$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa File: 40956690-3661-49f2-8ebc-2fa5a47a98ad.roa (raw, json) Hash identifier: yNwrc4eIBFh8rwHwD3UT2rO93b0uYz7SKUmA2QpIRAM= Subject key identifier: EE:EA:7D:53:37:89:D2:59:9A:24:BA:98:BB:09:DF:D3:A9:99:15:9B Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 6FC1505498F09729C3502EA4483421EE5BF6C33A Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa Signing time: Fri 29 Aug 2025 00:00:13 +0000 ROA not before: Fri 29 Aug 2025 00:00:13 +0000 ROA not after: Fri 03 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:c1:50:54:98:f0:97:29:c3:50:2e:a4:48:34:21:ee:5b:f6:c3:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Aug 29 00:00:13 2025 GMT Not After : Oct 3 23:59:59 2025 GMT Subject: serialNumber=a5b8ff1d8de2988875f78ee9a8b04dfb9cec4f0c46751b07a2b6eb78dd18d523, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:be:dc:73:d4:36:35:dd:15:f5:0e:97:bc:6b: c6:17:87:34:3f:4e:74:fb:e0:61:b1:54:95:37:5e: 53:42:35:8d:6e:05:8a:ba:0e:50:b9:42:8b:dc:8b: 72:8c:ea:dc:4b:17:3e:e8:b1:82:d9:47:7d:61:05: 82:68:6a:56:12:7f:16:a8:e1:f7:8a:7b:5c:44:03: e0:11:d4:6d:e8:fc:7e:96:3b:e2:02:4f:85:6e:cc: 9c:25:e8:79:d3:f3:42:ac:1b:2c:0c:f7:72:54:c8: d9:f6:8f:d4:c8:f0:bf:45:f5:2c:19:86:69:b9:43: 77:f8:36:ce:dd:27:5b:5c:db:d3:c9:cd:55:2f:4a: 4e:e5:c6:48:53:c9:36:d4:c6:59:cd:7c:a6:41:3d: 00:7a:09:03:08:f3:ca:9f:7d:61:ac:70:e1:8d:ef: af:30:ad:a7:b0:33:da:ba:f4:26:06:42:d9:ac:87: ec:d8:d0:eb:39:6b:40:76:3a:1c:13:ca:5b:55:3d: 22:79:f5:fc:36:5e:0d:28:e4:50:b3:ad:70:e4:a3: ef:95:0f:d2:b1:49:d7:bd:35:2d:b5:2c:b1:fb:21: 7b:68:7b:03:00:3c:cd:da:cf:af:19:d4:09:f2:32: e4:63:68:0e:31:3f:f5:8c:64:fd:c5:ff:12:d9:af: 55:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:EA:7D:53:37:89:D2:59:9A:24:BA:98:BB:09:DF:D3:A9:99:15:9B X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/40956690-3661-49f2-8ebc-2fa5a47a98ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.240.0/21 Signature Algorithm: sha256WithRSAEncryption 87:ee:97:c4:83:f4:3d:99:a3:89:0a:fe:60:76:5e:0a:65:e2: ff:a3:86:78:82:3e:2c:00:47:ac:dd:73:83:b4:30:74:af:0b: 4b:6d:b9:36:aa:79:81:01:c8:1a:7f:d2:92:4c:c2:76:10:e4: 75:8a:9f:e0:f0:70:56:5c:55:cd:93:00:3c:de:58:f7:9b:34: 00:c0:94:85:5b:c5:17:db:06:b2:de:6b:18:eb:c7:80:d0:7e: db:a4:28:4e:05:22:c7:3a:77:b0:e0:ea:7a:df:ba:0a:1c:d9: 26:b5:e0:fe:87:4b:08:fb:d6:6c:69:2e:28:90:a9:49:44:4a: ff:63:9b:29:de:f0:23:6b:3e:54:ed:43:8f:dc:d4:2b:85:43: 89:76:68:7a:16:6c:79:04:ff:0a:b5:d6:f4:10:b0:c3:32:d6: 29:64:ea:d1:1d:f8:ea:2a:ef:7a:05:f2:2b:ea:b2:70:a0:d2: bc:e9:11:6c:1c:b2:de:5f:52:39:a3:6b:b4:14:0e:0a:87:af: 6b:d9:aa:6c:13:1c:53:44:8c:fd:34:3d:73:4f:4a:21:34:a3: 35:e5:58:d9:b6:01:7b:90:4d:67:3f:e4:a9:4a:7c:9c:2b:54: a2:3c:2a:a9:d7:94:8e:00:87:32:5f:12:04:8f:15:27:c2:48: c2:d7:d5:35 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUb8FQVJjwlynDUC6kSDQh7lv2wzowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDgyOTAwMDAxM1oX DTI1MTAwMzIzNTk1OVowejFJMEcGA1UEBRNAYTViOGZmMWQ4ZGUyOTg4ODc1Zjc4 ZWU5YThiMDRkZmI5Y2VjNGYwYzQ2NzUxYjA3YTJiNmViNzhkZDE4ZDUyMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r7cc9Q2Nd0V9Q6XvGvGF4c0P050 ++BhsVSVN15TQjWNbgWKug5QuUKL3ItyjOrcSxc+6LGC2Ud9YQWCaGpWEn8WqOH3 intcRAPgEdRt6Px+ljviAk+FbsycJeh50/NCrBssDPdyVMjZ9o/UyPC/RfUsGYZp uUN3+DbO3SdbXNvTyc1VL0pO5cZIU8k21MZZzXymQT0AegkDCPPKn31hrHDhje+v MK2nsDPauvQmBkLZrIfs2NDrOWtAdjocE8pbVT0iefX8Nl4NKORQs61w5KPvlQ/S sUnXvTUttSyx+yF7aHsDADzN2s+vGdQJ8jLkY2gOMT/1jGT9xf8S2a9VRQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFO7qfVM3idJZmiS6mLsJ39OpmRWbMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwOTU2NjkwLTM2NjEtNDlmMi04ZWJjLTJmYTVhNDdhOThhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jwMA0GCSqGSIb3DQEBCwUAA4IBAQCH7pfEg/Q9maOJCv5gdl4K ZeL/o4Z4gj4sAEes3XODtDB0rwtLbbk2qnmBAcgaf9KSTMJ2EOR1ip/g8HBWXFXN kwA83lj3mzQAwJSFW8UX2way3msY68eA0H7bpChOBSLHOnew4Op637oKHNkmteD+ h0sI+9ZsaS4okKlJREr/Y5sp3vAjaz5U7UOP3NQrhUOJdmh6Fmx5BP8Ktdb0ELDD MtYpZOrRHfjqKu96BfIr6rJwoNK86RFsHLLeX1I5o2u0FA4Kh69r2apsExxTRIz9 ND1zT0ohNKM15VjZtgF7kE1nP+SpSnycK1SiPCqp15SOAIcyXxIEjxUnwkjC19U1 -----END CERTIFICATE-----Generated at Sat Sep 6 19:36:06 2025 by rpki-client