$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6cf57aa6-6ba3-43af-bbd5-44485e3b9f67.roa File: 6cf57aa6-6ba3-43af-bbd5-44485e3b9f67.roa (raw, json) Hash identifier: V4UKqeJ2OiPk5beC/z3ShnfrzFPcJXI/DcicdvB37ME= Subject key identifier: 3C:BA:7E:9C:57:E1:65:12:C9:43:E7:44:C6:0E:15:8E:55:B0:1B:BE Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 6242EF75A15076B089E6EC994DB767C5CDD7E76A Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6cf57aa6-6ba3-43af-bbd5-44485e3b9f67.roa Signing time: Tue 08 Jul 2025 00:00:10 +0000 ROA not before: Tue 08 Jul 2025 00:00:10 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.194.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:42:ef:75:a1:50:76:b0:89:e6:ec:99:4d:b7:67:c5:cd:d7:e7:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 8 00:00:10 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=3a347ec0fb2bf905f35704b5a387f1e98749ea8f97d67a9ed4e06c4ff255cd80, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:8a:b7:05:58:6b:99:ae:76:b4:84:2b:6b:ea: 8a:ab:82:27:19:64:18:5e:ab:15:31:69:22:60:82: 42:5c:59:44:27:05:7f:7e:00:98:6a:d4:3a:57:5b: ca:32:4f:b3:69:d7:e5:dd:d1:32:5b:ab:c7:e3:a2: 80:8b:41:6e:f3:53:bc:8b:76:42:c4:8b:e4:96:94: 00:08:41:28:88:bc:8e:fe:03:94:60:42:f7:ef:0a: f3:9b:01:6a:e3:8f:af:b2:2a:e8:4e:a5:36:92:0e: 96:ad:c7:88:70:5e:79:61:15:b4:3a:b5:a5:66:aa: af:37:54:4f:5e:16:58:c4:84:64:ec:08:b1:83:d3: 62:09:9d:e2:93:58:8f:3f:db:2a:bf:4d:f2:0c:bb: f8:ef:55:c3:fb:7b:d5:cd:ac:5e:e1:67:0c:c1:46: a0:74:ff:a8:69:a9:d2:94:a2:92:35:f0:43:88:b5: 27:5f:89:51:36:07:99:fb:fb:89:5e:bd:17:3a:9d: f7:e1:df:ff:7c:dd:cb:dd:3b:c8:50:0c:82:b4:74: 90:8b:5d:65:48:b2:65:98:76:08:fc:53:57:e3:77: cb:09:a4:de:43:4b:2a:68:86:bd:ea:14:ba:bd:5a: c1:a4:2f:c7:0f:da:73:20:ea:8c:f6:21:08:57:94: 17:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:BA:7E:9C:57:E1:65:12:C9:43:E7:44:C6:0E:15:8E:55:B0:1B:BE X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6cf57aa6-6ba3-43af-bbd5-44485e3b9f67.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.194.0/23 Signature Algorithm: sha256WithRSAEncryption 96:42:57:02:28:25:bd:25:5b:a0:76:91:68:cc:e2:b6:0a:46: a1:da:1e:79:d3:77:14:70:28:40:79:ac:44:68:9f:28:df:53: 96:5f:dc:d6:3f:e2:d9:e7:2e:80:c2:30:68:4b:0a:ef:85:03: c9:1f:41:a6:b3:ea:d9:88:e5:84:81:6d:9a:2f:22:53:db:39: f2:85:4d:a4:3c:8a:3d:3d:df:13:47:6a:a5:62:e2:0a:22:c8: 93:3a:44:a9:86:6b:5f:da:83:78:fc:e2:b2:36:6c:e6:4c:60: 4a:cb:bf:82:d2:34:a8:e3:53:f2:19:e1:d8:e0:2d:4a:8a:57: 7a:a2:ab:a4:08:fe:53:37:a4:73:26:3c:79:db:09:1d:1b:25: 16:6e:7c:b7:2c:df:71:0b:92:06:c9:90:c2:35:eb:ac:84:cf: 72:47:c3:3d:8e:96:ae:f5:cc:d2:93:e0:0b:4e:25:9d:ae:6b: a0:c7:5f:3f:bc:1e:fb:34:fb:40:3f:c3:ab:88:d3:b0:7b:bd: 2b:a3:9c:e6:6a:70:ec:b8:53:18:5e:06:9a:8c:db:9c:fa:6b: 9d:9d:01:18:02:98:e4:71:81:8f:b1:a3:c2:eb:ac:5a:27:ea: d0:f1:88:89:5f:59:ef:c3:28:53:02:98:cb:19:4e:cc:17:77: 93:71:3e:5a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYkLvdaFQdrCJ5uyZTbdnxc3X52owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwODAwMDAxMFoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAM2EzNDdlYzBmYjJiZjkwNWYzNTcw NGI1YTM4N2YxZTk4NzQ5ZWE4Zjk3ZDY3YTllZDRlMDZjNGZmMjU1Y2Q4MDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYq3BVhrma52tIQra+qKq4InGWQY XqsVMWkiYIJCXFlEJwV/fgCYatQ6V1vKMk+zadfl3dEyW6vH46KAi0Fu81O8i3ZC xIvklpQACEEoiLyO/gOUYEL37wrzmwFq44+vsiroTqU2kg6WrceIcF55YRW0OrWl ZqqvN1RPXhZYxIRk7Aixg9NiCZ3ik1iPP9sqv03yDLv471XD+3vVzaxe4WcMwUag dP+oaanSlKKSNfBDiLUnX4lRNgeZ+/uJXr0XOp334d//fN3L3TvIUAyCtHSQi11l SLJlmHYI/FNX43fLCaTeQ0sqaIa96hS6vVrBpC/HD9pzIOqM9iEIV5QXIQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDy6fpxX4WUSyUPnRMYOFY5VsBu+MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzZjZjU3YWE2LTZiYTMtNDNhZi1iYmQ1LTQ0NDg1ZTNiOWY2Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrynCMA0GCSqGSIb3DQEBCwUAA4IBAQCWQlcCKCW9JVugdpFozOK2 Ckah2h5503cUcChAeaxEaJ8o31OWX9zWP+LZ5y6AwjBoSwrvhQPJH0Gms+rZiOWE gW2aLyJT2znyhU2kPIo9Pd8TR2qlYuIKIsiTOkSphmtf2oN4/OKyNmzmTGBKy7+C 0jSo41PyGeHY4C1Kild6oqukCP5TN6RzJjx52wkdGyUWbny3LN9xC5IGyZDCNeus hM9yR8M9jpau9czSk+ALTiWdrmugx18/vB77NPtAP8OriNOwe70ro5zmanDsuFMY XgaajNuc+mudnQEYApjkcYGPsaPC66xaJ+rQ8YiJX1nvwyhTApjLGU7MF3eTcT5a -----END CERTIFICATE-----Generated at Mon Jul 21 23:25:05 2025 by rpki-client