWMzODQtNGViMi1hZWZkLWY0YWQ2NGYyNmNjZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynBMA0GCSqGSIb3DQEBCwUAA4IBAQAjQB8Cbe9LpehCHf+0tUgO VCvmmha5re9y4PoS7NkoL24Vx/QEilb3UbI3kOLA7Xdh4YBiXvJbH01F7iMxtYdP gpCvQFW3+8fGGNe7xdQMvK2HtUvXdDtJOv/17/qOPR0SddkO6TDMf5OutanAvRnc RNxYUVhSmwSqTgwrlNmoGeOTldYz+9BnE3X9kVxhUqJhAOzSYXD2i9x1OLJO9lZB m14b3toWo4WBrAFBz0kPfreiuNK7KpX+19kyyPNboSPYeIZdjszTrR+e4mSZg4Sf GC3dtg5vnR2sTpGPnk44GsTInbZ8nRdL162qUzLTMHcUYjrtQQkVtqyGfJeUemtw -----END CERTIFICATE-----Generated at Tue Jul 22 04:13:35 2025 by rpki-client