$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa File: 7b26d410-17d7-4310-bb58-41c465f8eef2.roa (raw, json) Hash identifier: D9cw9ToNQZwqPDNLtKM2mhEKabKisLLOjOipREWgByc= Subject key identifier: AF:88:DC:87:78:20:C7:CF:29:B7:EB:B4:99:B2:52:59:BA:8C:CC:40 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 150448865DD9261F8BA55C330C666BF4C621FC87 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa Signing time: Fri 17 Oct 2025 00:01:28 +0000 ROA not before: Fri 17 Oct 2025 00:01:28 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.148.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:04:48:86:5d:d9:26:1f:8b:a5:5c:33:0c:66:6b:f4:c6:21:fc:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Oct 17 00:01:28 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=9775a39fe8b3c346400e76dd72f153bf851075e66d2a7c6845409c63b04d28be, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:41:06:7a:6a:b3:94:a5:ca:4b:bb:d3:79:30: 76:7f:12:95:22:5d:b2:be:91:9c:20:dc:38:a3:1d: d6:d1:ef:95:7f:ca:34:bb:b4:45:e7:c8:2e:3d:31: 23:bb:ba:38:a3:04:5e:b6:e4:8a:0f:d6:2e:0d:88: 30:24:31:57:ee:5b:93:f2:d8:9c:6b:97:14:04:0e: 84:d4:e8:a2:73:e5:68:c7:00:d3:f0:33:bb:2a:1c: 93:3b:a8:d1:a1:fa:db:49:77:bf:b1:1e:f9:ac:b7: 87:b6:a9:67:6d:fc:f1:da:33:2e:e3:c6:15:f7:29: 4b:66:fb:69:23:7b:95:1e:2d:cc:e0:b4:c4:7a:c6: bb:c2:17:fa:c7:5b:f2:53:61:f2:cb:64:fe:25:04: e5:85:73:23:c6:b9:9d:b0:d9:af:2b:eb:90:bb:c8: 3f:0b:63:da:8a:87:89:0f:11:fb:68:39:0f:d7:8f: a7:63:32:0a:99:71:20:8a:99:4a:8c:1c:0d:08:a3: fa:6d:59:56:32:10:70:37:14:23:43:e6:45:a6:46: 06:3d:9d:2e:a8:ad:3d:ba:43:1a:33:c7:54:79:d6: a4:a1:61:b5:5d:45:b1:97:e0:47:fd:47:05:c4:be: 23:8a:82:fb:12:74:03:82:a5:1e:83:af:8d:85:2e: e0:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:88:DC:87:78:20:C7:CF:29:B7:EB:B4:99:B2:52:59:BA:8C:CC:40 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7b26d410-17d7-4310-bb58-41c465f8eef2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.148.0/23 Signature Algorithm: sha256WithRSAEncryption cb:da:a6:b9:b8:aa:f2:55:24:fc:22:0d:e2:b6:b5:b9:a4:02: d9:79:31:84:7b:ee:01:85:14:4b:3c:c4:b9:d3:5f:c9:58:f1: ee:7a:f9:18:dc:6e:b3:e0:fc:e5:3a:b1:6c:31:06:e7:cd:c4: 7f:2d:ca:42:93:a7:e8:fc:e6:d2:58:a0:4b:68:29:88:cd:0c: 1e:0c:48:88:98:84:89:76:2f:f9:98:5c:83:ab:e2:d3:40:9b: 1f:ef:36:4c:d0:57:01:9f:f9:9a:4b:a9:a1:ec:8e:8a:36:fb: df:d7:8c:4f:fb:da:b4:89:01:f8:44:c2:14:61:de:2c:fd:9d: 80:78:0e:ec:04:dd:ce:a3:d8:8e:13:ef:e3:e0:2e:46:08:1c: 7b:eb:97:9a:1d:58:ef:f7:5c:25:15:c2:7b:9f:c0:fb:f6:61: 0f:f4:85:6d:5e:f7:ce:f4:74:fa:a7:f4:29:e1:5c:fc:20:99: b2:6d:d6:ed:02:43:00:6c:64:86:0a:6b:3a:14:79:b9:e6:2b: 4b:3a:83:3c:8d:eb:bf:62:7b:e4:ea:03:c3:44:b7:9d:13:02: 5f:28:11:2d:8c:f5:2d:bd:00:c1:fe:58:08:3c:dc:ef:4c:03: 22:84:e3:ae:99:06:c0:63:69:09:e7:d4:8e:6a:4d:ef:10:63: e3:60:d8:c7 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFQRIhl3ZJh+LpVwzDGZr9MYh/IcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MTAxNzAwMDEyOFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAOTc3NWEzOWZlOGIzYzM0NjQwMGU3 NmRkNzJmMTUzYmY4NTEwNzVlNjZkMmE3YzY4NDU0MDljNjNiMDRkMjhiZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0EGemqzlKXKS7vTeTB2fxKVIl2y vpGcINw4ox3W0e+Vf8o0u7RF58guPTEju7o4owRetuSKD9YuDYgwJDFX7luT8tic a5cUBA6E1Oiic+VoxwDT8DO7KhyTO6jRofrbSXe/sR75rLeHtqlnbfzx2jMu48YV 9ylLZvtpI3uVHi3M4LTEesa7whf6x1vyU2Hyy2T+JQTlhXMjxrmdsNmvK+uQu8g/ C2PaioeJDxH7aDkP14+nYzIKmXEgiplKjBwNCKP6bVlWMhBwNxQjQ+ZFpkYGPZ0u qK09ukMaM8dUedakoWG1XUWxl+BH/UcFxL4jioL7EnQDgqUeg6+NhS7gLQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFK+I3Id4IMfPKbfrtJmyUlm6jMxAMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzdiMjZkNDEwLTE3ZDctNDMxMC1iYjU4LTQxYzQ2NWY4ZWVmMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrymUMA0GCSqGSIb3DQEBCwUAA4IBAQDL2qa5uKryVST8Ig3itrW5 pALZeTGEe+4BhRRLPMS501/JWPHuevkY3G6z4PzlOrFsMQbnzcR/LcpCk6fo/ObS WKBLaCmIzQweDEiImISJdi/5mFyDq+LTQJsf7zZM0FcBn/maS6mh7I6KNvvf14xP +9q0iQH4RMIUYd4s/Z2AeA7sBN3Oo9iOE+/j4C5GCBx765eaHVjv91wlFcJ7n8D7 9mEP9IVtXvfO9HT6p/Qp4Vz8IJmybdbtAkMAbGSGCms6FHm55itLOoM8jeu/Ynvk 6gPDRLedEwJfKBEtjPUtvQDB/lgIPNzvTAMihOOumQbAY2kJ59SOak3vEGPjYNjH -----END CERTIFICATE-----Generated at Sat Oct 18 13:49:45 2025 by rpki-client