$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa File: 3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa (raw, json) Hash identifier: yjyrnBw41vvDMUdtHNcvyBmhA8s539qhw8H4OkwB5cA= Subject key identifier: E9:4D:E0:37:EC:0E:BE:55:CB:EA:9C:FC:94:C2:12:68:19:15:9A:3B Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 5E914D38CC7AA81AA779D2CEC886895210D4DDF4 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa Signing time: Fri 17 Oct 2025 00:01:30 +0000 ROA not before: Fri 17 Oct 2025 00:01:30 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.136.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:91:4d:38:cc:7a:a8:1a:a7:79:d2:ce:c8:86:89:52:10:d4:dd:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:30 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=c6981102ba83f04719920edd1cb0e31c3a402a77d7c6f974505e58754fe8c54e, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:43:93:86:bc:89:0f:93:7f:68:4c:ad:3c:32: bc:da:c7:e3:62:17:ed:8c:89:d0:48:cc:10:59:89: 58:82:9e:09:fd:7a:19:85:62:13:56:7e:04:b4:7b: 0f:99:58:d2:1e:43:23:81:9c:b0:23:3f:91:c2:53: e4:7b:70:6f:e5:b9:fb:be:9e:03:56:aa:d7:49:3c: 4b:67:e2:b3:73:a9:cf:6f:6b:36:62:01:a7:36:be: 62:d2:1f:bb:ba:a9:ce:52:0e:cf:60:21:d0:2a:c7: 29:31:06:b3:19:c0:f2:0c:d2:a1:bd:89:94:cf:20: bb:4d:20:c4:b9:73:9e:56:84:02:8b:97:b2:dd:c8: 2e:56:43:80:16:c7:06:72:ed:42:60:11:ce:f4:52: e3:c2:40:56:f1:bf:7d:b9:42:d2:90:3a:04:a9:c9: dc:78:af:46:9e:09:33:0f:fb:6e:f0:0a:bb:ec:47: 50:f9:bc:ee:b3:54:11:4e:11:7a:18:fb:06:fb:4d: ee:ed:55:48:66:92:51:8e:ba:bb:48:85:9e:56:96: f9:a1:5b:28:f3:98:34:41:c5:4f:ce:0d:07:a2:33: d0:8e:8e:77:ba:aa:c8:a3:63:48:50:31:84:b8:e2: 7f:fd:96:5c:7c:e7:53:34:6f:49:e4:34:7a:5d:4b: 21:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:4D:E0:37:EC:0E:BE:55:CB:EA:9C:FC:94:C2:12:68:19:15:9A:3B X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.136.0/21 Signature Algorithm: sha256WithRSAEncryption 4b:09:99:b9:01:79:f6:33:48:07:3c:91:7b:88:e7:35:c2:12: bf:d6:28:f9:45:79:c8:90:f3:a7:2b:05:f6:df:83:ee:6d:89: 93:61:b1:bf:01:c4:84:49:22:21:5a:20:33:69:a5:b4:ed:33: 61:8d:dd:4c:0a:80:30:81:0c:d1:20:e7:f4:42:b7:a2:ff:47: b6:04:26:95:ce:78:8d:8c:8a:20:b0:51:c4:09:a4:1a:15:eb: cd:46:00:65:9a:72:67:62:86:c6:a5:14:3a:b7:21:0d:44:ca: 80:e2:b5:41:f4:71:d7:ce:b9:4e:3c:8e:95:9c:b9:99:ba:e3: 51:95:d2:76:68:0f:d5:88:7a:0b:dd:cb:93:02:b5:ce:b6:0a: 28:01:99:1c:83:eb:38:6f:37:ae:5b:fc:d6:28:29:c5:8b:70: 02:35:67:b2:3b:fa:0b:d6:80:54:e4:df:d6:9f:a3:48:16:9e: 92:cd:35:d5:e1:51:d4:7a:96:ac:a1:d2:75:73:d5:18:82:75: 9a:a7:c0:53:46:e8:20:3f:bb:2b:a5:68:87:c5:48:e0:0b:ba: 58:de:3f:fb:a4:47:a9:b1:41:e8:c5:0e:f1:aa:48:28:ca:38: 1d:50:fc:fe:18:3c:5e:86:26:af:48:09:5b:7f:3c:73:e3:aa: 6c:05:8a:a8 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXpFNOMx6qBqnedLOyIaJUhDU3fQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEzMFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAYzY5ODExMDJiYTgzZjA0NzE5OTIw ZWRkMWNiMGUzMWMzYTQwMmE3N2Q3YzZmOTc0NTA1ZTU4NzU0ZmU4YzU0ZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUOThryJD5N/aEytPDK82sfjYhft jInQSMwQWYlYgp4J/XoZhWITVn4EtHsPmVjSHkMjgZywIz+RwlPke3Bv5bn7vp4D VqrXSTxLZ+Kzc6nPb2s2YgGnNr5i0h+7uqnOUg7PYCHQKscpMQazGcDyDNKhvYmU zyC7TSDEuXOeVoQCi5ey3cguVkOAFscGcu1CYBHO9FLjwkBW8b99uULSkDoEqcnc eK9GngkzD/tu8Aq77EdQ+bzus1QRThF6GPsG+03u7VVIZpJRjrq7SIWeVpb5oVso 85g0QcVPzg0HojPQjo53uqrIo2NIUDGEuOJ//ZZcfOdTNG9J5DR6XUsh7wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOlN4DfsDr5Vy+qc/JTCEmgZFZo7MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzNiODU1N2MwLWQ1ZWUtNGY5ZC04MGFjLWU0MWEzN2ZmZmYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymIMA0GCSqGSIb3DQEBCwUAA4IBAQBLCZm5AXn2M0gHPJF7iOc1 whK/1ij5RXnIkPOnKwX234PubYmTYbG/AcSESSIhWiAzaaW07TNhjd1MCoAwgQzR IOf0Qrei/0e2BCaVzniNjIogsFHECaQaFevNRgBlmnJnYobGpRQ6tyENRMqA4rVB 9HHXzrlOPI6VnLmZuuNRldJ2aA/ViHoL3cuTArXOtgooAZkcg+s4bzeuW/zWKCnF i3ACNWeyO/oL1oBU5N/Wn6NIFp6SzTXV4VHUepasodJ1c9UYgnWap8BTRuggP7sr pWiHxUjgC7pY3j/7pEepsUHoxQ7xqkgoyjgdUPz+GDxehiavSAlbfzxz46psBYqo -----END CERTIFICATE-----Generated at Sat Oct 18 13:49:45 2025 by rpki-client