$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa File: 72c1271b-5ed8-4478-ba43-6741904af7c8.roa (raw, json) Hash identifier: AXWoUYHVvLx2Bnyci8VclSTNk1CQRs5avvdmj7TI84U= Subject key identifier: 3B:CB:F9:99:AD:01:51:6D:46:2F:66:88:12:8D:95:92:0A:A5:E0:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 4E484491A387D3E1C1D14CEF659D42BD2922B3E8 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa Signing time: Wed 09 Jul 2025 00:00:11 +0000 ROA not before: Wed 09 Jul 2025 00:00:11 +0000 ROA not after: Wed 13 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:48:44:91:a3:87:d3:e1:c1:d1:4c:ef:65:9d:42:bd:29:22:b3:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jul 9 00:00:11 2025 GMT Not After : Aug 13 23:59:59 2025 GMT Subject: serialNumber=38c10d577dcc184e5c51d5c00bc8159908d48d298b377f8181dd8be65b1abb75, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:33:06:ef:ee:f2:79:4f:22:ff:a6:a1:6b:eb: e1:bd:a8:68:3d:17:ff:ef:fd:67:6a:a5:e9:2a:af: 58:ad:db:33:f7:6c:38:73:80:ee:54:78:8d:84:6d: 25:88:57:a9:1c:9d:cf:2e:a0:e9:de:21:2c:8c:76: 31:e4:eb:16:16:a6:d3:ed:cb:89:05:f9:35:cd:12: 9a:f8:35:4a:7b:7c:32:2f:68:84:e5:94:2f:94:42: b6:24:ee:8c:56:90:38:58:fb:d2:0d:52:3f:4f:41: 7e:8b:83:77:91:1e:38:18:9d:0e:bd:f1:6e:14:e1: e1:ce:57:bb:95:f3:93:3c:41:42:74:50:8d:5f:35: 08:d3:93:37:5d:51:11:ad:56:27:a5:a1:1d:f2:82: 71:c3:d0:b2:03:0b:c6:32:f0:d0:b7:83:b5:a7:ab: f8:e8:7f:f9:f9:48:e7:85:3e:ff:e6:a3:b5:a5:50: c4:b3:45:6e:4e:ca:d3:e0:f9:28:da:a3:99:d5:47: 94:3a:30:db:ca:f6:7f:d4:2f:e9:23:22:ab:c1:7a: 43:36:d5:f8:7d:da:fa:5e:c3:1c:02:35:b6:58:b7: 9a:a7:36:42:27:57:d2:21:b9:af:e9:2b:1b:3f:43: 79:c9:12:91:a4:1d:e2:d1:63:08:1f:34:1d:62:b3: 85:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:CB:F9:99:AD:01:51:6D:46:2F:66:88:12:8D:95:92:0A:A5:E0:A3 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72c1271b-5ed8-4478-ba43-6741904af7c8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.0.0/17 Signature Algorithm: sha256WithRSAEncryption 52:c4:cb:b7:a8:17:11:2e:c8:72:8b:36:a2:1d:e1:09:e5:7e: db:0b:36:70:85:43:a9:be:af:5b:76:aa:c1:e6:76:a2:4d:b6: e1:b2:33:11:f0:39:c0:73:7d:db:c1:e4:d8:e1:8d:3a:01:a4: ff:be:e5:8a:2f:48:7b:ce:0f:af:b0:cc:83:1d:18:31:d8:9b: 3c:3c:b7:c0:cc:ed:00:e7:01:6c:af:91:21:5a:16:80:2f:90: 99:19:40:89:32:b0:ea:77:e5:03:91:e8:c6:42:40:6c:67:93: 6f:ab:19:89:45:5a:29:aa:c1:ed:f6:5d:54:9e:65:b0:10:a5: c0:6b:4b:8f:6c:e3:d8:fc:93:38:11:4e:84:b6:7f:47:87:01: 3c:fe:ac:a5:87:90:8c:81:f6:3b:f0:a3:73:63:e2:a8:be:6b: 04:e0:39:1c:4d:c7:43:f0:17:67:97:cd:d3:c2:6b:ad:e3:e4: f2:7a:dc:e3:af:4d:73:07:6d:0d:00:99:c9:46:94:f7:a7:c3: 57:12:f7:7a:0f:af:15:7e:ae:04:23:37:d6:3d:f7:2a:e8:c5: d3:3a:65:83:1d:26:7b:c4:2c:23:df:01:1e:30:2a:59:a3:7a: c3:73:ae:6e:3c:fe:ae:3b:cf:73:41:04:86:28:d1:27:27:fe: 31:eb:50:58 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTkhEkaOH0+HB0UzvZZ1CvSkis+gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDcwOTAwMDAxMVoX DTI1MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAMzhjMTBkNTc3ZGNjMTg0ZTVjNTFk NWMwMGJjODE1OTkwOGQ0OGQyOThiMzc3ZjgxODFkZDhiZTY1YjFhYmI3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTMG7+7yeU8i/6aha+vhvahoPRf/ 7/1naqXpKq9Yrdsz92w4c4DuVHiNhG0liFepHJ3PLqDp3iEsjHYx5OsWFqbT7cuJ Bfk1zRKa+DVKe3wyL2iE5ZQvlEK2JO6MVpA4WPvSDVI/T0F+i4N3kR44GJ0OvfFu FOHhzle7lfOTPEFCdFCNXzUI05M3XVERrVYnpaEd8oJxw9CyAwvGMvDQt4O1p6v4 6H/5+UjnhT7/5qO1pVDEs0VuTsrT4Pko2qOZ1UeUOjDbyvZ/1C/pIyKrwXpDNtX4 fdr6XsMcAjW2WLeapzZCJ1fSIbmv6SsbP0N5yRKRpB3i0WMIHzQdYrOFvQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDvL+ZmtAVFtRi9miBKNlZIKpeCjMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcyYzEyNzFiLTVlZDgtNDQ3OC1iYTQzLTY3NDE5MDRhZjdjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQHn/gAMA0GCSqGSIb3DQEBCwUAA4IBAQBSxMu3qBcRLshyizaiHeEJ 5X7bCzZwhUOpvq9bdqrB5naiTbbhsjMR8DnAc33bweTY4Y06AaT/vuWKL0h7zg+v sMyDHRgx2Js8PLfAzO0A5wFsr5EhWhaAL5CZGUCJMrDqd+UDkejGQkBsZ5NvqxmJ RVopqsHt9l1UnmWwEKXAa0uPbOPY/JM4EU6Etn9HhwE8/qylh5CMgfY78KNzY+Ko vmsE4DkcTcdD8Bdnl83Twmut4+Tyetzjr01zB20NAJnJRpT3p8NXEvd6D68Vfq4E IzfWPfcq6MXTOmWDHSZ7xCwj3wEeMCpZo3rDc65uPP6uO89zQQSGKNEnJ/4x61BY -----END CERTIFICATE-----Generated at Mon Jul 21 00:18:00 2025 by rpki-client