$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: zMIebD+MeZO4Kc2DNXaU0cE/hzBZcghrq+EIq7WNYu4= Subject key identifier: FB:F2:4F:B6:18:C6:93:E3:47:1F:5D:AA:3D:60:41:F6:D2:B6:87:60 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 79E496A49EC617500EBDD944260042A6AC09AE93 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Tue 16 Sep 2025 00:01:08 +0000 ROA not before: Tue 16 Sep 2025 00:01:08 +0000 ROA not after: Tue 21 Oct 2025 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 20:07:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:e4:96:a4:9e:c6:17:50:0e:bd:d9:44:26:00:42:a6:ac:09:ae:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Sep 16 00:01:08 2025 GMT Not After : Oct 21 23:59:59 2025 GMT Subject: serialNumber=b4d519a50433f28300eb5558337752cb26df0dbc2ef07d81f75260dc0dfb6820, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:fb:80:23:8a:ed:55:0a:b6:70:95:9c:51:ab: eb:5f:36:e0:4b:e3:cc:69:e7:70:3f:80:29:73:6c: 18:81:69:43:54:45:dd:38:6b:57:cb:86:f7:e8:a8: 7a:75:0c:61:74:30:25:45:dc:c5:e1:da:5f:3d:c6: 43:21:b4:70:93:78:f2:55:fe:cf:2b:cf:91:63:f3: 0e:43:86:27:ac:82:60:5b:0d:5b:91:a4:7b:38:e6: 60:23:d0:92:7e:f7:7f:66:50:40:0c:f2:da:59:af: 0d:1e:26:00:37:51:c0:1c:f0:b8:7e:46:4c:0c:7d: 49:39:f3:72:22:c7:d1:5f:9a:11:6e:93:78:dc:4a: a2:ae:c6:58:ea:7c:2f:0e:88:7c:08:61:a0:b0:91: 5f:c5:28:79:06:7b:c8:5c:57:a1:cd:e6:83:ec:20: e7:02:3c:98:f8:c5:2e:62:9f:6d:bd:53:62:46:ea: 1b:ad:3a:6d:13:d9:1a:42:9b:c6:0c:8a:2b:d0:42: 22:ad:81:6e:0e:58:ac:4f:d7:4c:2b:63:e0:40:6a: 8e:b4:24:d0:95:3d:e8:01:cf:1d:cc:23:7c:3f:1e: 2e:d5:67:57:c4:04:c4:68:eb:1c:49:11:08:9b:9e: bf:90:d2:37:74:9b:67:69:a5:aa:44:05:f1:91:02: 48:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:F2:4F:B6:18:C6:93:E3:47:1F:5D:AA:3D:60:41:F6:D2:B6:87:60 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:7a:1f:18:81:fb:84:3f:c8:62:e5:da:74:4b:38:99:c2:7f: 4e:91:86:2d:6a:94:3a:f7:8d:e4:db:c6:f5:3e:b3:70:bc:ae: 6e:cf:49:9f:c4:9e:6c:a9:a5:c7:e6:c5:da:27:40:54:89:86: 1e:dc:9e:62:5c:4b:e7:42:40:99:f6:ed:da:78:ae:e3:68:ec: 9c:80:2d:a6:0c:da:70:5f:22:33:0b:5d:de:0f:f0:fa:4d:74: fc:55:a0:1a:4e:db:fb:d0:d9:c6:48:44:de:74:c8:19:34:0f: 92:ee:aa:09:3c:e4:05:ca:3b:86:af:c2:0d:c3:69:9e:27:7e: 03:ba:69:e3:71:3f:e4:40:53:a6:bb:51:89:fb:e4:99:0a:bc: 7c:24:82:2c:67:a0:a7:57:69:49:41:5e:79:7f:20:e9:d8:69: 7b:d8:f3:92:a8:71:f5:fc:d4:20:32:06:68:63:82:02:fb:ca: 99:af:74:c5:10:dc:df:6e:ce:1f:e7:f6:49:45:f2:0d:21:e5: 90:ec:b1:c0:69:68:09:13:fc:37:4c:31:f9:50:0c:af:39:c5: 12:6d:d5:96:41:be:35:c6:0b:9b:a2:a0:57:e4:ea:60:9b:b4: 80:47:3a:82:26:45:ef:58:5f:02:76:84:44:65:86:b7:21:31: 9a:1f:f1:ae -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUeeSWpJ7GF1AOvdlEJgBCpqwJrpMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDkxNjAwMDEwOFoX DTI1MTAyMTIzNTk1OVowejFJMEcGA1UEBRNAYjRkNTE5YTUwNDMzZjI4MzAwZWI1 NTU4MzM3NzUyY2IyNmRmMGRiYzJlZjA3ZDgxZjc1MjYwZGMwZGZiNjgyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofuAI4rtVQq2cJWcUavrXzbgS+PM aedwP4Apc2wYgWlDVEXdOGtXy4b36Kh6dQxhdDAlRdzF4dpfPcZDIbRwk3jyVf7P K8+RY/MOQ4YnrIJgWw1bkaR7OOZgI9CSfvd/ZlBADPLaWa8NHiYAN1HAHPC4fkZM DH1JOfNyIsfRX5oRbpN43EqirsZY6nwvDoh8CGGgsJFfxSh5BnvIXFehzeaD7CDn AjyY+MUuYp9tvVNiRuobrTptE9kaQpvGDIor0EIirYFuDlisT9dMK2PgQGqOtCTQ lT3oAc8dzCN8Px4u1WdXxATEaOscSREIm56/kNI3dJtnaaWqRAXxkQJImQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPvyT7YYxpPjRx9dqj1gQfbStodgMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQBPeh8YgfuEP8hi5dp0SziZ wn9OkYYtapQ6943k28b1PrNwvK5uz0mfxJ5sqaXH5sXaJ0BUiYYe3J5iXEvnQkCZ 9u3aeK7jaOycgC2mDNpwXyIzC13eD/D6TXT8VaAaTtv70NnGSETedMgZNA+S7qoJ POQFyjuGr8INw2meJ34DumnjcT/kQFOmu1GJ++SZCrx8JIIsZ6CnV2lJQV55fyDp 2Gl72POSqHH1/NQgMgZoY4IC+8qZr3TFENzfbs4f5/ZJRfINIeWQ7LHAaWgJE/w3 TDH5UAyvOcUSbdWWQb41xguboqBX5Opgm7SARzqCJkXvWF8CdoREZYa3ITGaH/Gu -----END CERTIFICATE-----Generated at Thu Sep 18 02:49:07 2025 by rpki-client