$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: OCkKEK3EZBhaX3B9SOMldlU6Xps/Y2Femd0/fjGT8BU= Subject key identifier: D3:54:B3:5C:4C:A9:BD:A9:38:5D:32:0D:42:28:20:0A:56:68:F6:75 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 07F3B664D97CC2B7B4CDCFFADA26D1185761D103 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Wed 03 Sep 2025 00:00:29 +0000 ROA not before: Wed 03 Sep 2025 00:00:29 +0000 ROA not after: Wed 08 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Sep 2025 00:03:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:f3:b6:64:d9:7c:c2:b7:b4:cd:cf:fa:da:26:d1:18:57:61:d1:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 3 00:00:29 2025 GMT Not After : Oct 8 23:59:59 2025 GMT Subject: serialNumber=51e15965430499abf586451ff194917170a7cc6041072b50e761ce9bc2a4e5a6, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:01:10:ea:45:9c:ca:ef:98:64:aa:a5:14:72: b2:20:ee:01:37:b1:0e:a4:fd:29:37:c4:c7:21:a8: 51:14:7a:b1:19:3b:87:e6:88:ac:03:e9:fb:a0:85: 52:cf:67:95:df:ea:0f:52:73:1f:d7:ff:a5:f9:5f: 20:fb:5e:31:04:94:e4:51:86:7b:dc:ef:20:bd:5a: a6:de:49:4f:17:74:d5:4b:a3:20:6e:e7:6e:73:5c: 1b:64:c1:cd:46:97:48:64:5f:47:0c:b7:92:5f:f9: dd:cd:fb:82:79:a8:d3:91:f4:29:18:45:af:8e:f0: 73:8c:61:17:c9:f9:9c:b6:45:26:5e:a4:4f:6c:c5: 38:cf:fb:41:4a:33:93:b9:08:e8:83:49:3b:0f:21: 81:a0:97:47:a8:8d:a0:17:0d:2b:f5:d8:14:32:c8: e2:dc:00:39:37:d6:13:3f:f6:cd:61:f4:4b:9c:e1: 15:14:22:8d:65:6d:c1:b0:69:0c:ad:58:ff:76:58: 7f:86:de:11:be:08:2e:9a:77:65:90:b9:67:6f:7a: e9:5b:db:24:32:ab:bb:75:f7:1c:fc:ba:a8:e4:96: 30:dd:7a:7c:24:50:4e:f9:e2:2b:fb:b3:65:72:6f: ff:a4:e0:99:a6:2d:91:f4:fa:bb:89:91:34:8c:d3: 14:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:54:B3:5C:4C:A9:BD:A9:38:5D:32:0D:42:28:20:0A:56:68:F6:75 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 87:cb:46:57:7c:5b:9d:f4:8d:85:8a:63:1a:25:28:dc:fd:1e: 2d:11:56:cd:c2:93:62:80:6a:66:73:84:d2:33:1e:40:15:de: fb:5b:e8:d4:06:9e:28:bc:90:33:c6:88:9a:26:75:17:7e:5a: 68:80:c8:14:4f:19:08:17:0e:22:f5:23:84:2e:b4:15:f7:0a: 58:f4:cd:51:8e:51:1c:b8:7a:76:f4:99:b6:d2:e8:f3:e1:32: c3:3a:e7:40:e7:11:d2:43:2f:12:c8:94:6d:b0:57:00:57:41: 99:12:10:53:6f:4a:63:95:23:69:ef:b8:08:fe:b5:b6:60:76: f3:54:11:60:51:46:9e:54:f7:76:c2:34:aa:7e:23:3d:8a:ed: ac:aa:77:3f:76:3f:f4:7f:14:45:d4:78:cf:5e:a1:88:40:4e: a2:89:71:38:ca:14:f7:1e:9e:ef:6a:63:10:7a:4a:43:c9:89: 5c:f3:3e:a4:a4:84:59:b5:40:80:d8:a9:5d:c0:35:5c:a0:35: 7d:92:56:bb:96:1d:0f:23:77:af:89:f7:6b:3c:61:95:aa:3a: 07:04:99:9e:4f:95:08:fa:06:08:af:75:5e:b9:66:ca:71:1a: 47:f0:3c:34:ef:8e:af:97:97:37:8a:33:1a:d9:64:cf:e5:ba: 63:7c:1a:41 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUB/O2ZNl8wre0zc/62ibRGFdh0QMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDkwMzAwMDAyOVoX DTI1MTAwODIzNTk1OVowejFJMEcGA1UEBRNANTFlMTU5NjU0MzA0OTlhYmY1ODY0 NTFmZjE5NDkxNzE3MGE3Y2M2MDQxMDcyYjUwZTc2MWNlOWJjMmE0ZTVhNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAEQ6kWcyu+YZKqlFHKyIO4BN7EO pP0pN8THIahRFHqxGTuH5oisA+n7oIVSz2eV3+oPUnMf1/+l+V8g+14xBJTkUYZ7 3O8gvVqm3klPF3TVS6Mgbuduc1wbZMHNRpdIZF9HDLeSX/ndzfuCeajTkfQpGEWv jvBzjGEXyfmctkUmXqRPbMU4z/tBSjOTuQjog0k7DyGBoJdHqI2gFw0r9dgUMsji 3AA5N9YTP/bNYfRLnOEVFCKNZW3BsGkMrVj/dlh/ht4RvggumndlkLlnb3rpW9sk Mqu7dfcc/Lqo5JYw3Xp8JFBO+eIr+7Nlcm//pOCZpi2R9Pq7iZE0jNMUBwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNNUs1xMqb2pOF0yDUIoIApWaPZ1MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQCHy0ZXfFud9I2FimMaJSjc /R4tEVbNwpNigGpmc4TSMx5AFd77W+jUBp4ovJAzxoiaJnUXflpogMgUTxkIFw4i 9SOELrQV9wpY9M1RjlEcuHp29Jm20ujz4TLDOudA5xHSQy8SyJRtsFcAV0GZEhBT b0pjlSNp77gI/rW2YHbzVBFgUUaeVPd2wjSqfiM9iu2sqnc/dj/0fxRF1HjPXqGI QE6iiXE4yhT3Hp7vamMQekpDyYlc8z6kpIRZtUCA2KldwDVcoDV9kla7lh0PI3ev ifdrPGGVqjoHBJmeT5UI+gYIr3VeuWbKcRpH8Dw0746vl5c3ijMa2WTP5bpjfBpB -----END CERTIFICATE-----Generated at Tue Sep 16 09:14:08 2025 by rpki-client