$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: PuPRPa47bjxbhrSmgJdiKDRqOCHnk8L+V79L08Z8zpU= Subject key identifier: B1:BC:B1:16:AC:C9:86:9C:AC:6F:7F:60:FC:42:99:5B:EA:ED:C2:BA Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 38BC256568A0148F6C76F5AC84388561F1E1E6EA Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Wed 27 Aug 2025 00:00:02 +0000 ROA not before: Wed 27 Aug 2025 00:00:02 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 00:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:bc:25:65:68:a0:14:8f:6c:76:f5:ac:84:38:85:61:f1:e1:e6:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:02 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=eef44a5e44a86c2e884d33b70c07af4f195dd0953b6367f189808f21c1e91a62, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:6e:49:72:d2:d8:f3:a5:9e:47:71:25:d5:91: ed:13:b6:76:3f:a3:1f:19:63:79:7f:1b:b3:25:4e: e8:39:09:22:f2:ce:35:c5:e4:0c:b3:24:ad:a2:86: c0:a0:1c:5f:da:8e:66:57:72:06:02:eb:00:11:e8: 95:63:70:0a:70:84:1e:18:2f:0e:d5:6b:2a:fd:15: 3d:5b:d6:44:e3:e3:c0:38:5b:f3:99:4f:58:e8:50: a8:a1:03:ea:16:1f:d6:a5:93:5e:64:5d:33:8c:2c: 1a:6b:ba:75:be:67:2a:2a:bf:ea:ba:00:48:ca:a2: e2:cc:c2:18:65:a3:4c:b1:9c:cd:3c:99:ad:d7:55: 87:62:7d:c2:88:b6:a5:40:34:98:c5:d1:75:49:7d: 5a:e5:8e:75:46:aa:f4:37:56:a6:dd:b1:55:bc:f3: 50:98:59:51:59:a4:7d:d8:3b:14:e6:0e:a2:ac:e2: 07:1e:40:8c:87:01:8f:79:81:96:f3:04:58:83:3d: 57:af:39:1c:7b:ce:47:3f:91:60:b6:b6:ce:20:15: 79:6f:2b:91:42:69:c4:84:86:be:0f:8f:fc:db:06: 6d:f2:4c:f0:fd:a4:23:82:53:cc:d9:61:b0:6f:9d: 83:66:1d:ad:f2:1a:15:c2:60:a1:06:cf:cc:3f:9c: 98:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:BC:B1:16:AC:C9:86:9C:AC:6F:7F:60:FC:42:99:5B:EA:ED:C2:BA X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 9b:b1:e7:a7:7a:84:31:5e:42:ec:d6:06:12:a3:cd:3d:81:68: 3d:87:7e:25:e7:87:bf:c6:83:a4:70:b9:ce:d3:75:4f:e0:b0: 91:de:49:53:b9:73:99:d5:f4:f9:63:b0:9e:7b:ee:4a:10:35: a5:ff:0b:e5:66:28:71:0b:fd:2a:cb:cb:5c:a0:8f:df:f8:d3: 15:1b:d8:76:75:de:02:51:68:26:a6:36:39:75:8c:05:7e:68: e5:bb:31:58:44:67:0a:3e:77:2f:f2:8d:43:59:18:61:0b:c3: c7:7c:fc:8a:ce:e5:5e:28:4b:ae:1e:68:6a:92:27:f7:46:da: 6d:dd:3b:6c:03:31:e6:e9:60:22:cf:31:66:1b:08:11:44:b4: fd:47:8b:df:64:a7:e1:ca:89:96:3b:a7:58:c8:d3:57:e8:23: 32:e5:83:b1:f6:86:ee:ef:5c:3a:6d:75:59:7b:38:97:97:65: 80:c1:02:e1:c0:b9:09:85:7b:0a:29:25:82:2c:be:af:a8:7b: c6:58:7a:40:f9:d9:31:3c:4c:6e:ef:d1:e8:87:ae:55:be:46: 22:3b:86:7c:e6:81:79:c2:f7:6e:a2:82:24:07:cc:85:c4:cd: 74:fe:01:ff:03:58:6b:60:33:47:96:81:4b:2a:dc:fc:af:e1: 56:f0:aa:1c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOLwlZWigFI9sdvWshDiFYfHh5uowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAwMloX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAZWVmNDRhNWU0NGE4NmMyZTg4NGQz M2I3MGMwN2FmNGYxOTVkZDA5NTNiNjM2N2YxODk4MDhmMjFjMWU5MWE2MjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG5JctLY86WeR3El1ZHtE7Z2P6Mf GWN5fxuzJU7oOQki8s41xeQMsyStoobAoBxf2o5mV3IGAusAEeiVY3AKcIQeGC8O 1Wsq/RU9W9ZE4+PAOFvzmU9Y6FCooQPqFh/WpZNeZF0zjCwaa7p1vmcqKr/qugBI yqLizMIYZaNMsZzNPJmt11WHYn3CiLalQDSYxdF1SX1a5Y51Rqr0N1am3bFVvPNQ mFlRWaR92DsU5g6irOIHHkCMhwGPeYGW8wRYgz1Xrzkce85HP5FgtrbOIBV5byuR QmnEhIa+D4/82wZt8kzw/aQjglPM2WGwb52DZh2t8hoVwmChBs/MP5yYNQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLG8sRasyYacrG9/YPxCmVvq7cK6MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQCbseeneoQxXkLs1gYSo809 gWg9h34l54e/xoOkcLnO03VP4LCR3klTuXOZ1fT5Y7Cee+5KEDWl/wvlZihxC/0q y8tcoI/f+NMVG9h2dd4CUWgmpjY5dYwFfmjluzFYRGcKPncv8o1DWRhhC8PHfPyK zuVeKEuuHmhqkif3Rtpt3TtsAzHm6WAizzFmGwgRRLT9R4vfZKfhyomWO6dYyNNX 6CMy5YOx9obu71w6bXVZeziXl2WAwQLhwLkJhXsKKSWCLL6vqHvGWHpA+dkxPExu 79Hoh65VvkYiO4Z85oF5wvduooIkB8yFxM10/gH/A1hrYDNHloFLKtz8r+FW8Koc -----END CERTIFICATE-----Generated at Tue Sep 9 01:08:35 2025 by rpki-client