$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: +6ecU/FGQUEooswbGkIM2tz55NAqlNoWM5AOsW6zc7A= Subject key identifier: F1:7F:07:88:DB:5E:DE:FD:7A:19:83:76:3B:95:BF:1C:20:1F:BF:2B Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 194AC64B70659B08D32771C5CD8F8B101DCCE733 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Tue 08 Jul 2025 00:00:04 +0000 ROA not before: Tue 08 Jul 2025 00:00:04 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:4a:c6:4b:70:65:9b:08:d3:27:71:c5:cd:8f:8b:10:1d:cc:e7:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 8 00:00:04 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=3369ac1515964daa352f30083507e2e43bba7da809befbc39d1809270528fd5b, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:09:77:73:34:df:bf:b6:93:08:e1:d3:9a:a0: 20:b9:4a:b9:31:00:bc:cc:c4:c7:9a:fb:c5:6b:08: 42:62:5e:a0:7a:1c:51:54:c2:bb:49:cd:20:0b:52: c0:fe:a8:15:8e:59:ef:94:4f:57:75:6d:ef:c1:d7: c2:17:de:ec:eb:41:4c:84:ae:52:2a:c6:cd:9a:f2: 5b:97:3b:09:08:ca:c8:e9:5a:1e:03:ae:a1:36:19: 3f:86:fa:7c:df:93:cc:e1:b6:bd:80:2f:e4:ac:0c: a4:be:60:f6:20:5f:18:3f:65:52:f4:6b:ab:96:7a: 1d:cd:46:ce:7a:9e:fb:ab:4d:4e:5a:54:d2:af:08: 64:57:d1:16:7d:16:ca:a0:10:4a:60:21:5d:e6:77: 60:43:97:85:5f:4e:81:64:cd:2e:0c:84:dc:c6:c9: 7e:54:4c:cf:3f:81:b9:6a:28:d5:f0:8f:ac:41:67: 9c:56:f0:67:61:ea:44:9b:de:a8:ef:86:00:6c:1b: 92:8b:22:56:62:9b:54:1c:e3:7e:ff:13:81:37:40: ac:4f:00:13:78:8d:50:85:34:07:2e:c4:cc:c6:3d: 74:aa:1c:af:64:de:44:f6:6a:56:96:50:e9:34:9f: ae:bc:38:94:73:de:2c:53:86:ae:05:ee:5a:37:99: 07:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:7F:07:88:DB:5E:DE:FD:7A:19:83:76:3B:95:BF:1C:20:1F:BF:2B X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 7b:55:9c:1d:ad:5f:19:3f:6c:0d:7f:73:84:d0:de:c7:ab:00: 25:7a:71:ba:6e:67:a3:c7:c9:08:db:ec:05:13:5f:50:36:c8: bb:08:76:6b:c8:6d:ea:f8:a2:7c:f2:0e:14:f5:46:bb:84:9c: e9:69:1c:17:40:9e:ce:67:c3:35:ba:52:a8:c1:28:50:0f:df: 3a:e6:ab:46:f9:b4:c1:ce:33:66:14:66:91:52:2a:af:f5:a8: 05:2d:ea:f8:c3:d3:53:62:28:2f:c0:f7:64:f1:f9:d0:35:eb: 5e:bc:2f:e2:a7:fb:05:2e:08:33:7f:29:9d:7e:1a:97:fd:6f: c3:c5:80:7e:eb:08:df:05:4c:21:a5:4f:ae:6c:f3:85:b5:55: 28:92:0b:f1:78:1b:cf:54:e4:99:66:2b:ab:72:57:8d:b8:f5: bb:4f:36:03:77:14:96:da:f8:85:49:6c:cc:99:10:a8:3f:f9: bf:c8:c6:c6:77:e5:87:4e:54:1c:e6:6f:ec:d0:8d:b1:e6:01: 36:64:85:b5:71:85:2d:a6:f9:32:74:64:20:4d:df:4e:2a:7e: a2:e3:36:f8:c4:7a:d9:94:a8:84:9b:02:2a:5d:c6:4c:41:ad: 41:2f:c0:3e:92:80:32:28:f4:63:35:32:ec:54:25:44:cd:ca: 18:1a:45:d3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGUrGS3BlmwjTJ3HFzY+LEB3M5zMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwODAwMDAwNFoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAMzM2OWFjMTUxNTk2NGRhYTM1MmYz MDA4MzUwN2UyZTQzYmJhN2RhODA5YmVmYmMzOWQxODA5MjcwNTI4ZmQ1YjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgl3czTfv7aTCOHTmqAguUq5MQC8 zMTHmvvFawhCYl6gehxRVMK7Sc0gC1LA/qgVjlnvlE9XdW3vwdfCF97s60FMhK5S KsbNmvJblzsJCMrI6VoeA66hNhk/hvp835PM4ba9gC/krAykvmD2IF8YP2VS9Gur lnodzUbOep77q01OWlTSrwhkV9EWfRbKoBBKYCFd5ndgQ5eFX06BZM0uDITcxsl+ VEzPP4G5aijV8I+sQWecVvBnYepEm96o74YAbBuSiyJWYptUHON+/xOBN0CsTwAT eI1QhTQHLsTMxj10qhyvZN5E9mpWllDpNJ+uvDiUc94sU4auBe5aN5kHqQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPF/B4jbXt79ehmDdjuVvxwgH78rMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQB7VZwdrV8ZP2wNf3OE0N7H qwAlenG6bmejx8kI2+wFE19QNsi7CHZryG3q+KJ88g4U9Ua7hJzpaRwXQJ7OZ8M1 ulKowShQD9865qtG+bTBzjNmFGaRUiqv9agFLer4w9NTYigvwPdk8fnQNetevC/i p/sFLggzfymdfhqX/W/DxYB+6wjfBUwhpU+ubPOFtVUokgvxeBvPVOSZZiurcleN uPW7TzYDdxSW2viFSWzMmRCoP/m/yMbGd+WHTlQc5m/s0I2x5gE2ZIW1cYUtpvky dGQgTd9OKn6i4zb4xHrZlKiEmwIqXcZMQa1BL8A+koAyKPRjNTLsVCVEzcoYGkXT -----END CERTIFICATE-----Generated at Mon Jul 21 23:21:41 2025 by rpki-client