$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/a78b90df-233b-4ec6-89d2-de27ac2dc044.roa File: a78b90df-233b-4ec6-89d2-de27ac2dc044.roa (raw, json) Hash identifier: a1ThmnmKIEzHuxdRa/DWBa9ARpMo3sLnIQYyx+Lzito= Subject key identifier: 8A:B5:CE:FA:01:D9:2F:AA:F9:0E:DE:0E:6A:D8:AA:74:DB:C1:DC:54 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 7165158F0B98CFEC3F6870E4497170D0ECD4E75F Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/a78b90df-233b-4ec6-89d2-de27ac2dc044.roa Signing time: Wed 27 Aug 2025 00:00:08 +0000 ROA not before: Wed 27 Aug 2025 00:00:08 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.236.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 00:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:65:15:8f:0b:98:cf:ec:3f:68:70:e4:49:71:70:d0:ec:d4:e7:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:08 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=fdbd7d528bb12320300dfd8b82ea0b39d893df462d4f05a5626ded9edcc39f1a, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:8e:e7:83:22:42:89:e6:39:cb:24:01:e7:11: c8:12:e1:4a:db:a3:52:9a:0d:70:85:c3:2b:db:7a: 59:18:92:b4:03:e1:91:11:40:c7:b9:0e:be:7a:2d: 7b:56:e6:4f:85:89:39:3f:36:b0:4c:29:52:d9:22: 8e:34:40:d4:fe:db:56:f3:72:17:ee:36:fd:f3:bf: a0:70:a4:62:c2:67:67:59:52:e2:2f:f3:57:01:9f: 99:99:50:33:c7:5c:49:01:10:8b:ca:32:83:23:1f: 3d:d3:8e:23:0d:4a:33:ab:2a:d2:5b:2d:52:0b:bd: 03:2e:fd:78:bf:9d:3a:bd:b2:7a:82:b3:69:d6:d7: 5a:0e:ac:50:6d:d5:8d:c8:72:04:69:13:78:d1:d5: 47:3a:2a:8f:f0:cd:11:f5:64:52:5d:47:f2:f3:75: ab:3f:8e:cb:a5:47:a7:cd:19:e8:8a:87:e7:db:24: f1:2a:18:8f:de:10:99:42:65:e1:58:87:da:f4:2f: c4:68:b4:da:2b:4b:8b:35:47:2e:33:6d:8b:d9:23: 45:b3:0d:4d:16:ed:75:11:ed:ad:2f:65:71:53:54: 4d:2f:21:47:25:09:7f:e5:c0:2e:59:d0:79:c3:bf: ed:5a:15:85:50:ad:ec:a4:da:b7:6f:77:bd:27:23: 46:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:B5:CE:FA:01:D9:2F:AA:F9:0E:DE:0E:6A:D8:AA:74:DB:C1:DC:54 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/a78b90df-233b-4ec6-89d2-de27ac2dc044.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.236.0/23 Signature Algorithm: sha256WithRSAEncryption 51:4e:6e:74:d0:a0:a5:2c:31:ca:10:c3:a1:51:d8:0d:18:06: 02:94:34:cf:85:f3:85:29:29:98:a7:8d:13:ea:4f:47:8c:8a: 77:24:76:81:b5:02:ef:2a:03:52:60:4d:41:86:c1:ba:bc:4b: 8a:47:78:60:65:1d:22:5b:bd:90:88:2b:13:8c:2c:bd:d4:8f: 21:08:2f:ef:a0:59:ef:bc:66:b0:2f:ac:64:1a:2a:9f:90:5b: 95:aa:fd:a5:c3:3d:31:82:65:dc:76:be:7a:b5:94:b8:24:66: d7:af:fb:dd:5c:09:f5:ad:13:58:cc:ff:d0:c9:f2:54:2a:f7: 20:d6:9f:20:fc:ee:34:a5:8d:65:0e:d3:84:61:d6:eb:41:be: 3c:27:ac:d6:db:0c:a0:95:c5:aa:a8:f5:d6:4c:b6:3a:b0:25: 0d:8b:af:2d:8c:26:a8:11:6c:0e:17:62:8b:b9:ab:d5:06:6e: 4b:a2:6d:0d:52:1e:f0:71:c3:7f:29:7f:33:80:ee:97:bc:bd: 5c:bf:d4:f1:e9:6e:d2:da:c5:5c:34:92:d0:f0:21:04:ab:2c: 88:c7:7f:1a:87:44:bd:68:dd:2c:87:cc:2e:91:4f:fd:ca:4d: 15:7f:35:be:b1:a1:7e:d3:ce:33:67:2b:4d:ec:63:4c:13:2e: 3f:7e:e8:8d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcWUVjwuYz+w/aHDkSXFw0OzU518wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAwOFoX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAZmRiZDdkNTI4YmIxMjMyMDMwMGRm ZDhiODJlYTBiMzlkODkzZGY0NjJkNGYwNWE1NjI2ZGVkOWVkY2MzOWYxYTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY7ngyJCieY5yyQB5xHIEuFK26NS mg1whcMr23pZGJK0A+GREUDHuQ6+ei17VuZPhYk5PzawTClS2SKONEDU/ttW83IX 7jb987+gcKRiwmdnWVLiL/NXAZ+ZmVAzx1xJARCLyjKDIx89044jDUozqyrSWy1S C70DLv14v506vbJ6grNp1tdaDqxQbdWNyHIEaRN40dVHOiqP8M0R9WRSXUfy83Wr P47LpUenzRnoiofn2yTxKhiP3hCZQmXhWIfa9C/EaLTaK0uLNUcuM22L2SNFsw1N Fu11Ee2tL2VxU1RNLyFHJQl/5cAuWdB5w7/tWhWFUK3spNq3b3e9JyNGBwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIq1zvoB2S+q+Q7eDmrYqnTbwdxUMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2E3OGI5MGRmLTIzM2ItNGVjNi04OWQyLWRlMjdhYzJkYzA0NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrynsMA0GCSqGSIb3DQEBCwUAA4IBAQBRTm500KClLDHKEMOhUdgN GAYClDTPhfOFKSmYp40T6k9HjIp3JHaBtQLvKgNSYE1BhsG6vEuKR3hgZR0iW72Q iCsTjCy91I8hCC/voFnvvGawL6xkGiqfkFuVqv2lwz0xgmXcdr56tZS4JGbXr/vd XAn1rRNYzP/QyfJUKvcg1p8g/O40pY1lDtOEYdbrQb48J6zW2wyglcWqqPXWTLY6 sCUNi68tjCaoEWwOF2KLuavVBm5Lom0NUh7wccN/KX8zgO6XvL1cv9Tx6W7S2sVc NJLQ8CEEqyyIx38ah0S9aN0sh8wukU/9yk0VfzW+saF+084zZytN7GNMEy4/fuiN -----END CERTIFICATE-----Generated at Tue Sep 9 01:05:47 2025 by rpki-client