$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json) Hash identifier: ncBHQ1ycb3H8nSEbCEY1MHKAf9TYps2Nj80/DAsfglI= Subject key identifier: 06:36:69:15:15:EF:D4:90:32:AD:4D:EF:16:33:31:F5:C1:1A:CE:A6 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 6EF784FAFCCDE6922BD05C96EE4A47DFDD99CA61 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa Signing time: Tue 08 Jul 2025 00:00:14 +0000 ROA not before: Tue 08 Jul 2025 00:00:14 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:f7:84:fa:fc:cd:e6:92:2b:d0:5c:96:ee:4a:47:df:dd:99:ca:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 8 00:00:14 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=bc70a1a7331074fdc1c47c0d18f08bb183ead2c38c3396754afaf8969f8a24cd, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:0d:09:80:66:80:99:c6:8f:34:47:e2:58:1d: fd:36:c0:5f:66:0d:23:25:f1:0f:1c:7e:0f:1d:a6: 38:51:cf:10:ba:cf:17:95:dc:c5:19:09:fe:b9:5e: 54:22:fa:6f:7c:bf:5c:f8:f1:2d:d4:fb:f5:9a:38: 99:19:57:71:bc:4a:7c:71:2c:87:b2:ae:6e:21:cc: 1d:eb:90:82:b2:e6:78:8a:9c:44:f7:c5:ba:4a:66: e9:72:81:77:09:03:f0:71:b8:04:3e:39:e5:60:9e: 05:75:e1:67:45:81:59:b4:e2:42:d1:b2:04:56:bb: f1:ee:85:ef:71:5e:22:68:bb:d8:03:0e:35:2e:b6: 70:27:17:e5:e3:74:50:e6:8d:8a:3b:61:dd:b0:89: 59:42:bc:49:37:fd:b1:1c:0d:2a:ed:8c:56:7c:a5: df:a6:d5:94:e4:26:95:11:c6:eb:97:e5:4e:57:bd: ba:d8:13:30:0f:61:51:c5:f7:1b:81:bc:81:24:3b: e3:dc:58:c8:83:c2:b1:eb:ce:e7:2d:43:e9:00:45: 7e:d3:ee:07:eb:4f:ef:bf:e8:8e:41:b9:b6:35:84: 13:38:74:24:18:7c:5c:9c:ae:22:2f:16:f6:a0:13: 8e:2c:ca:de:e7:19:d5:e1:a9:8e:a3:24:fb:db:80: 92:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:36:69:15:15:EF:D4:90:32:AD:4D:EF:16:33:31:F5:C1:1A:CE:A6 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.224.0/21 Signature Algorithm: sha256WithRSAEncryption 04:0d:82:4b:75:cf:07:20:20:63:e9:e5:b9:a7:f5:2e:89:d0: 04:3a:e0:ea:9a:38:30:a5:7c:bc:5d:1b:b2:2c:bd:d7:43:0e: fa:f3:91:26:81:90:74:85:97:0d:9d:df:81:25:f1:9f:2e:89: 88:33:92:a8:8a:a6:fe:98:c4:45:29:91:28:b9:d0:91:ac:c7: 63:ff:f3:88:04:ed:dd:84:2e:04:3a:97:9a:62:d0:8e:49:3b: 19:81:93:e0:c6:5b:53:ff:f3:19:c3:53:b8:04:5c:a1:d0:34: 55:07:da:0d:d5:75:54:a6:d5:52:0b:d9:6c:c2:b6:b6:32:0c: 58:6d:37:58:f3:95:96:2d:36:68:6f:ab:d4:38:25:b4:6f:06: c2:ce:44:92:8b:5f:04:a0:4e:7f:1a:08:a8:90:1b:95:0f:0f: 19:4e:2d:a1:8c:56:1c:9d:cb:d6:5a:e9:3c:ca:fb:a1:f3:bc: a9:06:b9:5d:12:5b:d3:5d:9d:80:e2:88:ce:b1:d3:03:40:5e: f5:c1:c9:97:12:c4:bd:c2:6a:04:f9:7a:2e:f7:93:fb:db:89: b8:d9:0f:55:5c:e2:59:c8:6e:4d:a2:e2:b0:8b:b8:ec:49:7f: 44:34:13:b3:81:7d:c0:0e:91:73:42:28:df:5c:51:6f:64:9b: 85:d5:57:63 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUbveE+vzN5pIr0FyW7kpH392ZymEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwODAwMDAxNFoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAYmM3MGExYTczMzEwNzRmZGMxYzQ3 YzBkMThmMDhiYjE4M2VhZDJjMzhjMzM5Njc1NGFmYWY4OTY5ZjhhMjRjZDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Q0JgGaAmcaPNEfiWB39NsBfZg0j JfEPHH4PHaY4Uc8Qus8XldzFGQn+uV5UIvpvfL9c+PEt1Pv1mjiZGVdxvEp8cSyH sq5uIcwd65CCsuZ4ipxE98W6SmbpcoF3CQPwcbgEPjnlYJ4FdeFnRYFZtOJC0bIE Vrvx7oXvcV4iaLvYAw41LrZwJxfl43RQ5o2KO2HdsIlZQrxJN/2xHA0q7YxWfKXf ptWU5CaVEcbrl+VOV7262BMwD2FRxfcbgbyBJDvj3FjIg8Kx687nLUPpAEV+0+4H 60/vv+iOQbm2NYQTOHQkGHxcnK4iLxb2oBOOLMre5xnV4amOoyT724CSIwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAY2aRUV79SQMq1N7xYzMfXBGs6mMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQAEDYJLdc8HICBj6eW5p/Uu idAEOuDqmjgwpXy8XRuyLL3XQw7685EmgZB0hZcNnd+BJfGfLomIM5Koiqb+mMRF KZEoudCRrMdj//OIBO3dhC4EOpeaYtCOSTsZgZPgxltT//MZw1O4BFyh0DRVB9oN 1XVUptVSC9lswra2MgxYbTdY85WWLTZob6vUOCW0bwbCzkSSi18EoE5/GgiokBuV Dw8ZTi2hjFYcncvWWuk8yvuh87ypBrldElvTXZ2A4ojOsdMDQF71wcmXEsS9wmoE +Xou95P724m42Q9VXOJZyG5NouKwi7jsSX9ENBOzgX3ADpFzQijfXFFvZJuF1Vdj -----END CERTIFICATE-----Generated at Mon Jul 21 23:16:33 2025 by rpki-client