$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa File: b3ba338e-4843-454b-abe5-65f09756225a.roa (raw, json) Hash identifier: uAf7GBDd6n9tKYG1xwby33iivcnyWrXUqe+zQESb2ok= Subject key identifier: 29:A7:D3:40:E1:FC:68:D4:8D:A2:DE:C6:C5:E4:EA:72:CE:F3:26:7D Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 66360882B54620C5A456AB4AD9DABDE247F331A2 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa Signing time: Tue 08 Jul 2025 00:00:08 +0000 ROA not before: Tue 08 Jul 2025 00:00:08 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:36:08:82:b5:46:20:c5:a4:56:ab:4a:d9:da:bd:e2:47:f3:31:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jul 8 00:00:08 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=629ae23e434b7632545bb245c77e754ef2ed6c83887350d83337a6a5b74eef71, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f3:72:f9:8e:ae:37:be:23:fa:fc:29:40:54: 9b:e5:13:0b:40:15:54:c9:bd:bf:04:cb:5a:3e:4c: 66:85:60:4f:fd:5a:99:39:88:47:09:e6:94:e2:f7: 58:e0:58:55:0a:42:1f:5a:2a:8f:33:68:bf:b4:87: 9c:ce:ae:48:d5:e5:81:41:3a:47:0c:47:c3:9f:e9: ef:1c:18:1b:d2:eb:8d:71:9a:48:2e:08:41:df:22: aa:2d:23:95:68:1d:6c:72:de:7d:05:1d:28:96:0e: 9d:c1:7e:79:53:a3:48:2e:64:07:bd:8a:e7:1f:f0: 6b:75:37:66:1a:d4:05:e8:b0:6a:d8:44:75:06:d9: a6:24:56:2e:92:c1:48:b6:56:57:d2:f3:21:bf:85: 90:ac:cf:57:09:81:ef:0c:15:a0:e2:0f:36:22:ab: 06:63:86:68:43:5e:ce:2e:72:7c:fa:19:fc:3b:15: fe:cd:cc:16:f2:51:ca:0e:bb:8a:23:46:40:f4:3a: 28:35:02:df:85:66:f2:92:1c:db:f3:31:b9:73:e6: 9c:b3:6b:08:cc:1c:83:ec:4a:c1:ba:19:50:fd:b0: e1:af:1f:0b:c7:2b:f8:49:0d:a1:f7:39:88:31:48: d5:90:ca:9d:98:6a:37:b9:bb:d2:a8:13:af:46:84: 72:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A7:D3:40:E1:FC:68:D4:8D:A2:DE:C6:C5:E4:EA:72:CE:F3:26:7D X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.192.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:c4:d1:b4:5e:3d:3c:f8:ae:db:2a:cd:9d:ca:aa:78:6c:4d: 44:3c:c7:60:34:de:d5:3a:9c:0b:a0:14:d2:8a:94:80:b9:45: c6:16:68:5c:28:50:d4:15:1a:a6:1c:2b:ac:83:ed:a9:79:11: d6:11:5c:51:ad:be:8c:80:72:6b:90:3f:35:ca:a9:54:96:9f: a4:45:8e:cd:a1:f9:fe:e1:e7:a8:22:b7:5f:e3:a5:01:80:da: 72:7d:30:a0:e1:da:5b:2b:51:a8:b8:a7:0a:ac:b1:79:84:31: 4a:f0:03:d8:80:d0:a9:da:ff:02:3d:e1:a8:2b:ac:2c:2d:20: ae:65:d7:81:90:7f:59:e1:ab:41:c0:d2:c6:be:b1:73:e8:92: 10:4b:ea:ca:94:db:15:d5:eb:71:30:8d:16:6e:d6:ba:bc:53: bd:42:38:e8:7a:46:6f:ef:76:47:5b:43:fe:73:86:f7:d8:d7: f9:78:06:f4:4d:24:49:41:1e:88:31:ac:73:25:88:b9:f8:68: 14:e8:5d:bd:7f:a0:c4:d2:f4:fd:ab:96:6f:80:6c:cf:27:17: 23:88:36:ca:66:81:be:e5:43:f5:82:04:eb:d6:46:30:5a:39: 80:f1:3b:c1:f1:c8:9a:cc:b3:6e:8f:3a:ed:69:ed:f3:86:f1: 21:c5:e1:94 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZjYIgrVGIMWkVqtK2dq94kfzMaIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDcwODAwMDAwOFoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNANjI5YWUyM2U0MzRiNzYzMjU0NWJi MjQ1Yzc3ZTc1NGVmMmVkNmM4Mzg4NzM1MGQ4MzMzN2E2YTViNzRlZWY3MTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfNy+Y6uN74j+vwpQFSb5RMLQBVU yb2/BMtaPkxmhWBP/VqZOYhHCeaU4vdY4FhVCkIfWiqPM2i/tIeczq5I1eWBQTpH DEfDn+nvHBgb0uuNcZpILghB3yKqLSOVaB1sct59BR0olg6dwX55U6NILmQHvYrn H/BrdTdmGtQF6LBq2ER1BtmmJFYuksFItlZX0vMhv4WQrM9XCYHvDBWg4g82IqsG Y4ZoQ17OLnJ8+hn8OxX+zcwW8lHKDruKI0ZA9DooNQLfhWbykhzb8zG5c+acs2sI zByD7ErBuhlQ/bDhrx8Lxyv4SQ2h9zmIMUjVkMqdmGo3ubvSqBOvRoRyKwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCmn00Dh/GjUjaLexsXk6nLO8yZ9MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2IzYmEzMzhlLTQ4NDMtNDU0Yi1hYmU1LTY1ZjA5NzU2MjI1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynAMA0GCSqGSIb3DQEBCwUAA4IBAQA6xNG0Xj08+K7bKs2dyqp4 bE1EPMdgNN7VOpwLoBTSipSAuUXGFmhcKFDUFRqmHCusg+2peRHWEVxRrb6MgHJr kD81yqlUlp+kRY7Nofn+4eeoIrdf46UBgNpyfTCg4dpbK1GouKcKrLF5hDFK8APY gNCp2v8CPeGoK6wsLSCuZdeBkH9Z4atBwNLGvrFz6JIQS+rKlNsV1etxMI0Wbta6 vFO9QjjoekZv73ZHW0P+c4b32Nf5eAb0TSRJQR6IMaxzJYi5+GgU6F29f6DE0vT9 q5ZvgGzPJxcjiDbKZoG+5UP1ggTr1kYwWjmA8TvB8ciazLNujzrtae3zhvEhxeGU -----END CERTIFICATE-----Generated at Tue Jul 22 11:50:03 2025 by rpki-client