$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa File: 42932dd4-2720-47b3-a472-fc2c8a50a46c.roa (raw, json) Hash identifier: NyrvS2tQrRYqi8H9wIQQGaV1jGezPK8RjU38PR8MGYU= Subject key identifier: 83:75:D6:AD:05:99:A9:28:0C:02:B2:04:2C:C8:45:03:84:7C:B1:F3 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 716F6BB74BA1060EFBAA8B00F8FFFD4E4367294A Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa Signing time: Fri 17 Oct 2025 00:01:27 +0000 ROA not before: Fri 17 Oct 2025 00:01:27 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.130.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:6f:6b:b7:4b:a1:06:0e:fb:aa:8b:00:f8:ff:fd:4e:43:67:29:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:27 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=dcaa45dc747be255b85bfdd692a8b93ec666e5273a346a7f0541352295a90970, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:98:83:6b:20:b6:cb:38:ba:02:31:ca:30:18: e8:44:52:c6:34:9f:65:c0:1c:86:f7:9c:94:d1:a6: c1:9d:86:10:6c:39:9d:ba:14:0e:01:f2:1e:8e:e9: 04:b3:8f:6b:24:14:e3:5b:46:5e:5c:8e:7d:f8:87: fb:f0:7e:db:e4:a5:9e:eb:04:84:88:43:30:ba:a7: 5b:c6:ec:fc:67:23:40:1b:54:f6:b6:ce:12:72:7d: 59:bd:f9:be:d8:f0:6f:4f:35:3c:2e:0e:71:0d:a7: 89:e5:4a:ca:35:7e:02:80:dd:50:41:72:6f:66:c9: 60:44:1d:8a:18:f1:eb:b9:cd:9d:a1:45:56:da:57: 8f:e2:25:c7:db:6c:75:af:45:b1:3c:bb:3e:01:99: c6:0f:d3:3c:57:cd:da:c4:6b:ed:b7:f9:f4:30:54: 9e:73:99:7e:c1:6c:fb:90:70:65:e0:d3:c4:7f:d8: 36:1f:2f:29:51:b8:a1:6d:bf:23:4a:e3:da:f3:c1: f0:da:c8:2f:81:43:e8:47:4f:dc:3f:bc:aa:6f:04: d9:da:d1:0a:eb:a3:33:9a:5c:6d:c0:58:98:e4:32: 1b:21:23:c1:1a:72:d3:78:39:f4:7d:df:87:d4:97: 4a:b6:14:16:b8:aa:83:53:e7:07:1a:db:6b:a2:a5: bf:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:75:D6:AD:05:99:A9:28:0C:02:B2:04:2C:C8:45:03:84:7C:B1:F3 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.130.0/23 Signature Algorithm: sha256WithRSAEncryption d2:7f:0e:a9:1d:59:97:32:ad:95:36:60:b9:c5:e6:3a:c1:8b: 83:5b:ad:2b:90:89:82:8e:8d:82:22:d1:29:92:2c:b7:92:2f: d4:1a:e5:8b:10:3d:c2:43:1e:37:91:45:69:1e:03:82:b3:63: 7f:27:f9:f0:3f:f6:d2:eb:c9:5d:ea:a9:0f:24:5c:cf:e6:69: cd:8d:5c:6b:bc:4a:f7:66:71:f3:a8:a6:9c:64:ae:01:48:58: 15:5f:f6:bd:d8:c7:39:62:30:fd:50:7e:12:b2:69:c5:6d:c7: d9:d9:e2:ec:62:24:00:c4:2b:98:bd:ef:51:4c:84:2a:38:fd: f4:24:14:4c:d3:a1:64:19:df:42:15:8d:43:39:40:c5:b1:90: a0:bd:cf:58:6e:4d:36:06:9d:d5:10:66:6a:18:85:a5:2b:18: f9:09:4d:5d:75:33:08:e3:67:0a:f7:39:63:7c:8f:ad:66:51: d5:ea:f5:51:ff:32:b1:df:ea:7d:00:b9:d1:8e:20:31:f0:a5: 28:14:7a:97:08:63:3c:ea:61:f1:6c:16:93:54:50:94:ec:34: c7:f7:0e:19:78:55:87:50:5b:8d:ae:a4:81:d3:27:68:35:b6: 96:0e:71:ff:cd:79:62:ec:f4:4b:c3:02:14:22:8a:0d:57:0d: 4f:bd:1d:bb -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcW9rt0uhBg77qosA+P/9TkNnKUowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEyN1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAZGNhYTQ1ZGM3NDdiZTI1NWI4NWJm ZGQ2OTJhOGI5M2VjNjY2ZTUyNzNhMzQ2YTdmMDU0MTM1MjI5NWE5MDk3MDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJiDayC2yzi6AjHKMBjoRFLGNJ9l wByG95yU0abBnYYQbDmduhQOAfIejukEs49rJBTjW0ZeXI59+If78H7b5KWe6wSE iEMwuqdbxuz8ZyNAG1T2ts4Scn1Zvfm+2PBvTzU8Lg5xDaeJ5UrKNX4CgN1QQXJv ZslgRB2KGPHruc2doUVW2leP4iXH22x1r0WxPLs+AZnGD9M8V83axGvtt/n0MFSe c5l+wWz7kHBl4NPEf9g2Hy8pUbihbb8jSuPa88Hw2sgvgUPoR0/cP7yqbwTZ2tEK 66MzmlxtwFiY5DIbISPBGnLTeDn0fd+H1JdKthQWuKqDU+cHGttroqW/lwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIN11q0FmakoDAKyBCzIRQOEfLHzMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQyOTMyZGQ0LTI3MjAtNDdiMy1hNDcyLWZjMmM4YTUwYTQ2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrymCMA0GCSqGSIb3DQEBCwUAA4IBAQDSfw6pHVmXMq2VNmC5xeY6 wYuDW60rkImCjo2CItEpkiy3ki/UGuWLED3CQx43kUVpHgOCs2N/J/nwP/bS68ld 6qkPJFzP5mnNjVxrvEr3ZnHzqKacZK4BSFgVX/a92Mc5YjD9UH4SsmnFbcfZ2eLs YiQAxCuYve9RTIQqOP30JBRM06FkGd9CFY1DOUDFsZCgvc9Ybk02Bp3VEGZqGIWl Kxj5CU1ddTMI42cK9zljfI+tZlHV6vVR/zKx3+p9ALnRjiAx8KUoFHqXCGM86mHx bBaTVFCU7DTH9w4ZeFWHUFuNrqSB0ydoNbaWDnH/zXli7PRLwwIUIooNVw1PvR27 -----END CERTIFICATE-----Generated at Sat Oct 18 13:43:57 2025 by rpki-client