$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa File: 197500e2-3802-44b2-a561-ca3dad01e209.roa (raw, json) Hash identifier: VIjnt59TB7BGOdnaiSRXW6ZJQWdAWNQj0darbfG3BwA= Subject key identifier: A3:3C:2D:D0:A0:F4:8A:5E:45:2B:1A:A5:59:F5:B0:F2:59:FB:5B:7B Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4A18F38109C79E9E85DF8EC637AD4CEB74C96B9E Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa Signing time: Fri 17 Oct 2025 00:01:27 +0000 ROA not before: Fri 17 Oct 2025 00:01:27 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:18:f3:81:09:c7:9e:9e:85:df:8e:c6:37:ad:4c:eb:74:c9:6b:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:27 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=d7c3f33891f1bbcff56aed509512cb288677920db8b30beb71656466caeee0e9, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:99:0d:ab:87:00:81:6f:6e:63:75:70:34:ef: 14:db:2f:42:2f:ac:05:10:26:e4:c0:41:29:25:2e: 2e:a2:05:e3:99:2b:e1:57:c0:b3:f6:ee:78:3e:fc: 3f:8a:40:ee:0e:d9:d7:ce:51:29:ef:00:25:c2:94: 8d:3a:64:26:e9:72:0d:46:b6:1f:10:55:c3:2f:7c: 48:97:1d:43:96:d7:77:16:db:a9:a4:70:02:46:1f: ba:32:75:d0:ed:70:b1:c2:fe:41:60:b6:2d:c9:23: 63:3b:ad:85:e2:a8:5d:fa:21:48:1c:27:36:af:c5: 6d:fc:1b:2c:ed:1e:f0:a1:4e:cb:4c:7a:4d:d8:10: 7f:a6:58:a3:1b:01:6c:ba:47:19:33:70:eb:21:d7: e4:8c:4a:0c:86:e0:85:16:a2:1e:4e:6b:93:26:55: 1a:28:5c:57:e5:a3:44:59:fd:9d:3a:1d:47:4b:ac: 9b:82:b6:63:da:2d:0d:60:2d:95:2c:66:ec:b5:82: 02:8a:1b:12:d7:76:e9:67:7d:da:dc:59:fd:35:ca: 39:ad:29:7e:da:82:55:ef:6c:f4:c6:34:88:4e:65: 98:61:f8:80:3f:d2:8b:db:6a:31:48:57:0b:7e:89: 2c:1a:c6:43:9b:6a:61:33:06:f5:a1:c4:cb:de:f8: cf:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:3C:2D:D0:A0:F4:8A:5E:45:2B:1A:A5:59:F5:B0:F2:59:FB:5B:7B X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.128.0/24 Signature Algorithm: sha256WithRSAEncryption 87:45:bd:6b:ee:73:27:3a:85:14:83:7f:47:e9:d0:30:84:31: 44:cd:7e:4b:5b:6b:0a:e5:eb:1c:f6:26:7c:59:7a:ac:37:f7: 69:b0:91:de:e5:ad:4a:fa:f1:f7:f6:63:01:e6:c2:72:90:9b: 3f:23:16:84:3e:7e:c5:10:17:08:58:f9:4b:50:25:25:5c:d9: b8:d4:d5:14:64:94:76:8f:da:e7:97:d2:1f:c9:53:b3:df:87: fa:c6:32:87:f6:db:3f:3b:ef:dd:89:11:f7:2a:4e:ee:d0:a1: 5b:e2:43:8a:af:18:a5:16:a3:19:2b:cc:1f:35:7f:d5:19:9f: 52:a6:70:a2:d0:b3:39:ed:46:31:a0:ef:bd:de:d3:24:af:d7: 78:1a:ee:20:f7:36:c9:1e:58:d8:1b:d5:89:d2:37:bc:be:c1: ca:5e:0f:73:47:93:92:9a:eb:ee:8b:43:c9:10:7b:fa:6e:3e: 9a:03:ca:49:29:e2:5c:b3:2a:c5:b1:7e:8c:47:71:76:35:46: 09:7a:65:78:88:f2:62:71:68:25:c2:d4:7e:27:55:74:b6:d5: 91:92:ef:01:21:1b:2f:09:d9:76:e5:b4:66:e3:3a:38:7a:79: 06:26:f6:ad:0f:c0:f2:11:f4:61:4f:bd:bb:66:23:1c:b7:04: 4c:cf:a7:d3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUShjzgQnHnp6F347GN61M63TJa54wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEyN1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAZDdjM2YzMzg5MWYxYmJjZmY1NmFl ZDUwOTUxMmNiMjg4Njc3OTIwZGI4YjMwYmViNzE2NTY0NjZjYWVlZTBlOTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJkNq4cAgW9uY3VwNO8U2y9CL6wF ECbkwEEpJS4uogXjmSvhV8Cz9u54Pvw/ikDuDtnXzlEp7wAlwpSNOmQm6XINRrYf EFXDL3xIlx1Dltd3FtuppHACRh+6MnXQ7XCxwv5BYLYtySNjO62F4qhd+iFIHCc2 r8Vt/Bss7R7woU7LTHpN2BB/plijGwFsukcZM3DrIdfkjEoMhuCFFqIeTmuTJlUa KFxX5aNEWf2dOh1HS6ybgrZj2i0NYC2VLGbstYICihsS13bpZ33a3Fn9Nco5rSl+ 2oJV72z0xjSITmWYYfiAP9KL22oxSFcLfoksGsZDm2phMwb1ocTL3vjPhwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKM8LdCg9IpeRSsapVn1sPJZ+1t7MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzE5NzUwMGUyLTM4MDItNDRiMi1hNTYxLWNhM2RhZDAxZTIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArymAMA0GCSqGSIb3DQEBCwUAA4IBAQCHRb1r7nMnOoUUg39H6dAw hDFEzX5LW2sK5esc9iZ8WXqsN/dpsJHe5a1K+vH39mMB5sJykJs/IxaEPn7FEBcI WPlLUCUlXNm41NUUZJR2j9rnl9IfyVOz34f6xjKH9ts/O+/diRH3Kk7u0KFb4kOK rxilFqMZK8wfNX/VGZ9SpnCi0LM57UYxoO+93tMkr9d4Gu4g9zbJHljYG9WJ0je8 vsHKXg9zR5OSmuvui0PJEHv6bj6aA8pJKeJcsyrFsX6MR3F2NUYJemV4iPJicWgl wtR+J1V0ttWRku8BIRsvCdl25bRm4zo4enkGJvatD8DyEfRhT727ZiMctwRMz6fT -----END CERTIFICATE-----Generated at Sat Oct 18 13:45:57 2025 by rpki-client