$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa File: 0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa (raw, json) Hash identifier: HJBzRp8vbAH4c3qOXvydjbUjhWK4n+lXgql7cqVYLyM= Subject key identifier: 2C:22:F5:AF:73:E1:C5:CA:9C:F8:2F:B5:1B:09:9B:63:AC:7C:76:7C Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 15FA2BDD25C78134C7AD6512F16E072FE57FA5B8 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa Signing time: Wed 27 Aug 2025 00:00:09 +0000 ROA not before: Wed 27 Aug 2025 00:00:09 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.232.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 00:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:fa:2b:dd:25:c7:81:34:c7:ad:65:12:f1:6e:07:2f:e5:7f:a5:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:09 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=f15013c3b80f31099750a6251b1330e95db367104c53f3cc8d1a656c7f0e395a, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:6a:94:8e:90:8a:6a:6f:4a:00:78:63:29:16: 3e:04:ce:ad:bf:73:9a:ac:bd:dc:1b:a9:b7:2e:0a: 75:3e:64:5c:ba:52:db:f8:27:86:5a:39:57:b4:45: 62:68:38:d6:f1:35:b1:09:17:a7:a4:19:19:f0:2d: 3b:e8:fa:fa:f8:76:d7:3e:0c:e5:f2:b8:3b:e7:52: 75:ac:d6:18:cc:70:87:6a:65:ac:c0:6b:f6:7e:fc: 2a:a9:0d:6e:0a:b6:6e:c7:a8:bd:a0:92:33:d6:e7: 6a:50:e2:96:9a:60:fe:d4:d8:90:06:8b:fc:30:98: da:d6:72:5d:8a:b6:8c:4e:24:76:d8:e4:1c:7d:39: 9d:1b:f4:e3:85:b0:0e:69:f2:21:aa:98:67:1e:26: dc:63:e1:92:f5:31:26:85:6e:5a:14:32:c6:a6:e2: 84:27:98:90:44:1f:6f:3a:02:1b:50:2e:01:87:da: 07:ac:9b:aa:b3:56:13:d3:77:20:55:93:18:54:07: 33:69:6e:47:a1:58:35:a8:68:06:23:89:3c:d4:ba: 73:b2:82:ff:4f:c0:3d:78:2c:b6:6f:09:89:95:29: 11:f0:db:0b:49:80:e8:63:10:48:18:bf:ed:2c:70: e8:37:0e:a6:b4:74:fb:eb:92:ac:96:e3:41:9a:40: 81:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:22:F5:AF:73:E1:C5:CA:9C:F8:2F:B5:1B:09:9B:63:AC:7C:76:7C X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.232.0/22 Signature Algorithm: sha256WithRSAEncryption 0c:49:e6:28:b2:aa:27:85:6a:48:1a:6c:b2:c5:ce:71:4b:46: d5:27:0e:55:36:04:9b:56:e4:a4:d3:e4:1f:dc:22:6c:ed:4c: 8f:3b:20:d5:ec:37:d4:fe:61:e4:db:b6:08:c5:83:53:6c:94: 1e:f0:d4:6c:aa:62:87:dd:7d:aa:1b:d4:65:26:f1:3d:e2:0f: 7f:14:b1:97:c5:c7:c1:7f:2a:65:04:ae:d6:30:d9:26:af:31: 00:c2:5a:59:dd:02:94:02:e7:b5:4d:92:87:8f:70:b1:44:0b: f8:51:d5:39:99:02:2a:61:90:29:a7:21:9c:3c:6b:6b:ee:71: 11:47:fc:ac:43:c5:d6:48:0f:54:60:31:48:3f:61:2d:ba:d1: 46:94:9c:a4:70:61:44:78:62:94:2f:0d:20:3f:a6:d6:eb:7c: 76:f2:7b:2c:51:c4:8a:4a:c5:a6:68:37:91:77:fb:96:cf:ab: c9:ac:bf:38:38:4c:57:c0:14:ba:9a:9f:21:39:9a:b2:5f:7b: 29:d6:83:e6:65:e5:69:b3:59:46:59:5e:ac:32:bc:52:a3:99: 51:5e:55:d3:b1:74:56:17:bf:4d:66:05:84:0d:1a:b7:00:c1: 45:59:7d:71:60:f0:3e:bf:bd:da:59:06:b6:a2:ee:63:5d:3c: 01:73:4f:4a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFfor3SXHgTTHrWUS8W4HL+V/pbgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAwOVoX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAZjE1MDEzYzNiODBmMzEwOTk3NTBh NjI1MWIxMzMwZTk1ZGIzNjcxMDRjNTNmM2NjOGQxYTY1NmM3ZjBlMzk1YTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmqUjpCKam9KAHhjKRY+BM6tv3Oa rL3cG6m3Lgp1PmRculLb+CeGWjlXtEViaDjW8TWxCRenpBkZ8C076Pr6+HbXPgzl 8rg751J1rNYYzHCHamWswGv2fvwqqQ1uCrZux6i9oJIz1udqUOKWmmD+1NiQBov8 MJja1nJdiraMTiR22OQcfTmdG/TjhbAOafIhqphnHibcY+GS9TEmhW5aFDLGpuKE J5iQRB9vOgIbUC4Bh9oHrJuqs1YT03cgVZMYVAczaW5HoVg1qGgGI4k81LpzsoL/ T8A9eCy2bwmJlSkR8NsLSYDoYxBIGL/tLHDoNw6mtHT765KsluNBmkCBTwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCwi9a9z4cXKnPgvtRsJm2OsfHZ8MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzBjNWM1NGZmLWY5NzctNGI5Ni04Y2U5LWExZWFmMDgyZmU5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrynoMA0GCSqGSIb3DQEBCwUAA4IBAQAMSeYosqonhWpIGmyyxc5x S0bVJw5VNgSbVuSk0+Qf3CJs7UyPOyDV7DfU/mHk27YIxYNTbJQe8NRsqmKH3X2q G9RlJvE94g9/FLGXxcfBfyplBK7WMNkmrzEAwlpZ3QKUAue1TZKHj3CxRAv4UdU5 mQIqYZAppyGcPGtr7nERR/ysQ8XWSA9UYDFIP2EtutFGlJykcGFEeGKULw0gP6bW 63x28nssUcSKSsWmaDeRd/uWz6vJrL84OExXwBS6mp8hOZqyX3sp1oPmZeVps1lG WV6sMrxSo5lRXlXTsXRWF79NZgWEDRq3AMFFWX1xYPA+v73aWQa2ou5jXTwBc09K -----END CERTIFICATE-----Generated at Tue Sep 9 01:05:45 2025 by rpki-client