$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa File: 1dffeac8-b779-49ef-ba27-58bc19891e60.roa (raw, json) Hash identifier: 250FTgHuto9SJoid1HPvupHDn7UBUGmxCGIhjacP+Xc= Subject key identifier: BD:07:FF:5F:9A:EA:86:C6:53:78:CD:FF:B2:49:CD:BC:41:D8:68:F0 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 719032332F5FA8F15A071BBB30DF65C31904871B Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa Signing time: Fri 17 Oct 2025 00:01:29 +0000 ROA not before: Fri 17 Oct 2025 00:01:29 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.144.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:90:32:33:2f:5f:a8:f1:5a:07:1b:bb:30:df:65:c3:19:04:87:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:29 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=1074396b972fa90930a53fdaa1a424192b1ae848af1032cea044fedd553e8dfb, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:be:d0:80:3a:96:3d:ff:4f:7c:32:85:23:b4: 30:74:34:8b:12:72:e4:2e:5d:f2:b5:49:71:4d:53: a5:c8:7b:2a:04:5c:ed:71:56:28:17:73:e8:25:b0: e4:a6:6b:9c:ef:3b:15:20:be:c2:57:bf:68:45:42: 1d:b7:65:a8:da:b8:f0:df:eb:e3:27:bd:ed:25:eb: c2:2b:d5:b5:03:1a:5a:bd:41:aa:c2:43:ba:95:be: f4:1f:23:3d:a3:bd:cc:69:df:8b:db:86:56:82:e3: 43:ea:36:a4:58:80:8e:31:ca:61:6c:35:46:63:f3: 62:20:85:33:de:c2:25:41:76:5b:75:16:14:d3:d4: 62:e3:f3:6c:35:3f:d2:74:a1:88:2d:43:0c:f2:e0: f2:a2:14:7e:c7:54:68:7b:6f:bb:96:b4:f6:c0:23: f8:59:f7:ee:50:f7:b1:fe:88:50:a1:55:ee:39:9d: de:6d:53:d7:31:f0:3c:3f:9f:af:f4:b2:d6:cf:8a: 5f:67:6c:1e:61:26:6d:e2:a9:62:2a:69:00:14:02: 21:d5:25:5b:f4:6f:33:b0:31:2e:df:76:6f:51:25: a8:c0:7e:35:44:94:18:77:71:78:fc:64:07:d1:f1: 60:81:21:ac:c8:28:fe:25:01:06:51:7a:f2:1c:64: 88:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:07:FF:5F:9A:EA:86:C6:53:78:CD:FF:B2:49:CD:BC:41:D8:68:F0 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/1dffeac8-b779-49ef-ba27-58bc19891e60.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.144.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:f1:3a:d7:eb:75:09:9a:a9:b7:13:14:b1:be:78:08:28:78: 55:d8:2a:b4:27:93:f4:cb:bf:4d:68:41:77:81:f8:bf:39:2b: fe:b0:8f:e6:05:4a:b8:19:c2:53:da:18:bf:9b:56:87:80:32: d9:41:4e:41:1d:bb:90:d2:cd:a9:96:c0:ca:9a:4a:7a:c1:3c: c4:e8:76:0f:71:c3:87:8f:1b:d5:42:22:0e:d4:86:69:83:14: 34:e9:6e:d7:ec:63:27:62:31:28:3d:9a:ab:dd:01:9a:41:04: aa:c9:ba:5f:84:cc:b1:46:e3:9f:34:11:de:e3:07:29:1c:ca: 5a:c1:5b:c1:c3:fd:b7:80:ce:44:c2:2a:77:96:15:37:52:5d: ff:07:05:5b:ea:d0:61:cf:67:2c:2b:03:da:41:f2:ad:6d:1a: a8:3c:58:09:1d:25:71:e8:84:c2:79:96:c6:93:58:74:70:8c: 9a:3d:00:5e:69:37:32:4d:aa:5a:5a:21:8c:17:fd:73:44:06: c4:f4:5e:50:f8:16:c3:ce:e2:6e:6b:18:69:8b:11:1f:11:77: bb:79:a0:b8:1e:56:b0:a0:6c:2a:bc:dd:63:52:a0:04:33:67: a6:16:b3:7e:8d:c7:20:65:b9:dd:7b:3b:85:1f:2d:08:a2:d6: ba:99:0e:24 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcZAyMy9fqPFaBxu7MN9lwxkEhxswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEyOVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAMTA3NDM5NmI5NzJmYTkwOTMwYTUz ZmRhYTFhNDI0MTkyYjFhZTg0OGFmMTAzMmNlYTA0NGZlZGQ1NTNlOGRmYjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L7QgDqWPf9PfDKFI7QwdDSLEnLk Ll3ytUlxTVOlyHsqBFztcVYoF3PoJbDkpmuc7zsVIL7CV79oRUIdt2Wo2rjw3+vj J73tJevCK9W1AxpavUGqwkO6lb70HyM9o73Mad+L24ZWguND6jakWICOMcphbDVG Y/NiIIUz3sIlQXZbdRYU09Ri4/NsNT/SdKGILUMM8uDyohR+x1Roe2+7lrT2wCP4 WffuUPex/ohQoVXuOZ3ebVPXMfA8P5+v9LLWz4pfZ2weYSZt4qliKmkAFAIh1SVb 9G8zsDEu33ZvUSWowH41RJQYd3F4/GQH0fFggSGsyCj+JQEGUXryHGSI0wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFL0H/1+a6obGU3jN/7JJzbxB2GjwMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzFkZmZlYWM4LWI3NzktNDllZi1iYTI3LTU4YmMxOTg5MWU2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrymQMA0GCSqGSIb3DQEBCwUAA4IBAQBO8TrX63UJmqm3ExSxvngI KHhV2Cq0J5P0y79NaEF3gfi/OSv+sI/mBUq4GcJT2hi/m1aHgDLZQU5BHbuQ0s2p lsDKmkp6wTzE6HYPccOHjxvVQiIO1IZpgxQ06W7X7GMnYjEoPZqr3QGaQQSqybpf hMyxRuOfNBHe4wcpHMpawVvBw/23gM5Ewip3lhU3Ul3/BwVb6tBhz2csKwPaQfKt bRqoPFgJHSVx6ITCeZbGk1h0cIyaPQBeaTcyTapaWiGMF/1zRAbE9F5Q+BbDzuJu axhpixEfEXe7eaC4HlawoGwqvN1jUqAEM2emFrN+jccgZbndezuFHy0Iota6mQ4k -----END CERTIFICATE-----Generated at Sat Oct 18 13:45:58 2025 by rpki-client