$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json) Hash identifier: 7U7YgCKK1M1nlqM5nLWabBq6MKprWt3PBvFg7ZlQH1c= Subject key identifier: 7A:24:FF:0C:AF:10:E0:93:92:5C:DB:28:10:C6:E7:70:FC:F5:61:72 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 0FE0DD54F29AA2B4F83CB0226C1B5CE0887A85B0 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa Signing time: Wed 27 Aug 2025 00:00:12 +0000 ROA not before: Wed 27 Aug 2025 00:00:12 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:e0:dd:54:f2:9a:a2:b4:f8:3c:b0:22:6c:1b:5c:e0:88:7a:85:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:12 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=3e373d891a8f2fb3dff1b3c44c7f2f48b2b9c2f5259deba74f36fdcb12d647ef, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:55:97:dc:73:a0:55:e4:0d:0b:ad:51:47:84: 1d:30:a2:9a:4e:b0:79:04:68:a9:79:8b:1e:a0:86: d3:0b:de:a1:5e:8a:ca:8f:1d:f1:17:56:aa:30:f3: 99:7d:84:0e:d8:bb:da:40:97:2b:0a:19:29:e6:87: e0:a0:d0:ec:3e:66:84:cd:a7:96:10:08:cd:4d:63: a7:08:ff:44:01:8e:b3:ae:70:9c:fd:f8:bc:24:e3: 70:b7:43:4b:a4:ec:9c:11:9d:d4:aa:f3:a5:2b:f7: 5c:ef:ea:b2:45:45:3e:a6:ef:a9:93:e9:2e:15:a9: 6b:15:1c:6f:87:cb:ce:2f:19:ca:02:c2:f5:cb:cb: 4c:d3:41:60:51:20:49:75:5b:a9:14:99:76:41:27: b8:40:a1:8a:e7:f3:b3:fc:2b:7b:01:32:c1:41:61: 7b:f7:c9:a9:24:e7:7b:8b:d2:ad:11:a1:9b:e1:78: 09:7d:f6:ce:6b:64:7c:56:35:ec:08:7c:68:ea:c0: c5:cd:67:0f:3c:34:54:a2:03:af:50:f5:b8:a7:e0: 23:d9:ea:f9:d1:f9:5f:60:50:5b:72:07:94:84:aa: bd:76:cd:82:14:2d:7b:92:f8:6c:ef:e5:4b:76:6b: eb:2b:31:fd:16:80:79:d0:1d:e4:ba:bd:b0:d1:1f: 16:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:24:FF:0C:AF:10:E0:93:92:5C:DB:28:10:C6:E7:70:FC:F5:61:72 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.224.0/21 Signature Algorithm: sha256WithRSAEncryption 76:5f:c4:af:8b:f0:1a:84:df:83:17:5f:3f:fe:ea:5b:5f:d6: f8:8c:0f:31:42:cc:2d:c2:3c:cc:bf:f3:d2:65:49:e7:00:43: 2f:b0:d7:9b:9e:29:09:23:0f:a3:b8:96:2f:9f:62:41:2c:9b: fb:37:74:1b:7c:1b:3b:07:1b:fd:13:83:39:5f:b1:98:fa:6b: 53:1e:4c:19:ce:e7:f5:6a:79:b6:3c:50:1e:72:77:38:cd:07: d0:29:0d:a6:b4:3d:7f:fe:e5:55:4d:bf:b2:f8:c9:0d:50:6a: 3f:bd:24:f6:f7:f2:35:1d:33:62:f8:57:44:33:08:a3:a2:1c: a6:11:10:3b:83:12:0d:32:00:4f:32:86:72:23:7d:72:43:12: 40:b2:d1:a4:4d:0e:28:a5:33:fb:e5:4d:81:8a:ad:7b:58:d1: d8:ad:73:aa:cf:2e:32:99:59:92:9a:b6:90:8c:a3:bc:40:38: fa:85:d5:92:0f:50:b8:91:ca:15:5b:84:e5:0e:7f:d3:49:59: e0:e5:1b:b3:ba:a3:8a:4d:5d:b6:46:6c:a9:72:f8:9f:51:eb: 63:59:d7:e4:62:1f:3e:2d:b5:e4:b4:23:d2:1a:93:36:38:9c: 33:45:e0:c5:53:74:fd:f9:5c:09:7b:fa:51:26:a7:b8:07:09: c3:79:1c:78 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUD+DdVPKaorT4PLAibBtc4Ih6hbAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAxMloX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAM2UzNzNkODkxYThmMmZiM2RmZjFi M2M0NGM3ZjJmNDhiMmI5YzJmNTI1OWRlYmE3NGYzNmZkY2IxMmQ2NDdlZjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1WX3HOgVeQNC61RR4QdMKKaTrB5 BGipeYseoIbTC96hXorKjx3xF1aqMPOZfYQO2LvaQJcrChkp5ofgoNDsPmaEzaeW EAjNTWOnCP9EAY6zrnCc/fi8JONwt0NLpOycEZ3UqvOlK/dc7+qyRUU+pu+pk+ku FalrFRxvh8vOLxnKAsL1y8tM00FgUSBJdVupFJl2QSe4QKGK5/Oz/Ct7ATLBQWF7 98mpJOd7i9KtEaGb4XgJffbOa2R8VjXsCHxo6sDFzWcPPDRUogOvUPW4p+Aj2er5 0flfYFBbcgeUhKq9ds2CFC17kvhs7+VLdmvrKzH9FoB50B3kur2w0R8W4QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHok/wyvEOCTklzbKBDG53D89WFyMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQB2X8Svi/AahN+DF18//upb X9b4jA8xQswtwjzMv/PSZUnnAEMvsNebnikJIw+juJYvn2JBLJv7N3QbfBs7Bxv9 E4M5X7GY+mtTHkwZzuf1anm2PFAecnc4zQfQKQ2mtD1//uVVTb+y+MkNUGo/vST2 9/I1HTNi+FdEMwijohymERA7gxINMgBPMoZyI31yQxJAstGkTQ4opTP75U2Biq17 WNHYrXOqzy4ymVmSmraQjKO8QDj6hdWSD1C4kcoVW4TlDn/TSVng5RuzuqOKTV22 RmypcvifUetjWdfkYh8+LbXktCPSGpM2OJwzReDFU3T9+VwJe/pRJqe4BwnDeRx4 -----END CERTIFICATE-----Generated at Tue Sep 9 01:05:54 2025 by rpki-client