$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa File: 2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa (raw, json) Hash identifier: dmcLNDE8Ircf1BiepY9deLtoHvr2d17N7swT8/8obbg= Subject key identifier: 7B:24:39:EB:8A:A4:96:CE:38:5D:84:60:E2:B7:BE:3D:78:0D:4E:2C Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 6F8E7D70D6491330692BB981F080D430C21EA72E Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa Signing time: Wed 27 Aug 2025 00:00:03 +0000 ROA not before: Wed 27 Aug 2025 00:00:03 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:8e:7d:70:d6:49:13:30:69:2b:b9:81:f0:80:d4:30:c2:1e:a7:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:03 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=d4f51bf16dcdfecfb6f60954060b1ebc3ea7827f7a3defc74902232cad8cfac2, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fa:d0:d1:e2:31:74:96:88:57:39:69:ca:06: e6:e3:25:b3:4b:18:d7:08:db:d3:96:b1:cd:6e:d0: 7f:e2:00:46:e3:70:59:28:7a:6b:a4:f9:7f:8b:23: 1c:82:19:49:92:5f:16:d0:c2:93:71:eb:1e:a0:04: 11:c1:f9:da:f7:90:f0:43:11:73:f5:41:d5:6b:e7: 2c:62:9b:b3:7f:ba:98:c9:fb:50:08:ac:e3:eb:29: d5:69:7e:00:69:1f:4f:d5:8c:6e:c9:34:f9:94:64: 4f:c2:ae:11:b1:12:d4:43:60:3a:c6:6c:3a:5c:36: cf:f3:fb:41:2e:89:1d:12:d6:15:b7:99:ae:c2:ea: 33:cb:2c:f6:c1:f4:b8:17:9b:bd:5f:4c:14:40:e9: 52:18:6a:ca:02:26:5e:1c:91:47:81:ec:6f:d2:ed: 50:15:0b:26:52:0e:32:ff:4d:ff:80:cd:69:99:7f: b5:a5:5d:03:94:03:e0:07:cf:fa:c0:4c:92:3e:33: d9:10:90:44:de:5a:80:10:2f:e3:36:5f:f6:ab:99: 84:4a:01:e6:1d:fd:53:59:ab:b9:f2:98:5b:2e:31: 49:7e:76:31:a5:d0:f7:bd:d4:8c:33:b7:6c:5e:ff: cc:ef:02:2c:5e:c0:c6:20:4b:49:b7:f0:10:92:0f: 8d:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:24:39:EB:8A:A4:96:CE:38:5D:84:60:E2:B7:BE:3D:78:0D:4E:2C X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.193.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:d5:52:34:c5:b8:6b:99:71:ae:55:b3:c4:fb:96:77:f1:e5: 71:ff:cb:0b:97:a2:76:5b:65:5a:52:b3:a4:67:88:e2:26:57: 59:cf:f6:ec:ad:44:cb:ce:44:a1:1e:c3:d4:e2:0e:a7:68:20: b2:c6:b0:b6:1a:f0:72:5b:a5:4f:19:d6:ec:11:98:f9:1b:59: 8c:02:fc:f8:5e:a0:d4:83:a4:aa:f3:0f:26:5f:93:e8:a2:4a: bb:7e:04:ab:89:c9:66:70:05:69:0f:2d:f5:d7:d6:e1:1d:db: f1:a1:40:7b:1b:66:03:92:25:0c:e2:f3:49:ab:e4:bc:79:4a: 6d:0b:89:e9:8f:fa:f1:87:8d:fd:19:75:e1:cc:ab:4b:4f:cc: 67:f3:a8:4d:b7:76:7f:88:90:2e:e4:c9:31:2a:78:e4:b6:70: ea:2d:e3:2a:50:ad:ec:83:9a:7f:d7:ee:01:07:57:68:c1:8f: 1b:27:fd:b0:bd:bb:4b:5d:04:8e:5a:6f:49:25:2a:a5:d3:d3: 49:c4:f0:31:d1:48:cf:f4:4b:ab:f5:a5:03:59:b8:55:4f:7a: 31:b1:26:e1:51:d9:26:1b:b9:8a:cf:38:e2:4a:13:26:73:4b: 27:47:14:8c:b0:c6:7f:ee:d8:29:ea:e6:8c:c0:8a:cb:78:1f: f5:b8:b1:7d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUb459cNZJEzBpK7mB8IDUMMIepy4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAwM1oX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAZDRmNTFiZjE2ZGNkZmVjZmI2ZjYw OTU0MDYwYjFlYmMzZWE3ODI3ZjdhM2RlZmM3NDkwMjIzMmNhZDhjZmFjMjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvrQ0eIxdJaIVzlpygbm4yWzSxjX CNvTlrHNbtB/4gBG43BZKHprpPl/iyMcghlJkl8W0MKTceseoAQRwfna95DwQxFz 9UHVa+csYpuzf7qYyftQCKzj6ynVaX4AaR9P1YxuyTT5lGRPwq4RsRLUQ2A6xmw6 XDbP8/tBLokdEtYVt5muwuozyyz2wfS4F5u9X0wUQOlSGGrKAiZeHJFHgexv0u1Q FQsmUg4y/03/gM1pmX+1pV0DlAPgB8/6wEySPjPZEJBE3lqAEC/jNl/2q5mESgHm Hf1TWau58phbLjFJfnYxpdD3vdSMM7dsXv/M7wIsXsDGIEtJt/AQkg+NGQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHskOeuKpJbOOF2EYOK3vj14DU4sMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzJmNDdkY2RkLWMzODQtNGViMi1hZWZkLWY0YWQ2NGYyNmNjZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynBMA0GCSqGSIb3DQEBCwUAA4IBAQBt1VI0xbhrmXGuVbPE+5Z3 8eVx/8sLl6J2W2VaUrOkZ4jiJldZz/bsrUTLzkShHsPU4g6naCCyxrC2GvByW6VP GdbsEZj5G1mMAvz4XqDUg6Sq8w8mX5Pookq7fgSriclmcAVpDy3119bhHdvxoUB7 G2YDkiUM4vNJq+S8eUptC4npj/rxh439GXXhzKtLT8xn86hNt3Z/iJAu5MkxKnjk tnDqLeMqUK3sg5p/1+4BB1dowY8bJ/2wvbtLXQSOWm9JJSql09NJxPAx0UjP9Eur 9aUDWbhVT3oxsSbhUdkmG7mKzzjiShMmc0snRxSMsMZ/7tgp6uaMwIrLeB/1uLF9 -----END CERTIFICATE-----Generated at Tue Sep 9 01:05:51 2025 by rpki-client