$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa File: 48a67156-122e-41d4-a2a8-8046cc5ecc41.roa (raw, json) Hash identifier: ZoDp7gkaymHJov0jvAxraRYququ0uIjdfs0Fbg2thmE= Subject key identifier: 16:6A:FB:C5:A2:3F:6A:50:5D:CA:3E:FF:2B:F0:0F:CB:F4:B9:14:75 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2F1567B21CA1786466654F4251BE10E13770C7A5 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa Signing time: Wed 27 Aug 2025 00:00:07 +0000 ROA not before: Wed 27 Aug 2025 00:00:07 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.238.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Sep 2025 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:15:67:b2:1c:a1:78:64:66:65:4f:42:51:be:10:e1:37:70:c7:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:07 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=235dbe73159cd5e9a31b9260a67f6b3eb3ace5568f005abbb54092ccadc4f049, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b5:04:7b:74:7a:f5:fb:f1:17:42:ad:f5:f7: da:3c:9a:17:b0:c9:2d:df:29:3b:69:c6:dd:8c:06: dc:c4:a6:7e:5f:b0:f0:6b:38:7f:94:13:7b:b8:4d: e5:7b:40:a3:69:3a:8e:bb:72:60:f4:ef:45:8e:61: ba:a2:a6:32:5d:3e:7c:2a:94:d5:61:02:6a:0c:83: ad:4e:2b:9d:e7:78:05:21:38:6e:7f:30:6a:88:df: d8:52:68:fa:63:eb:46:db:32:2d:33:d4:48:48:15: 4b:4c:83:61:15:3f:17:5c:b3:02:73:6f:e6:be:cb: 95:d6:64:2e:ea:6a:2c:7e:71:87:e7:a6:b6:b8:6c: 8b:ea:da:56:7f:3f:84:e7:0c:8d:b3:c9:90:3f:ee: 81:70:f2:f4:09:fb:9e:1d:77:23:09:52:7b:1a:ca: ee:ac:b2:28:8f:5b:0a:19:68:05:ce:d4:72:70:1d: 52:08:76:2c:95:b1:a9:5f:c8:39:07:e9:b4:b9:4a: 94:d0:32:91:14:85:d9:1a:36:64:8d:2c:4d:0e:cc: 88:a7:d9:a3:51:df:74:c6:4d:eb:de:fe:22:85:42: ca:8b:e4:b0:31:4e:f3:60:98:62:b3:f2:fd:df:0f: cd:1b:4e:37:ac:1a:1c:64:f8:26:9f:de:1b:53:6f: 08:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:6A:FB:C5:A2:3F:6A:50:5D:CA:3E:FF:2B:F0:0F:CB:F4:B9:14:75 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/48a67156-122e-41d4-a2a8-8046cc5ecc41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.238.0/23 Signature Algorithm: sha256WithRSAEncryption 16:9a:ad:ec:62:16:8e:cf:d9:1b:5c:b5:1a:e9:12:f3:18:ff: 0c:e6:4b:22:bd:3f:4b:11:42:6a:11:7a:89:bc:d7:33:0f:a9: 12:5b:30:a8:9b:c8:2d:05:d6:0f:71:38:ac:74:b5:38:6c:91: 34:8b:fa:c0:a9:01:46:d8:0d:cf:cd:8d:75:ca:cd:a8:84:82: 80:40:57:64:b5:84:95:09:9d:58:ab:57:f0:49:e9:b6:83:99: e5:35:c0:a1:74:7e:bf:4c:5f:ed:d5:5a:c3:a4:b5:05:76:99: 00:42:91:52:72:c0:58:15:25:5c:0a:11:64:29:3f:f4:a8:bd: 89:a1:04:40:7c:b2:08:ca:7c:17:e5:36:db:b1:7d:bd:06:d3: 1f:ba:14:a8:6e:09:f7:66:b7:07:94:c6:53:2e:53:e9:42:7f: 5f:3d:4b:75:e2:08:01:ed:99:bc:17:28:4e:99:08:8d:f8:51: 6b:a0:b1:dd:4d:2f:f0:b2:b3:0b:78:7b:c9:06:31:92:eb:9d: ff:3b:d2:48:9a:af:4a:07:ce:73:c7:01:59:03:60:c2:39:12: 49:76:ea:a4:57:cc:95:82:76:79:74:e6:d5:d9:67:60:3e:3e: 8e:d0:eb:f2:41:4a:90:8f:2e:e2:d9:26:5d:c2:a4:f3:34:bd: 6d:4f:d3:4a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULxVnshyheGRmZU9CUb4Q4Tdwx6UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAwN1oX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAMjM1ZGJlNzMxNTljZDVlOWEzMWI5 MjYwYTY3ZjZiM2ViM2FjZTU1NjhmMDA1YWJiYjU0MDkyY2NhZGM0ZjA0OTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rUEe3R69fvxF0Kt9ffaPJoXsMkt 3yk7acbdjAbcxKZ+X7Dwazh/lBN7uE3le0CjaTqOu3Jg9O9FjmG6oqYyXT58KpTV YQJqDIOtTiud53gFIThufzBqiN/YUmj6Y+tG2zItM9RISBVLTINhFT8XXLMCc2/m vsuV1mQu6mosfnGH56a2uGyL6tpWfz+E5wyNs8mQP+6BcPL0CfueHXcjCVJ7Gsru rLIoj1sKGWgFztRycB1SCHYslbGpX8g5B+m0uUqU0DKRFIXZGjZkjSxNDsyIp9mj Ud90xk3r3v4ihULKi+SwMU7zYJhis/L93w/NG043rBocZPgmn94bU28IVwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBZq+8WiP2pQXco+/yvwD8v0uRR1MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzQ4YTY3MTU2LTEyMmUtNDFkNC1hMmE4LTgwNDZjYzVlY2M0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrynuMA0GCSqGSIb3DQEBCwUAA4IBAQAWmq3sYhaOz9kbXLUa6RLz GP8M5ksivT9LEUJqEXqJvNczD6kSWzCom8gtBdYPcTisdLU4bJE0i/rAqQFG2A3P zY11ys2ohIKAQFdktYSVCZ1Yq1fwSem2g5nlNcChdH6/TF/t1VrDpLUFdpkAQpFS csBYFSVcChFkKT/0qL2JoQRAfLIIynwX5TbbsX29BtMfuhSobgn3ZrcHlMZTLlPp Qn9fPUt14ggB7Zm8FyhOmQiN+FFroLHdTS/wsrMLeHvJBjGS653/O9JImq9KB85z xwFZA2DCORJJduqkV8yVgnZ5dObV2WdgPj6O0OvyQUqQjy7i2SZdwqTzNL1tT9NK -----END CERTIFICATE-----Generated at Tue Sep 9 01:08:31 2025 by rpki-client