$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa File: 48a67156-122e-41d4-a2a8-8046cc5ecc41.roa (raw, json) Hash identifier: 3pOXxGSZEvYoqfTtkjXtGDr576xDR6wJpFkXk6Fn/iI= Subject key identifier: 1D:87:B0:90:F0:85:53:A2:82:88:C2:FA:A5:7F:FD:87:70:1B:BB:7C Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 016A05E1019878C014D8D79539656652685C166E Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa Signing time: Tue 08 Jul 2025 00:00:11 +0000 ROA not before: Tue 08 Jul 2025 00:00:11 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.238.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:6a:05:e1:01:98:78:c0:14:d8:d7:95:39:65:66:52:68:5c:16:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 8 00:00:11 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=f09e33b94e7ffa128cf75e5abe8013d932c95a98a5ddb709501451762ca92063, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:33:5b:60:31:ec:e1:78:b4:29:75:10:be:1b: be:0c:97:f8:69:93:8c:21:e2:a6:0e:69:98:cb:b4: 98:f2:4a:f7:f0:44:04:8e:00:43:d7:72:29:1d:cf: 1d:dc:d8:86:c2:68:70:72:7c:a4:3e:d3:c2:1d:aa: 9f:01:71:60:43:09:b2:84:9c:c5:da:db:e9:aa:f3: 5c:e9:8a:26:71:6a:83:90:f8:dc:ee:98:4b:75:1a: c8:08:85:9e:68:f6:c7:3a:2d:8d:6f:bf:ac:89:02: f0:ed:82:40:64:05:0f:49:ef:91:bb:0f:8d:8a:97: 4d:6c:4b:0c:b1:75:0d:7e:53:e8:94:d8:6f:bf:b9: 07:0f:ec:2b:b7:f2:84:20:79:1d:62:ab:95:59:08: 52:48:af:3c:cc:6b:1f:37:48:c6:3f:95:4b:3b:07: 81:e1:1f:ea:7d:bb:f4:5f:4f:8b:83:ea:58:ab:e0: 6a:9d:c2:f9:3b:43:f7:1c:c2:7b:8f:17:44:78:0c: 60:e4:71:e7:aa:8c:fa:92:c8:9d:39:9c:30:7a:22: e3:5f:d5:23:86:cd:80:4c:11:6c:e9:78:f0:0d:2f: e3:41:1a:09:6b:8c:06:fa:b9:f9:2b:6c:a1:46:0c: b5:78:0e:3e:a6:ca:46:45:50:b3:43:e8:2b:c2:f6: da:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:87:B0:90:F0:85:53:A2:82:88:C2:FA:A5:7F:FD:87:70:1B:BB:7C X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.238.0/23 Signature Algorithm: sha256WithRSAEncryption 08:8e:93:87:06:bb:dd:a5:01:9d:5e:3f:86:7b:2d:a2:a3:f2: bf:02:86:53:8a:a0:1d:b2:da:36:ae:27:59:ae:87:2f:5f:ba: 5e:bf:73:98:73:c8:39:15:dd:e9:5d:8d:65:fe:0e:42:4b:bf: cc:d7:0d:0d:5c:0b:b8:70:49:97:1e:3f:3c:7b:ff:80:69:0d: b7:18:2c:4e:d8:a0:44:bb:a8:3a:34:02:e4:39:9d:35:f0:e1: b6:00:a7:b0:01:8d:f7:42:9b:33:69:6b:9d:c3:e0:9e:4f:e8: 9b:73:ba:79:60:64:d6:be:e2:44:76:f7:98:85:1d:a7:9b:5c: b1:ef:17:37:f0:89:61:64:7c:b6:61:9b:2a:6f:cd:a6:30:14: 5e:43:38:75:59:c5:1c:9d:84:c0:e3:d7:c7:50:85:8f:4e:e7: da:e8:35:0f:9e:c6:b1:3d:7d:2a:c1:85:5d:e0:ae:be:a3:90: 64:1d:79:ca:62:17:1d:cc:4f:0f:d2:23:d9:44:9f:f7:33:01: fa:e3:fc:75:f9:98:ef:be:8c:e9:c1:1f:3f:33:59:31:a6:1a: 04:41:9a:17:a3:d6:19:b4:36:a6:44:2c:72:67:95:33:ee:8e: 82:a3:fa:93:d8:5a:cf:54:32:75:f9:71:1c:43:e9:6b:c8:cd: e7:91:3a:2a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAWoF4QGYeMAU2NeVOWVmUmhcFm4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwODAwMDAxMVoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAZjA5ZTMzYjk0ZTdmZmExMjhjZjc1 ZTVhYmU4MDEzZDkzMmM5NWE5OGE1ZGRiNzA5NTAxNDUxNzYyY2E5MjA2MzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzNbYDHs4Xi0KXUQvhu+DJf4aZOM IeKmDmmYy7SY8kr38EQEjgBD13IpHc8d3NiGwmhwcnykPtPCHaqfAXFgQwmyhJzF 2tvpqvNc6YomcWqDkPjc7phLdRrICIWeaPbHOi2Nb7+siQLw7YJAZAUPSe+Ruw+N ipdNbEsMsXUNflPolNhvv7kHD+wrt/KEIHkdYquVWQhSSK88zGsfN0jGP5VLOweB 4R/qfbv0X0+Lg+pYq+BqncL5O0P3HMJ7jxdEeAxg5HHnqoz6ksidOZwweiLjX9Uj hs2ATBFs6XjwDS/jQRoJa4wG+rn5K2yhRgy1eA4+pspGRVCzQ+grwvbaYQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFB2HsJDwhVOigojC+qV//YdwG7t8MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzQ4YTY3MTU2LTEyMmUtNDFkNC1hMmE4LTgwNDZjYzVlY2M0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrynuMA0GCSqGSIb3DQEBCwUAA4IBAQAIjpOHBrvdpQGdXj+Gey2i o/K/AoZTiqAdsto2ridZrocvX7pev3OYc8g5Fd3pXY1l/g5CS7/M1w0NXAu4cEmX Hj88e/+AaQ23GCxO2KBEu6g6NALkOZ018OG2AKewAY33QpszaWudw+CeT+ibc7p5 YGTWvuJEdveYhR2nm1yx7xc38IlhZHy2YZsqb82mMBReQzh1WcUcnYTA49fHUIWP Tufa6DUPnsaxPX0qwYVd4K6+o5BkHXnKYhcdzE8P0iPZRJ/3MwH64/x1+Zjvvozp wR8/M1kxphoEQZoXo9YZtDamRCxyZ5Uz7o6Co/qT2FrPVDJ1+XEcQ+lryM3nkToq -----END CERTIFICATE-----Generated at Mon Jul 21 23:23:01 2025 by rpki-client