$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: FLPvj5+rap0/UrlxyhcFR3omhq3xgtgDh3L/GVX1T+0= Subject key identifier: 95:B1:53:D9:28:12:FA:5D:DB:90:16:B9:13:91:30:C8:59:DA:C9:47 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 715F5E9EA62EDCCD6667F4340562ACA02AC2B05F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Tue 26 Aug 2025 00:50:05 +0000 ROA not before: Tue 26 Aug 2025 00:50:05 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:03:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:5f:5e:9e:a6:2e:dc:cd:66:67:f4:34:05:62:ac:a0:2a:c2:b0:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Aug 26 00:50:05 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=10dff15225e5fd61de542087a104467dea422167b84b2b8f2cdb062fad20b9ce, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:32:78:c6:78:86:ff:7d:75:c0:c8:38:ab:a7: a0:db:4d:24:85:63:3a:4f:5d:9c:4f:ba:61:65:bb: 19:5b:6b:35:af:9a:07:3b:d7:6e:6a:67:8e:d4:9b: f5:e2:10:69:0d:86:a1:56:58:f1:26:b1:01:90:08: 4c:7d:28:a9:3c:57:9d:5c:75:08:9f:da:aa:df:cf: 3d:58:e0:04:8c:84:e9:57:7e:7b:00:8a:4c:18:70: 7f:e1:87:d2:5b:5a:88:23:da:d1:4f:b0:4e:e5:41: d5:e9:9d:86:13:a3:84:48:3a:e6:4a:95:c1:6b:fc: ce:dd:b2:3a:6d:40:ba:0c:85:72:cf:d9:af:97:01: 2a:dc:dc:1a:af:a3:4a:bc:cd:9c:1f:30:d2:ee:78: 6e:59:b7:cc:51:cf:54:01:02:d2:06:3a:3e:43:af: f4:f6:4b:ed:0d:5e:c1:e1:ff:58:23:f8:c3:18:56: 29:fc:ee:e9:a3:b4:d3:58:bb:3d:56:18:ed:c4:3d: 64:e9:0a:51:c8:8e:f2:04:d3:ff:af:51:42:f3:c1: 86:fd:22:fe:08:01:1b:5a:2b:e9:5f:1c:e0:c4:6c: 0f:e1:d2:ae:96:59:e3:b4:09:ff:e6:77:e2:6d:3d: 33:1c:ce:59:1d:07:6f:0f:27:10:e4:cf:b7:ee:5b: ac:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:B1:53:D9:28:12:FA:5D:DB:90:16:B9:13:91:30:C8:59:DA:C9:47 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 89:08:9d:c1:c1:04:38:ad:17:e0:87:e9:0b:41:d4:d8:0f:e0: 5c:0a:93:59:73:22:96:72:7d:7c:40:c5:e4:e8:76:6f:1b:2d: 16:09:71:81:57:52:02:36:f1:a1:71:49:9b:a9:00:b5:9a:40: fa:8b:f0:72:cb:de:d8:cc:15:a0:b3:81:3d:2e:97:ae:9f:1c: 9d:c2:d2:74:65:43:d2:22:65:a0:02:b0:8b:cd:d6:25:f3:f9: af:da:b9:0a:83:ba:a3:15:75:fa:81:c1:07:ab:c6:9f:0a:86: e8:38:39:90:ff:7f:73:e0:9f:0b:1c:b4:d1:ad:14:52:c4:0c: 5b:80:ea:e6:82:d9:e2:c6:95:9b:4b:41:8b:3a:22:77:15:d4: b8:89:66:c6:74:c5:56:04:d4:33:99:a0:0b:80:ea:22:fb:56: 97:0f:1d:9a:d3:e2:4f:8a:d8:9d:98:b9:4b:da:03:32:80:83: 5a:8b:f8:4c:5a:9c:15:7b:6d:f6:bd:23:bd:9b:29:ca:c1:a2: 58:ec:8e:64:85:04:ba:93:a4:9a:97:cb:1e:74:bd:dd:22:6e: 48:88:87:81:b8:83:9c:dd:1e:4e:38:96:e4:11:c6:6d:6f:82: fe:c8:13:72:a1:a4:28:bf:60:ad:a9:94:4e:b1:1f:31:30:dc: 87:47:ae:3c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcV9enqYu3M1mZ/Q0BWKsoCrCsF8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDgyNjAwNTAwNVoX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAMTBkZmYxNTIyNWU1ZmQ2MWRlNTQy MDg3YTEwNDQ2N2RlYTQyMjE2N2I4NGIyYjhmMmNkYjA2MmZhZDIwYjljZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDJ4xniG/311wMg4q6eg200khWM6 T12cT7phZbsZW2s1r5oHO9duameO1Jv14hBpDYahVljxJrEBkAhMfSipPFedXHUI n9qq3889WOAEjITpV357AIpMGHB/4YfSW1qII9rRT7BO5UHV6Z2GE6OESDrmSpXB a/zO3bI6bUC6DIVyz9mvlwEq3Nwar6NKvM2cHzDS7nhuWbfMUc9UAQLSBjo+Q6/0 9kvtDV7B4f9YI/jDGFYp/O7po7TTWLs9VhjtxD1k6QpRyI7yBNP/r1FC88GG/SL+ CAEbWivpXxzgxGwP4dKullnjtAn/5nfibT0zHM5ZHQdvDycQ5M+37lusewIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJWxU9koEvpd25AWuRORMMhZ2slHMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQCJCJ3BwQQ4rRfgh+kLQdTY D+BcCpNZcyKWcn18QMXk6HZvGy0WCXGBV1ICNvGhcUmbqQC1mkD6i/Byy97YzBWg s4E9LpeunxydwtJ0ZUPSImWgArCLzdYl8/mv2rkKg7qjFXX6gcEHq8afCoboODmQ /39z4J8LHLTRrRRSxAxbgOrmgtnixpWbS0GLOiJ3FdS4iWbGdMVWBNQzmaALgOoi +1aXDx2a0+JPitidmLlL2gMygINai/hMWpwVe232vSO9mynKwaJY7I5khQS6k6Sa l8sedL3dIm5IiIeBuIOc3R5OOJbkEcZtb4L+yBNyoaQov2CtqZROsR8xMNyHR648 -----END CERTIFICATE-----Generated at Thu Sep 18 08:05:39 2025 by rpki-client