$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa File: 565f9740-389f-45ac-956e-b96e19889315.roa (raw, json) Hash identifier: HFMQ37XJ8bFLqSZwEBEzcUvjyBApEZEKBanlW0uu2GA= Subject key identifier: E6:A9:61:7E:7B:FC:F3:41:EF:66:88:49:03:92:D0:6F:89:DD:7C:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 678AD142DCB9E87B012CBF4356882B228F38FE08 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa Signing time: Wed 09 Jul 2025 00:00:10 +0000 ROA not before: Wed 09 Jul 2025 00:00:10 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:8a:d1:42:dc:b9:e8:7b:01:2c:bf:43:56:88:2b:22:8f:38:fe:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jul 9 00:00:10 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=14e5040764ba5e5483c78211e0dc879d0808e50d9a765b0de54582cfd0835b70, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f5:bc:f4:99:6a:e6:6b:dc:98:03:dc:8b:a0: 77:39:9b:d1:f6:b7:d2:93:c4:1a:1e:32:d8:d5:98: 35:d5:02:53:a3:60:27:ef:b8:b8:e8:aa:ce:3f:11: 79:52:fe:a8:61:bd:da:24:36:69:90:af:5d:1a:d3: de:11:a9:fb:bb:41:5c:01:e5:86:dd:72:de:19:f8: b4:c2:70:c1:7e:5f:b9:9d:7a:18:d7:64:d3:af:5a: 4a:44:bf:7b:85:27:91:7c:fc:db:81:22:87:82:46: c7:a0:d3:40:71:ee:76:13:c0:c7:af:72:36:a6:34: 76:4e:c0:97:b2:e1:a1:1d:f7:9e:dd:a1:f5:24:a3: 50:c9:95:0f:b0:e2:e6:9b:01:05:72:d0:68:c2:f9: a3:59:91:52:fa:b1:99:b0:da:36:48:37:6e:68:b3: 66:a4:e9:13:52:90:07:87:4f:8c:b4:f9:ae:ae:cd: 19:83:63:9e:da:b5:77:6a:db:bd:ed:8e:aa:3d:3f: 4a:2e:86:6c:fa:68:d4:3b:44:98:ca:d5:25:a6:1e: df:66:05:a9:79:00:46:46:99:37:27:ae:08:0f:db: 62:8c:03:ce:c4:63:20:8c:7c:62:c5:2b:1c:e6:cd: e6:01:fb:c7:ca:31:c9:4a:03:21:af:87:fa:42:b5: 11:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:A9:61:7E:7B:FC:F3:41:EF:66:88:49:03:92:D0:6F:89:DD:7C:A7 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 00:55:b3:ab:71:c0:59:3d:1a:6f:7e:6d:5e:b7:d3:12:eb:a6: 0c:b7:41:12:33:2a:8d:9f:5f:a6:8a:81:d6:ee:c9:83:90:d3: 30:be:0a:d6:b4:11:42:7d:0b:42:f6:d4:42:0d:8a:f1:5b:b0: 93:71:6a:3e:e4:f0:43:f2:27:52:12:f9:35:c6:56:9f:a7:0e: a6:1a:39:e7:b7:60:13:8d:4c:bd:74:a0:c1:d2:d0:00:4c:a9: 18:91:00:e0:2c:03:07:0a:29:71:4a:5b:ad:1d:7f:97:ee:61: bb:b4:46:a7:21:e5:8d:4c:69:6a:79:89:e4:52:a9:65:87:60: 86:76:c3:3c:01:28:f9:96:05:19:96:c9:1b:a1:ab:2d:b7:ad: c1:1c:84:2b:d4:1b:0b:1b:79:b5:14:39:31:31:08:cd:27:4b: b3:4d:9d:db:18:ee:dc:5b:48:3d:20:55:70:c2:53:83:24:d8: 11:4e:14:a8:d1:e2:c3:04:9e:87:3f:26:c4:2d:5d:bf:31:e2: 79:13:fd:92:e8:b0:b7:d8:4b:a2:dd:24:4b:65:0b:01:ed:e7: 8c:33:5b:46:4c:11:c6:05:b6:03:b2:c1:4e:c7:d2:e5:38:19: 80:e1:a9:f5:ee:02:a1:14:7d:ca:ae:9f:de:24:cc:42:be:54: 5e:28:4e:5e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZ4rRQty56HsBLL9DVogrIo84/ggwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDcwOTAwMDAxMFoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAMTRlNTA0MDc2NGJhNWU1NDgzYzc4 MjExZTBkYzg3OWQwODA4ZTUwZDlhNzY1YjBkZTU0NTgyY2ZkMDgzNWI3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfW89Jlq5mvcmAPci6B3OZvR9rfS k8QaHjLY1Zg11QJTo2An77i46KrOPxF5Uv6oYb3aJDZpkK9dGtPeEan7u0FcAeWG 3XLeGfi0wnDBfl+5nXoY12TTr1pKRL97hSeRfPzbgSKHgkbHoNNAce52E8DHr3I2 pjR2TsCXsuGhHfee3aH1JKNQyZUPsOLmmwEFctBowvmjWZFS+rGZsNo2SDduaLNm pOkTUpAHh0+MtPmurs0Zg2Oe2rV3atu97Y6qPT9KLoZs+mjUO0SYytUlph7fZgWp eQBGRpk3J64ID9tijAPOxGMgjHxixSsc5s3mAfvHyjHJSgMhr4f6QrURrQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOapYX57/PNB72aISQOS0G+J3XynMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2NWY5NzQwLTM4OWYtNDVhYy05NTZlLWI5NmUxOTg4OTMxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jgMA0GCSqGSIb3DQEBCwUAA4IBAQAAVbOrccBZPRpvfm1et9MS 66YMt0ESMyqNn1+mioHW7smDkNMwvgrWtBFCfQtC9tRCDYrxW7CTcWo+5PBD8idS Evk1xlafpw6mGjnnt2ATjUy9dKDB0tAATKkYkQDgLAMHCilxSlutHX+X7mG7tEan IeWNTGlqeYnkUqllh2CGdsM8ASj5lgUZlskboastt63BHIQr1BsLG3m1FDkxMQjN J0uzTZ3bGO7cW0g9IFVwwlODJNgRThSo0eLDBJ6HPybELV2/MeJ5E/2S6LC32Eui 3SRLZQsB7eeMM1tGTBHGBbYDssFOx9LlOBmA4an17gKhFH3Krp/eJMxCvlReKE5e -----END CERTIFICATE-----Generated at Mon Jul 21 00:17:12 2025 by rpki-client