$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa File: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (raw, json) Hash identifier: ZbfxNTz2vZOd+qwb/sTdNRG2THM9RZh8THAc2h4P8Ns= Subject key identifier: 95:53:DD:09:58:78:0A:02:49:17:09:FF:F1:CD:8E:37:34:0F:1D:00 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5D64AE0DBA61995577464BBC6131F17AF636853E Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa Signing time: Fri 29 Aug 2025 00:00:15 +0000 ROA not before: Fri 29 Aug 2025 00:00:15 +0000 ROA not after: Fri 03 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:64:ae:0d:ba:61:99:55:77:46:4b:bc:61:31:f1:7a:f6:36:85:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Aug 29 00:00:15 2025 GMT Not After : Oct 3 23:59:59 2025 GMT Subject: serialNumber=ed0a0005a1c001ad45fee55500cae36c8bcbf568c67aac3a501031694573bd8e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:63:76:5a:e4:86:b9:33:42:e0:ab:9d:a3:10: 5e:7f:d7:56:e1:dc:be:e1:17:96:6b:26:c6:f6:66: 42:61:9d:6c:78:e6:94:7e:83:8c:a5:6a:99:9a:e8: e8:a9:8a:d7:61:51:fb:9a:f0:97:d5:86:5b:40:e4: 8e:81:cb:e1:aa:4b:51:a8:f5:c1:f5:ed:cc:c6:28: f8:f6:78:d9:54:41:47:3b:2b:79:aa:2d:75:ab:f4: 9b:87:a2:1b:55:df:c7:93:d2:64:4d:de:7c:68:a1: b8:0c:4a:40:71:00:10:fb:8f:3b:9e:c2:28:81:01: 2a:82:33:84:31:d7:ca:19:75:c8:9a:f8:cd:52:4b: d3:72:85:16:5c:36:b8:d1:8f:08:74:cb:7e:0e:13: 42:ea:5d:56:a7:23:d8:43:a4:1f:30:3f:73:ec:cf: 92:8c:ee:ca:5a:98:7e:58:b7:cd:26:29:33:3d:aa: d9:7c:e5:3c:11:c1:de:27:3d:07:e0:a4:8e:bc:c7: b6:98:0a:d6:62:49:e1:b6:c6:b9:49:7a:5b:00:82: 35:00:9a:cb:d8:4a:57:81:f9:7e:b5:54:b8:70:71: 2e:03:a7:fd:a8:a0:5a:93:a3:68:11:c2:05:95:60: 00:63:b0:9d:64:9c:88:dd:15:49:48:e9:85:c0:a6: b6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:53:DD:09:58:78:0A:02:49:17:09:FF:F1:CD:8E:37:34:0F:1D:00 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 56:06:88:50:b1:2a:a0:84:ae:d0:73:fb:73:39:b9:ab:e5:11: 21:c9:8f:1c:28:3b:82:1b:95:6f:0c:1c:9a:a8:0e:c4:70:6f: eb:3f:bc:a8:6b:2f:92:30:4e:5f:06:81:c5:b0:c2:9d:32:db: 78:cf:e2:7b:b1:9e:be:01:c9:4b:d8:53:ee:27:ce:65:cf:a0: f5:40:e3:b4:82:d5:f3:a7:61:8f:f7:5f:8b:bd:ba:59:fd:bf: 3c:42:dc:64:49:be:36:a0:ec:91:e8:8a:0a:0b:42:92:64:31: 3d:27:81:87:41:4d:c7:28:f6:35:e4:35:a9:7f:43:e0:5b:aa: 9c:f5:44:2a:0f:61:c1:34:14:fd:5b:27:85:fc:e1:03:ac:ab: 4c:36:84:2b:d8:64:71:3e:78:e6:3d:40:e8:10:7e:67:34:31: 09:df:f7:fe:de:74:0a:e7:ea:ec:ab:18:ef:79:12:f7:d0:20: 92:db:62:e0:97:1f:89:06:a1:74:7f:a2:c3:86:68:a3:33:39: f2:73:95:25:1b:f4:0c:fb:0a:f9:ed:1a:ca:e3:ba:29:ef:c8: 6c:43:57:35:36:4c:6c:dc:6c:5f:bc:6e:5b:c5:ae:7e:d6:20: 9b:59:ba:9f:f6:b6:2e:29:aa:e5:ba:a1:db:ec:ee:7a:95:d9: b3:cd:a9:b8 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXWSuDbphmVV3Rku8YTHxevY2hT4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDgyOTAwMDAxNVoX DTI1MTAwMzIzNTk1OVowejFJMEcGA1UEBRNAZWQwYTAwMDVhMWMwMDFhZDQ1ZmVl NTU1MDBjYWUzNmM4YmNiZjU2OGM2N2FhYzNhNTAxMDMxNjk0NTczYmQ4ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWN2WuSGuTNC4KudoxBef9dW4dy+ 4ReWaybG9mZCYZ1seOaUfoOMpWqZmujoqYrXYVH7mvCX1YZbQOSOgcvhqktRqPXB 9e3Mxij49njZVEFHOyt5qi11q/Sbh6IbVd/Hk9JkTd58aKG4DEpAcQAQ+487nsIo gQEqgjOEMdfKGXXImvjNUkvTcoUWXDa40Y8IdMt+DhNC6l1WpyPYQ6QfMD9z7M+S jO7KWph+WLfNJikzParZfOU8EcHeJz0H4KSOvMe2mArWYknhtsa5SXpbAII1AJrL 2EpXgfl+tVS4cHEuA6f9qKBak6NoEcIFlWAAY7CdZJyI3RVJSOmFwKa2bwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJVT3QlYeAoCSRcJ//HNjjc0Dx0AMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1ZDZjYmFlLThiN2YtNDVhOS04ZDliLTQ1OGQxMGE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQBWBohQsSqghK7Qc/tzObmr 5REhyY8cKDuCG5VvDByaqA7EcG/rP7yoay+SME5fBoHFsMKdMtt4z+J7sZ6+AclL 2FPuJ85lz6D1QOO0gtXzp2GP91+LvbpZ/b88QtxkSb42oOyR6IoKC0KSZDE9J4GH QU3HKPY15DWpf0PgW6qc9UQqD2HBNBT9WyeF/OEDrKtMNoQr2GRxPnjmPUDoEH5n NDEJ3/f+3nQK5+rsqxjveRL30CCS22Lglx+JBqF0f6LDhmijMznyc5UlG/QM+wr5 7RrK47op78hsQ1c1Nkxs3GxfvG5bxa5+1iCbWbqf9rYuKarluqHb7O56ldmzzam4 -----END CERTIFICATE-----Generated at Sat Sep 6 19:47:54 2025 by rpki-client