$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa File: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (raw, json) Hash identifier: BlsjvxPb/t83MawE809HhA8HIKp0Oa0tuILzXP8uKnU= Subject key identifier: DC:55:2B:22:19:85:4D:EC:6F:F8:D7:17:34:91:6B:B1:62:FC:96:55 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 6CD8A2159A5D5EF38ECCE9EA6BD9D481BDA95EC0 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa Signing time: Wed 09 Jul 2025 00:00:06 +0000 ROA not before: Wed 09 Jul 2025 00:00:06 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:d8:a2:15:9a:5d:5e:f3:8e:cc:e9:ea:6b:d9:d4:81:bd:a9:5e:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jul 9 00:00:06 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=beda35ac8df8c14027d69f3f3ec748781fd1024832db04686c9fdc05f2b0ae7e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:db:d4:d3:91:6c:e4:2b:a3:68:e3:90:01:cf: 6c:e4:82:b4:55:f0:4a:6e:74:03:62:a1:eb:00:73: 3a:d2:56:f6:f4:c1:ec:f4:67:21:c4:73:d8:02:55: e7:4e:f2:1f:65:05:e5:36:84:b0:b2:07:5b:fe:1a: 98:f6:f6:b4:1a:dd:40:ca:d0:d9:0f:00:40:b1:e6: 0f:0a:e0:1b:8e:4a:7d:db:c9:f6:87:31:a9:62:6b: e4:b5:cb:59:bc:b7:63:b6:be:a1:e9:9a:a4:ad:21: a8:0e:f7:6b:1f:e2:0a:ba:5e:c8:dd:c1:0d:c7:81: 15:34:da:6e:82:c5:a7:06:38:45:8b:e5:57:0c:0d: 65:7f:27:e6:f9:2c:6f:75:31:b7:47:49:e6:e5:b0: bb:44:cb:0a:54:77:9b:ec:a0:d7:1b:2b:20:d8:5b: 79:22:8f:45:6c:9a:92:97:92:53:8f:69:53:a4:eb: 26:76:92:38:39:d3:9f:38:fb:ba:16:1f:1a:84:d2: 68:c3:b5:a3:52:11:7a:ac:7f:7e:a4:b6:74:06:3f: 5a:25:85:bc:3e:66:50:c7:9c:90:de:1e:74:73:61: 1a:58:7b:4f:30:ef:c5:fc:03:01:4b:a9:03:bd:6e: 33:cc:06:39:e7:96:e4:04:db:38:0b:b1:db:fd:89: 96:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:55:2B:22:19:85:4D:EC:6F:F8:D7:17:34:91:6B:B1:62:FC:96:55 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 12:9c:cb:2e:1e:88:78:80:fd:ce:b7:fd:ee:b0:9c:e5:f6:71: 91:2f:0e:4a:12:ef:ca:02:dc:bd:22:a5:29:14:be:c4:af:de: 83:51:ff:15:74:93:ad:52:5e:a7:48:52:62:64:5e:04:88:c8: 78:37:69:ba:aa:32:5c:95:29:8f:1d:ee:03:3d:1e:da:8d:27: a1:a8:89:fb:93:5b:6c:69:bd:b9:7b:1c:fe:66:26:b2:9f:e4: f8:02:46:e1:a6:e8:16:dd:f2:48:df:ab:e2:28:40:5d:bf:b7: b2:92:da:f2:49:05:a2:f1:4b:73:b5:92:87:cf:03:ca:75:03: 0d:d4:f3:db:42:6a:8b:ac:e9:39:e8:5f:dc:40:ca:7b:89:0d: 95:56:76:68:25:60:c9:71:eb:3c:51:e0:9c:9f:92:7b:e3:b1: bf:a6:50:79:40:6b:27:df:48:b5:3d:2b:c9:61:8c:6d:33:a3: 05:62:cc:d0:1b:35:83:11:9d:e2:a4:ce:34:ff:87:7c:d3:f6: 37:aa:f5:6a:77:b7:fc:1c:79:61:71:a6:39:f7:03:a8:b5:73: 95:00:6b:58:15:e5:f7:d3:53:42:1b:76:51:ee:12:79:e9:cb: e8:f7:14:85:85:2b:d4:7a:5f:82:a0:ff:39:a6:f5:91:39:18: da:a0:77:63 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUbNiiFZpdXvOOzOnqa9nUgb2pXsAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDcwOTAwMDAwNloX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAYmVkYTM1YWM4ZGY4YzE0MDI3ZDY5 ZjNmM2VjNzQ4NzgxZmQxMDI0ODMyZGIwNDY4NmM5ZmRjMDVmMmIwYWU3ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9vU05Fs5CujaOOQAc9s5IK0VfBK bnQDYqHrAHM60lb29MHs9GchxHPYAlXnTvIfZQXlNoSwsgdb/hqY9va0Gt1AytDZ DwBAseYPCuAbjkp928n2hzGpYmvktctZvLdjtr6h6ZqkrSGoDvdrH+IKul7I3cEN x4EVNNpugsWnBjhFi+VXDA1lfyfm+SxvdTG3R0nm5bC7RMsKVHeb7KDXGysg2Ft5 Io9FbJqSl5JTj2lTpOsmdpI4OdOfOPu6Fh8ahNJow7WjUhF6rH9+pLZ0Bj9aJYW8 PmZQx5yQ3h50c2EaWHtPMO/F/AMBS6kDvW4zzAY555bkBNs4C7Hb/YmWpwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNxVKyIZhU3sb/jXFzSRa7Fi/JZVMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1ZDZjYmFlLThiN2YtNDVhOS04ZDliLTQ1OGQxMGE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQASnMsuHoh4gP3Ot/3usJzl 9nGRLw5KEu/KAty9IqUpFL7Er96DUf8VdJOtUl6nSFJiZF4EiMh4N2m6qjJclSmP He4DPR7ajSehqIn7k1tsab25exz+Ziayn+T4AkbhpugW3fJI36viKEBdv7eyktry SQWi8UtztZKHzwPKdQMN1PPbQmqLrOk56F/cQMp7iQ2VVnZoJWDJces8UeCcn5J7 47G/plB5QGsn30i1PSvJYYxtM6MFYszQGzWDEZ3ipM40/4d80/Y3qvVqd7f8HHlh caY59wOotXOVAGtYFeX301NCG3ZR7hJ56cvo9xSFhSvUel+CoP85pvWRORjaoHdj -----END CERTIFICATE-----Generated at Mon Jul 21 07:26:34 2025 by rpki-client