$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa File: 05bc8dbb-c70a-48da-b45b-4448364614ff.roa (raw, json) Hash identifier: LQE84TeQyIGnEjW8ousHXrwYbCLI8j4LnU4mOEWzIqw= Subject key identifier: 5B:49:FC:A4:B0:3A:F4:CA:77:C9:E5:8A:E9:5F:49:DD:0C:77:6D:A6 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 10FB5C2CC76D693045E6F25AFCE6546E2AE8C90B Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa Signing time: Wed 27 Aug 2025 00:00:14 +0000 ROA not before: Wed 27 Aug 2025 00:00:14 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.208.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:fb:5c:2c:c7:6d:69:30:45:e6:f2:5a:fc:e6:54:6e:2a:e8:c9:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:14 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=a9d1bc6963048102c037e91ba790c151ee953420c82bac3d2ec6881ab76bc293, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:0d:6a:08:e1:ec:27:2f:75:5e:3f:29:bf:c8: 6f:a7:99:25:6e:2d:ae:ba:1c:5e:76:55:7c:29:28: 04:1e:5a:cc:28:2b:8e:41:37:31:7a:ae:b2:25:fa: 82:54:87:8c:8e:a5:c2:e3:5b:60:da:50:e5:d1:0f: c6:2e:cb:09:f3:60:1e:88:94:8a:d2:46:41:40:ad: 59:b0:8d:cd:40:4a:ac:e0:d9:40:ee:b2:44:72:c4: 94:b3:67:bc:4a:85:e5:0d:6e:24:3a:9d:19:ce:3b: c8:41:2e:96:42:bc:af:7c:b8:22:0c:82:7c:bc:ea: 65:78:f6:71:0c:5f:97:a8:89:cc:0b:80:cc:37:c6: 99:7f:3f:9b:b0:b8:32:c7:eb:12:97:a4:dd:80:a1: 62:72:7c:3a:dd:98:c2:a9:08:70:81:89:96:96:79: c1:7f:19:cc:89:6e:75:8a:52:f6:68:a4:37:60:b9: 78:5c:e3:21:16:33:5e:b9:9a:63:f3:91:c6:b9:ce: 92:a5:f3:38:23:c1:7f:a3:6a:13:de:ec:88:7f:4e: f5:71:15:00:c9:3c:8e:18:2c:10:ee:07:bd:83:7b: 7a:ea:e9:3f:4a:99:61:cf:ef:68:ad:70:48:bf:f2: 37:19:60:ee:b5:8a:67:fe:6f:e3:66:61:c1:c6:f1: 44:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:49:FC:A4:B0:3A:F4:CA:77:C9:E5:8A:E9:5F:49:DD:0C:77:6D:A6 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.208.0/20 Signature Algorithm: sha256WithRSAEncryption 8b:cf:b9:cf:67:8e:40:bf:c3:8c:c0:a5:eb:35:1e:37:be:5b: 57:7f:1c:81:50:85:7a:f7:d3:92:b2:e5:75:72:f5:af:8e:d9: 69:70:99:e5:4d:cf:59:50:8c:45:79:7c:6a:bc:0f:48:3b:0f: 99:b9:44:ad:2e:9e:b6:b6:b9:94:6b:11:35:2a:ab:84:b4:3d: eb:81:f9:64:aa:c3:e5:bb:76:de:ec:9e:4e:c4:6d:dd:c1:4b: ad:c6:60:66:d9:4d:21:39:6d:cc:ab:99:a6:a6:0d:15:2f:38: 51:1c:82:71:4a:02:43:24:d6:56:e6:da:33:bc:1f:c6:de:10: 73:08:47:5b:08:d0:44:a0:19:58:39:a7:ec:6b:1b:9c:0a:6a: d5:2f:29:20:23:93:b8:52:f8:29:af:83:92:cd:3c:a0:d1:f4: ba:52:ce:0a:5f:73:4e:bf:84:b0:14:df:b2:01:45:28:05:78: 07:93:70:16:38:00:bb:70:52:8b:ee:12:8c:14:88:2b:78:dd: d7:df:08:ce:a5:6b:7a:c6:7d:4d:39:db:b8:6e:ce:21:c9:b2: f7:3b:83:c7:bd:85:91:50:26:21:ed:b2:8b:76:0f:f9:aa:ed: 90:a3:c0:ec:0b:d2:eb:67:7b:54:3f:3c:88:a8:f6:ee:22:0a: 32:f8:cb:85 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEPtcLMdtaTBF5vJa/OZUbiroyQswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAxNFoX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAYTlkMWJjNjk2MzA0ODEwMmMwMzdl OTFiYTc5MGMxNTFlZTk1MzQyMGM4MmJhYzNkMmVjNjg4MWFiNzZiYzI5MzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw1qCOHsJy91Xj8pv8hvp5klbi2u uhxedlV8KSgEHlrMKCuOQTcxeq6yJfqCVIeMjqXC41tg2lDl0Q/GLssJ82AeiJSK 0kZBQK1ZsI3NQEqs4NlA7rJEcsSUs2e8SoXlDW4kOp0ZzjvIQS6WQryvfLgiDIJ8 vOplePZxDF+XqInMC4DMN8aZfz+bsLgyx+sSl6TdgKFicnw63ZjCqQhwgYmWlnnB fxnMiW51ilL2aKQ3YLl4XOMhFjNeuZpj85HGuc6SpfM4I8F/o2oT3uyIf071cRUA yTyOGCwQ7ge9g3t66uk/Splhz+9orXBIv/I3GWDutYpn/m/jZmHBxvFEuwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFtJ/KSwOvTKd8nliulfSd0Md22mMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzA1YmM4ZGJiLWM3MGEtNDhkYS1iNDViLTQ0NDgzNjQ2MTRmZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQErynQMA0GCSqGSIb3DQEBCwUAA4IBAQCLz7nPZ45Av8OMwKXrNR43 vltXfxyBUIV699OSsuV1cvWvjtlpcJnlTc9ZUIxFeXxqvA9IOw+ZuUStLp62trmU axE1KquEtD3rgflkqsPlu3be7J5OxG3dwUutxmBm2U0hOW3Mq5mmpg0VLzhRHIJx SgJDJNZW5tozvB/G3hBzCEdbCNBEoBlYOafsaxucCmrVLykgI5O4Uvgpr4OSzTyg 0fS6Us4KX3NOv4SwFN+yAUUoBXgHk3AWOAC7cFKL7hKMFIgreN3X3wjOpWt6xn1N Odu4bs4hybL3O4PHvYWRUCYh7bKLdg/5qu2Qo8DsC9LrZ3tUPzyIqPbuIgoy+MuF -----END CERTIFICATE-----Generated at Tue Sep 9 01:05:52 2025 by rpki-client