$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa File: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (raw, json) Hash identifier: +14gGOWicFnFCeHVH8Ak7CK1a9GvGCsscKdiLdX2TPg= Subject key identifier: F9:30:6D:ED:8F:56:CC:D4:86:50:92:8D:7E:33:DB:91:42:3F:0C:F1 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 2759A043AE6BAB22D96739CDAF2B30ABC55915A4 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa Signing time: Fri 29 Aug 2025 00:00:18 +0000 ROA not before: Fri 29 Aug 2025 00:00:18 +0000 ROA not after: Fri 03 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:59:a0:43:ae:6b:ab:22:d9:67:39:cd:af:2b:30:ab:c5:59:15:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Aug 29 00:00:18 2025 GMT Not After : Oct 3 23:59:59 2025 GMT Subject: serialNumber=2e6defcd9efb290159c6894aaebfb30b80e7532d8a5b454f2b0ce0a7b857181d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:dd:13:09:99:0f:21:d9:1b:41:35:2c:f3:d4: ef:d2:9f:76:89:18:1e:87:85:12:8a:cc:f8:d2:04: e8:7a:62:1f:7b:d5:0f:5e:66:55:3a:fe:9c:77:33: 8a:06:13:07:7e:7b:d3:ae:03:2a:3e:08:08:e8:db: 42:0e:da:f4:aa:0b:b2:3d:b4:91:89:1a:8b:1d:2d: bb:c4:78:f7:c4:de:3c:db:a2:13:f3:6e:0a:5f:aa: 9f:5d:3e:3f:63:88:21:17:6e:88:e9:f7:8d:47:b2: a4:13:51:ae:37:f2:9f:e9:5d:f8:cb:11:3d:1d:4b: 53:3c:b5:c9:7f:df:0b:53:86:b2:9e:fb:e9:da:a3: a1:f2:39:97:7e:1e:cf:7a:49:12:f3:0a:6b:7f:03: 2a:8b:88:ac:26:d7:51:39:0d:5f:1c:ee:2c:83:f0: 2f:c6:2d:5d:83:cf:96:80:4f:58:b9:d1:c3:d1:45: f1:fa:1c:73:fd:2f:f5:e0:8d:de:8c:c3:2d:a4:21: b8:41:7e:bb:70:7d:97:43:e4:8b:8d:68:ff:04:f5: b6:c9:c9:c0:93:67:9e:f6:8e:4c:4e:ab:c6:51:8d: 35:f9:98:ab:0b:8d:59:f3:9e:ee:03:a9:f1:cd:ed: c4:d5:8f:f7:24:f4:37:5b:b3:27:e9:c9:b8:db:67: 39:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:30:6D:ED:8F:56:CC:D4:86:50:92:8D:7E:33:DB:91:42:3F:0C:F1 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 66:38:9a:47:44:b4:7f:fe:4e:23:13:e3:bd:35:b6:54:7b:49: 5f:dd:08:33:87:7c:7e:a2:3f:15:b1:10:e5:8a:93:12:f5:21: 87:cc:94:3a:dd:ef:17:fe:0b:d9:e2:4e:5a:33:9c:99:69:a0: 92:e0:5c:06:1f:06:28:69:6c:03:50:6b:b1:ed:fd:53:09:ca: 10:1b:8a:50:e0:bd:18:10:19:d6:46:2e:5b:c8:fb:52:33:fa: c2:81:ca:95:09:e3:13:ea:ba:8d:14:73:f9:14:88:e3:c4:a7: 89:38:7f:f7:a6:c1:92:35:a7:24:ea:03:dc:1a:30:78:5e:2f: 1b:2e:3f:e0:32:37:c5:b2:e6:cb:63:61:45:62:9a:36:74:c2: 00:2e:28:72:96:5c:51:bd:5b:36:85:63:07:6d:cf:d0:92:9c: 59:bd:f2:08:6b:bb:00:8c:f4:71:b7:48:6b:b9:ec:ac:79:5d: 23:55:3c:7b:94:6c:f0:b9:fe:43:4e:53:5f:cd:dd:59:5a:bd: e8:a6:f4:d6:e7:4f:b3:89:bb:55:6b:a9:13:ba:10:de:7a:c1: c0:1e:a9:12:16:dc:ca:af:b6:83:1a:ea:d7:f8:95:d6:72:1a: 10:7a:c6:54:ce:d2:d5:40:95:53:fd:df:ce:b9:0c:0e:eb:3c: 61:f6:51:40 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUJ1mgQ65rqyLZZznNryswq8VZFaQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDgyOTAwMDAxOFoX DTI1MTAwMzIzNTk1OVowejFJMEcGA1UEBRNAMmU2ZGVmY2Q5ZWZiMjkwMTU5YzY4 OTRhYWViZmIzMGI4MGU3NTMyZDhhNWI0NTRmMmIwY2UwYTdiODU3MTgxZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6t0TCZkPIdkbQTUs89Tv0p92iRge h4USisz40gToemIfe9UPXmZVOv6cdzOKBhMHfnvTrgMqPggI6NtCDtr0qguyPbSR iRqLHS27xHj3xN4826IT824KX6qfXT4/Y4ghF26I6feNR7KkE1GuN/Kf6V34yxE9 HUtTPLXJf98LU4aynvvp2qOh8jmXfh7PekkS8wprfwMqi4isJtdROQ1fHO4sg/Av xi1dg8+WgE9YudHD0UXx+hxz/S/14I3ejMMtpCG4QX67cH2XQ+SLjWj/BPW2ycnA k2ee9o5MTqvGUY01+ZirC41Z857uA6nxze3E1Y/3JPQ3W7Mn6cm422c54wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPkwbe2PVszUhlCSjX4z25FCPwzxMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjYjNlOWY5LTQ2YTItNDFlYi1hNGI3LTc1YjUzZDc5MWYzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQBmOJpHRLR//k4jE+O9NbZU e0lf3Qgzh3x+oj8VsRDlipMS9SGHzJQ63e8X/gvZ4k5aM5yZaaCS4FwGHwYoaWwD UGux7f1TCcoQG4pQ4L0YEBnWRi5byPtSM/rCgcqVCeMT6rqNFHP5FIjjxKeJOH/3 psGSNack6gPcGjB4Xi8bLj/gMjfFsubLY2FFYpo2dMIALihyllxRvVs2hWMHbc/Q kpxZvfIIa7sAjPRxt0hrueyseV0jVTx7lGzwuf5DTlNfzd1ZWr3opvTW50+zibtV a6kTuhDeesHAHqkSFtzKr7aDGurX+JXWchoQesZUztLVQJVT/d/OuQwO6zxh9lFA -----END CERTIFICATE-----Generated at Sat Sep 6 19:47:56 2025 by rpki-client