$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa File: 0bf15d3f-c546-4bb6-a764-82165c384d37.roa (raw, json) Hash identifier: EknYaBpD1ECNXyfgg0Lo8hvQ3BUiJG9nv6soz1O8t/U= Subject key identifier: E9:7C:1C:1D:AC:F2:9A:3B:40:D0:86:C1:79:7F:69:2D:D1:45:58:E6 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 1B4B0B0E5BFFCA8ADB9E25A01F21F49DCD4B81CE Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa Signing time: Wed 27 Aug 2025 00:00:11 +0000 ROA not before: Wed 27 Aug 2025 00:00:11 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:4b:0b:0e:5b:ff:ca:8a:db:9e:25:a0:1f:21:f4:9d:cd:4b:81:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:11 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=c3f42292b57c5afe1bd75ac135c5ed596eb47f5cdc16b89df4ebc5f4c84024ce, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:bd:dd:42:44:48:a0:84:a1:59:32:0f:20:d4: a3:f2:a5:2f:51:da:bd:7e:89:06:08:ec:b8:ff:ee: 73:2f:d6:1d:0b:74:65:03:8a:3a:b6:8e:f6:f1:1c: a1:12:8b:71:ba:e1:03:cf:b1:ad:b8:6e:6c:52:a4: 8c:5b:cf:97:22:38:fa:2f:ad:07:97:e9:82:54:d7: 79:fe:bf:ac:ed:ef:9b:5b:1a:4e:fa:21:97:68:2f: 3c:5f:b0:18:6c:b0:d0:93:cf:4c:dd:50:a3:4f:1b: dc:78:c9:5d:ab:63:29:b1:66:9d:b4:3f:e5:f6:b7: d1:6b:19:0d:f3:85:c8:0b:35:c6:a1:7e:66:8c:97: 80:9c:74:73:23:c4:21:17:5e:fd:ed:a3:7b:8c:9f: 8a:ac:14:9a:11:aa:08:e9:28:a5:e2:1b:42:96:39: 0d:bf:b9:a9:22:81:74:b3:5b:5f:ca:ad:ee:5d:f2: d0:6d:f6:3b:91:ed:b5:88:5f:0b:fa:32:fb:75:68: 27:ba:73:de:e0:6d:71:50:34:5c:74:18:b8:2c:39: 84:f8:10:d9:93:b6:22:ba:52:0c:7a:b2:0a:cb:79: 50:5e:d4:e8:89:dc:7b:e8:b6:b2:df:ca:6e:81:3c: 93:a5:e8:ad:7e:6e:76:fd:40:aa:5d:11:ce:59:d3: b7:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:7C:1C:1D:AC:F2:9A:3B:40:D0:86:C1:79:7F:69:2D:D1:45:58:E6 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.200.0/21 Signature Algorithm: sha256WithRSAEncryption 8d:ff:d6:19:fc:c4:75:4c:23:df:40:cf:e6:42:6d:80:c2:a5: 36:ed:86:df:8c:61:3a:3b:95:4d:1e:ea:94:4f:94:aa:76:0e: 94:df:61:c2:44:d2:21:0a:1c:83:5a:47:bb:a1:36:c7:6b:56: 7e:c9:a5:a6:b6:f9:eb:3b:3e:4e:e4:58:d5:7a:5e:f5:df:c6: 92:69:4e:c1:30:ee:c4:86:a4:a6:18:98:7c:42:63:e6:76:67: f4:a0:6b:d6:c0:c4:01:76:2c:d2:23:f1:ad:25:95:02:d4:15: 2c:19:b9:24:80:31:88:2b:94:4d:d3:19:61:d6:9a:a7:4b:b1: bc:6f:33:48:62:fa:47:81:c4:ad:7b:86:9f:6b:b8:ec:31:8a: 05:eb:a2:96:ec:51:7b:fa:97:0a:68:9d:6c:a9:dc:67:41:53: 33:52:e0:d7:2d:7c:37:4a:91:74:d8:c2:43:91:12:50:1a:fd: 8e:02:a2:53:ae:ab:d6:33:b5:77:5e:4f:c6:01:af:59:e5:b4: 17:12:e1:a1:0c:6e:66:c6:09:aa:a8:c7:f6:e7:69:91:70:ae: bd:8f:aa:80:7f:bc:41:98:1d:9a:dc:8b:09:b5:24:9d:e5:19: 46:5b:08:65:30:ec:85:44:73:dd:2f:90:0f:cd:2d:82:8d:cd: 8c:db:ce:9a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUG0sLDlv/yorbniWgHyH0nc1Lgc4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAxMVoX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAYzNmNDIyOTJiNTdjNWFmZTFiZDc1 YWMxMzVjNWVkNTk2ZWI0N2Y1Y2RjMTZiODlkZjRlYmM1ZjRjODQwMjRjZTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb3dQkRIoIShWTIPINSj8qUvUdq9 fokGCOy4/+5zL9YdC3RlA4o6to728RyhEotxuuEDz7GtuG5sUqSMW8+XIjj6L60H l+mCVNd5/r+s7e+bWxpO+iGXaC88X7AYbLDQk89M3VCjTxvceMldq2MpsWadtD/l 9rfRaxkN84XICzXGoX5mjJeAnHRzI8QhF1797aN7jJ+KrBSaEaoI6Sil4htCljkN v7mpIoF0s1tfyq3uXfLQbfY7ke21iF8L+jL7dWgnunPe4G1xUDRcdBi4LDmE+BDZ k7YiulIMerIKy3lQXtToidx76Lay38pugTyTpeitfm52/UCqXRHOWdO3vQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOl8HB2s8po7QNCGwXl/aS3RRVjmMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzBiZjE1ZDNmLWM1NDYtNGJiNi1hNzY0LTgyMTY1YzM4NGQzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrynIMA0GCSqGSIb3DQEBCwUAA4IBAQCN/9YZ/MR1TCPfQM/mQm2A wqU27YbfjGE6O5VNHuqUT5Sqdg6U32HCRNIhChyDWke7oTbHa1Z+yaWmtvnrOz5O 5FjVel7138aSaU7BMO7EhqSmGJh8QmPmdmf0oGvWwMQBdizSI/GtJZUC1BUsGbkk gDGIK5RN0xlh1pqnS7G8bzNIYvpHgcSte4afa7jsMYoF66KW7FF7+pcKaJ1sqdxn QVMzUuDXLXw3SpF02MJDkRJQGv2OAqJTrqvWM7V3Xk/GAa9Z5bQXEuGhDG5mxgmq qMf252mRcK69j6qAf7xBmB2a3IsJtSSd5RlGWwhlMOyFRHPdL5APzS2Cjc2M286a -----END CERTIFICATE-----Generated at Tue Sep 9 01:07:16 2025 by rpki-client