$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa File: 9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa (raw, json) Hash identifier: aXM0t9hwbF8ItRCX2bQLMhpTdm1cgiiPqQrW4Nvogaw= Subject key identifier: 9F:8C:83:F1:5D:17:0C:D1:AF:8B:33:96:D2:57:43:44:D7:EA:E9:F9 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 15624DD7105A4C11AAA4AB6852E2B28B4B8FB499 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa Signing time: Sat 06 Sep 2025 00:00:02 +0000 ROA not before: Sat 06 Sep 2025 00:00:02 +0000 ROA not after: Sat 11 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.132.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:62:4d:d7:10:5a:4c:11:aa:a4:ab:68:52:e2:b2:8b:4b:8f:b4:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Sep 6 00:00:02 2025 GMT Not After : Oct 11 23:59:59 2025 GMT Subject: serialNumber=2a1a01f8f59131009686218dbe76564c4d48cece97977c3af312b42fe81e8130, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:84:5b:c8:7c:29:75:57:03:dd:ec:60:5d:eb: 23:81:ae:6a:9b:5b:4b:35:91:60:40:3a:68:3d:21: 54:d9:ae:46:26:63:f0:f5:1b:32:04:c0:fe:51:86: 41:8c:8c:db:59:0a:17:8e:41:c7:95:8a:b0:91:56: 81:3d:0b:bf:e7:45:60:55:2b:99:b4:2a:20:d3:67: 92:cc:54:f4:6c:71:71:9f:f9:52:a2:6f:ee:81:42: 5e:4f:49:13:ca:ea:d6:bf:41:78:b3:cb:8e:ba:39: d8:e4:df:0a:69:67:47:ff:18:1d:5d:56:4d:2c:34: c0:71:d1:42:65:d6:28:8b:8b:0f:40:59:5d:98:7a: fb:a6:c5:98:db:bc:9b:e1:6a:94:6c:f7:8b:e5:a6: cf:a9:11:72:70:d5:07:7c:e3:3d:a3:59:ea:8f:7a: 60:e8:66:a6:4f:66:33:55:33:15:57:be:07:4e:37: be:5d:4b:dd:0c:38:28:19:83:83:e6:63:c3:1e:bf: 03:93:47:2e:95:ae:9a:86:fc:90:d6:13:0b:e8:68: e7:7b:fd:4c:c5:13:aa:2e:c9:be:6b:fd:ec:e2:9c: c9:29:89:99:b9:6f:83:30:f9:4f:3e:96:83:4a:20: d9:f6:9d:b9:31:a6:f2:91:aa:9a:f7:4f:be:5a:1b: 58:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:8C:83:F1:5D:17:0C:D1:AF:8B:33:96:D2:57:43:44:D7:EA:E9:F9 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d703748-f446-47a1-b0a7-5e3357f2e0d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.132.0/24 Signature Algorithm: sha256WithRSAEncryption 32:8e:ff:7e:2f:49:7b:30:8f:f4:9b:5d:24:e4:da:d5:40:8f: 3a:23:e8:75:ad:59:2d:56:f9:3e:6d:06:cd:ad:d6:fe:42:f9: f7:73:b5:3a:78:7b:31:c5:71:1f:5e:98:c1:d3:9f:c0:32:d9: 31:6c:b6:e6:06:ee:4b:c4:9d:2a:35:b4:8a:fe:1b:f1:ad:f5: b7:37:f2:6a:e1:1f:72:94:a6:7d:ce:6c:43:9c:0e:89:5a:c0: 03:eb:cc:be:2c:02:2a:a4:de:a5:11:11:56:c9:c7:0c:9e:56: b3:93:7d:72:89:29:a6:42:d6:86:88:95:0f:5e:24:e2:bb:be: 8a:30:7a:82:c4:95:19:44:dc:2b:8a:18:24:5e:04:9c:cf:fa: c0:e6:ec:6a:b6:90:a8:f8:f2:4c:bf:5a:9d:22:d5:05:68:51: 91:1e:77:0c:4f:1b:5a:77:47:95:f8:53:47:79:72:0d:e8:85: 58:2b:9b:8f:2c:4b:13:10:a0:78:af:62:24:9e:2a:1c:e8:5c: 9c:a5:bb:06:06:88:e1:4b:84:b4:40:6a:11:f8:90:e1:56:bc: 62:9f:84:98:88:36:df:76:26:12:cb:2b:e0:a7:bb:48:e3:f3: 79:64:a2:02:3a:df:ed:8a:79:6a:25:fa:51:20:7b:a4:48:d0: a9:33:88:2a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFWJN1xBaTBGqpKtoUuKyi0uPtJkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDkwNjAwMDAwMloX DTI1MTAxMTIzNTk1OVowejFJMEcGA1UEBRNAMmExYTAxZjhmNTkxMzEwMDk2ODYy MThkYmU3NjU2NGM0ZDQ4Y2VjZTk3OTc3YzNhZjMxMmI0MmZlODFlODEzMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoRbyHwpdVcD3exgXesjga5qm1tL NZFgQDpoPSFU2a5GJmPw9RsyBMD+UYZBjIzbWQoXjkHHlYqwkVaBPQu/50VgVSuZ tCog02eSzFT0bHFxn/lSom/ugUJeT0kTyurWv0F4s8uOujnY5N8KaWdH/xgdXVZN LDTAcdFCZdYoi4sPQFldmHr7psWY27yb4WqUbPeL5abPqRFycNUHfOM9o1nqj3pg 6GamT2YzVTMVV74HTje+XUvdDDgoGYOD5mPDHr8Dk0cula6ahvyQ1hML6Gjne/1M xROqLsm+a/3s4pzJKYmZuW+DMPlPPpaDSiDZ9p25Mabykaqa90++WhtYPwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJ+Mg/FdFwzRr4szltJXQ0TX6un5MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlkNzAzNzQ4LWY0NDYtNDdhMS1iMGE3LTVlMzM1N2YyZTBkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iEMA0GCSqGSIb3DQEBCwUAA4IBAQAyjv9+L0l7MI/0m10k5NrV QI86I+h1rVktVvk+bQbNrdb+Qvn3c7U6eHsxxXEfXpjB05/AMtkxbLbmBu5LxJ0q NbSK/hvxrfW3N/Jq4R9ylKZ9zmxDnA6JWsAD68y+LAIqpN6lERFWyccMnlazk31y iSmmQtaGiJUPXiTiu76KMHqCxJUZRNwrihgkXgScz/rA5uxqtpCo+PJMv1qdItUF aFGRHncMTxtad0eV+FNHeXIN6IVYK5uPLEsTEKB4r2Iknioc6FycpbsGBojhS4S0 QGoR+JDhVrxin4SYiDbfdiYSyyvgp7tI4/N5ZKICOt/tinlqJfpRIHukSNCpM4gq -----END CERTIFICATE-----Generated at Sat Sep 6 19:47:54 2025 by rpki-client