$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa File: b3ba338e-4843-454b-abe5-65f09756225a.roa (raw, json) Hash identifier: fOV7A0tHbHVXHPbIJiI2Wlmp+OIN/LYS0ZXtu+H6YU0= Subject key identifier: 64:66:81:39:78:70:9F:76:40:DD:DC:12:EE:9E:F9:1D:E8:50:78:39 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 738613211F74FC5D64C75A9E8038223517EADBE4 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa Signing time: Wed 27 Aug 2025 00:00:05 +0000 ROA not before: Wed 27 Aug 2025 00:00:05 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Sep 2025 00:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:86:13:21:1f:74:fc:5d:64:c7:5a:9e:80:38:22:35:17:ea:db:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 27 00:00:05 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=983c9a298dbbcad9185de996677ec41ed49450354c1fd95fbeb13cbb49a3ebc4, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:f1:9c:85:15:5f:fc:fb:7a:3a:bc:63:ce:93: f8:72:63:d9:dd:51:31:e3:fc:a7:d2:c3:b0:e4:2a: c3:46:56:60:30:f9:05:fb:f5:ee:3c:39:ce:d2:db: 44:23:3e:3f:b5:5d:c2:d1:aa:9b:d9:35:d1:96:87: 0a:2d:7a:92:b4:ee:63:63:86:a6:b5:1c:e9:a5:97: de:6e:cb:39:4b:7a:54:cc:66:5a:d5:a8:c4:a6:2b: c1:d4:7a:35:45:75:ba:6f:29:27:f3:7d:26:af:eb: 44:89:73:3b:dc:0e:98:4a:e9:a5:00:7a:a1:65:53: 7c:79:2c:58:51:ee:c0:8e:0f:32:07:b2:f8:e4:2b: fc:04:51:bb:3d:17:12:9b:74:51:3c:c2:d7:d1:d6: 1a:86:02:f5:ab:58:45:b1:d8:63:9e:c8:ce:f6:b6: 70:f9:51:9c:58:d0:8c:c9:18:f7:78:ae:10:ed:27: cb:48:53:15:69:5b:ed:c7:8f:db:66:f8:f3:b9:be: b3:72:27:16:3a:46:1b:fb:26:45:db:2e:dc:4c:18: 46:68:63:02:07:19:af:c1:49:24:51:dc:48:ba:13: 9b:9a:2e:b5:4b:46:df:52:46:b9:83:c9:70:b0:56: 09:e2:07:45:bd:ac:69:f2:93:0e:6c:1f:f4:9c:8e: 80:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:66:81:39:78:70:9F:76:40:DD:DC:12:EE:9E:F9:1D:E8:50:78:39 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.192.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:cc:c7:a3:47:29:e5:0a:7b:f3:c2:60:76:db:0b:75:b7:95: e2:d7:3f:44:20:96:f3:18:c5:f8:e4:71:23:d8:d3:41:ce:4b: 7c:47:33:78:b4:41:1b:c9:94:aa:2f:55:ca:8b:d5:c0:ee:db: 5b:ba:a4:0c:28:7b:55:c9:46:10:fa:40:42:c3:40:cd:48:52: ac:8f:3e:08:2d:11:78:b3:54:cd:69:b1:34:cf:70:e5:75:38: b7:68:ab:46:66:82:16:74:be:22:7c:6f:80:90:be:55:57:63: 96:3e:a6:48:b3:74:01:03:e8:b0:78:1f:e1:d4:92:38:88:61: 5e:12:fe:c8:46:01:bd:90:6a:42:ec:4b:87:3f:c7:7d:45:8f: 55:f7:08:35:89:fb:ac:ed:81:f3:e7:2d:36:87:d8:03:6b:cc: 3f:c8:79:8f:3c:e2:de:ee:ba:8c:28:c0:73:ff:93:c9:7b:00: 7f:25:e7:db:67:ad:ae:54:9b:c7:60:73:7b:1f:f3:34:e0:2a: bb:e7:5e:07:75:ef:2a:28:3e:77:91:84:4c:c7:43:9d:b3:3a: 95:73:0a:81:ae:da:46:9b:af:95:70:ad:27:5e:df:1d:54:45: 8c:75:f3:87:c6:0b:d0:1a:86:40:a3:5d:d0:ec:7d:ae:d3:b6: fc:1c:a3:d0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUc4YTIR90/F1kx1qegDgiNRfq2+QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgyNzAwMDAwNVoX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAOTgzYzlhMjk4ZGJiY2FkOTE4NWRl OTk2Njc3ZWM0MWVkNDk0NTAzNTRjMWZkOTVmYmViMTNjYmI0OWEzZWJjNDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/GchRVf/Pt6OrxjzpP4cmPZ3VEx 4/yn0sOw5CrDRlZgMPkF+/XuPDnO0ttEIz4/tV3C0aqb2TXRlocKLXqStO5jY4am tRzppZfebss5S3pUzGZa1ajEpivB1Ho1RXW6bykn830mr+tEiXM73A6YSumlAHqh ZVN8eSxYUe7Ajg8yB7L45Cv8BFG7PRcSm3RRPMLX0dYahgL1q1hFsdhjnsjO9rZw +VGcWNCMyRj3eK4Q7SfLSFMVaVvtx4/bZvjzub6zcicWOkYb+yZF2y7cTBhGaGMC BxmvwUkkUdxIuhObmi61S0bfUka5g8lwsFYJ4gdFvaxp8pMObB/0nI6AcwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGRmgTl4cJ92QN3cEu6e+R3oUHg5MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2IzYmEzMzhlLTQ4NDMtNDU0Yi1hYmU1LTY1ZjA5NzU2MjI1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynAMA0GCSqGSIb3DQEBCwUAA4IBAQAczMejRynlCnvzwmB22wt1 t5Xi1z9EIJbzGMX45HEj2NNBzkt8RzN4tEEbyZSqL1XKi9XA7ttbuqQMKHtVyUYQ +kBCw0DNSFKsjz4ILRF4s1TNabE0z3DldTi3aKtGZoIWdL4ifG+AkL5VV2OWPqZI s3QBA+iweB/h1JI4iGFeEv7IRgG9kGpC7EuHP8d9RY9V9wg1ifus7YHz5y02h9gD a8w/yHmPPOLe7rqMKMBz/5PJewB/JefbZ62uVJvHYHN7H/M04Cq7514Hde8qKD53 kYRMx0OdszqVcwqBrtpGm6+VcK0nXt8dVEWMdfOHxgvQGoZAo13Q7H2u07b8HKPQ -----END CERTIFICATE-----Generated at Tue Sep 9 01:09:52 2025 by rpki-client