$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa File: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (raw, json) Hash identifier: P+dHZaz3HNo0FYIm4bjXRm3bRCPTbhaaiP61XhwUTfY= Subject key identifier: 7C:C3:C2:4E:EB:61:FC:56:A4:22:E5:AA:7F:C8:63:7D:40:CC:49:02 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5EF567F3547203344083607223D571346DAF2864 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa Signing time: Wed 09 Jul 2025 00:00:05 +0000 ROA not before: Wed 09 Jul 2025 00:00:05 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:f5:67:f3:54:72:03:34:40:83:60:72:23:d5:71:34:6d:af:28:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jul 9 00:00:05 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=59dfb3feacd7730f520c991377504e736eada4326f3ddbe848c6559ab28f17f6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a9:d4:48:71:21:31:7b:d9:71:be:47:07:ec: e9:28:be:83:a3:9a:28:fd:51:59:3a:64:b7:b0:2a: c2:b3:36:20:1a:f8:1d:30:37:37:56:cc:0c:54:bc: 7e:2b:04:d7:85:1b:ef:b0:f9:f4:f8:23:f3:93:25: 7c:1c:22:f0:cf:80:ca:79:b6:a3:43:4f:8f:f1:6b: 11:36:94:18:37:6f:1a:06:b5:86:f8:10:00:8d:c4: e0:f6:4d:8b:49:94:8d:f2:76:85:08:e7:aa:cc:e8: f9:71:60:4f:a8:b4:79:1e:42:14:bf:26:b4:43:22: f0:92:9d:96:7e:87:a9:1a:24:97:ee:0d:34:df:cf: 0c:7e:9e:0e:6a:2f:98:06:43:20:62:7e:fb:27:57: 68:a2:69:45:f6:be:a9:f1:42:7c:ea:cc:64:50:40: 70:11:bd:c6:f7:51:59:88:48:c4:45:60:6c:8d:af: 42:26:40:3f:bf:67:2c:de:d3:12:06:88:8a:ea:8d: c2:57:db:9c:f7:e5:ff:a4:82:0e:13:eb:fc:e3:ba: b1:06:1f:c0:77:04:1b:f3:bf:02:02:77:dc:08:b3: d9:1a:f0:54:5c:57:f9:fb:7a:15:fd:27:70:96:b0: d8:f1:84:3f:1f:2f:31:c2:8b:fd:c8:0e:4a:d4:c7: 2a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:C3:C2:4E:EB:61:FC:56:A4:22:E5:AA:7F:C8:63:7D:40:CC:49:02 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.240.0/21 Signature Algorithm: sha256WithRSAEncryption 01:d3:e0:42:bb:0e:da:23:19:48:e3:13:64:bf:19:e0:d8:79: 28:63:bc:d3:cd:a7:27:19:5d:ab:c8:c1:14:c4:3b:48:dd:07: 78:ed:7c:0b:bc:1a:d1:2c:d3:22:bc:2e:47:ac:98:a4:c4:41: 15:8f:2f:ce:2a:c2:60:28:0e:e8:4b:4d:d9:a5:23:18:21:ce: 89:4d:1c:d3:94:f3:f8:54:65:5f:7a:4b:55:1b:1c:12:54:63: 47:5b:de:e7:b0:99:be:9a:32:8e:c1:2c:9f:ff:23:05:f7:7f: 45:db:6d:af:f5:99:e8:40:89:30:7b:3e:58:96:af:2d:95:16: ef:ed:06:09:f6:97:8c:35:8f:a9:f1:6b:d1:4a:1f:b2:a5:6c: 29:61:fe:98:24:bb:f6:1e:6a:4f:b4:c9:1f:2f:95:cc:da:5f: c3:11:5d:83:01:57:ce:7f:28:08:96:d9:ee:63:1c:36:96:2b: 39:c5:89:23:16:cc:8f:07:e0:57:94:6d:0b:57:5c:26:0e:36: 98:73:5e:65:41:a7:2f:35:42:f0:dd:51:1e:9a:46:2c:83:53: 4a:d1:ad:4d:17:be:c1:94:c9:f4:3e:9f:26:88:6b:5d:5b:23: 26:27:ea:47:f4:35:3b:fd:07:d6:81:34:7e:6a:4f:d5:0e:c5: 06:33:34:ad -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXvVn81RyAzRAg2ByI9VxNG2vKGQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDcwOTAwMDAwNVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANTlkZmIzZmVhY2Q3NzMwZjUyMGM5 OTEzNzc1MDRlNzM2ZWFkYTQzMjZmM2RkYmU4NDhjNjU1OWFiMjhmMTdmNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqnUSHEhMXvZcb5HB+zpKL6Do5oo /VFZOmS3sCrCszYgGvgdMDc3VswMVLx+KwTXhRvvsPn0+CPzkyV8HCLwz4DKebaj Q0+P8WsRNpQYN28aBrWG+BAAjcTg9k2LSZSN8naFCOeqzOj5cWBPqLR5HkIUvya0 QyLwkp2WfoepGiSX7g00388Mfp4Oai+YBkMgYn77J1doomlF9r6p8UJ86sxkUEBw Eb3G91FZiEjERWBsja9CJkA/v2cs3tMSBoiK6o3CV9uc9+X/pIIOE+v847qxBh/A dwQb878CAnfcCLPZGvBUXFf5+3oV/SdwlrDY8YQ/Hy8xwov9yA5K1McqCwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHzDwk7rYfxWpCLlqn/IY31AzEkCMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwOTU2NjkwLTM2NjEtNDlmMi04ZWJjLTJmYTVhNDdhOThhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jwMA0GCSqGSIb3DQEBCwUAA4IBAQAB0+BCuw7aIxlI4xNkvxng 2HkoY7zTzacnGV2ryMEUxDtI3Qd47XwLvBrRLNMivC5HrJikxEEVjy/OKsJgKA7o S03ZpSMYIc6JTRzTlPP4VGVfektVGxwSVGNHW97nsJm+mjKOwSyf/yMF939F222v 9ZnoQIkwez5Ylq8tlRbv7QYJ9peMNY+p8WvRSh+ypWwpYf6YJLv2HmpPtMkfL5XM 2l/DEV2DAVfOfygIltnuYxw2lis5xYkjFsyPB+BXlG0LV1wmDjaYc15lQacvNULw 3VEemkYsg1NK0a1NF77BlMn0Pp8miGtdWyMmJ+pH9DU7/QfWgTR+ak/VDsUGMzSt -----END CERTIFICATE-----Generated at Mon Jul 21 07:27:53 2025 by rpki-client