$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: fGSsKj2cKRA3NzFl1vxdTnJLWCoHcVJxd/NP9D4Zgn0= Subject key identifier: D8:2B:9A:4E:86:E9:29:C2:E9:BE:6D:65:15:B3:A0:2E:DA:E9:B6:FF Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 23B03F594B0E71D6F4F6DD5C2873CDDF3E0E55BB Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Fri 22 Aug 2025 00:00:03 +0000 ROA not before: Fri 22 Aug 2025 00:00:03 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:02:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:b0:3f:59:4b:0e:71:d6:f4:f6:dd:5c:28:73:cd:df:3e:0e:55:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Aug 22 00:00:03 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=bfe0e13f91271c18b381a8e3dae0f5b7690fb9df1936fc110ffbcffcf608c5c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:26:0d:21:53:f3:f6:f2:54:3a:4d:3d:f8:dc: c8:86:f3:1a:46:aa:c8:64:6e:ea:5d:19:c8:ac:2c: 0a:cd:95:af:63:6d:f5:19:c2:74:4e:46:2c:8c:81: a4:75:ea:c5:3d:09:ab:00:bb:c7:3b:88:11:67:74: 2e:c3:ce:bd:d3:83:8d:d8:f2:e6:64:8f:17:7b:8e: 5e:6b:27:66:fa:fd:12:76:4f:82:b1:4e:ec:bd:a7: 21:5a:60:39:50:0d:e6:57:a7:4d:69:93:bc:31:f3: b7:c1:4f:e6:87:60:ea:78:f3:c4:38:b9:73:33:7d: ea:a6:b2:a4:6d:f8:4e:46:93:fd:66:34:61:62:dc: 64:dd:9c:ae:93:e1:e0:f2:19:a8:11:25:14:2f:62: 8f:d5:d9:7a:df:5f:a0:13:ab:24:6e:f3:bf:9f:73: 2e:c1:cd:ed:e6:e7:ea:d6:1c:6d:71:88:3b:af:62: ff:93:3c:b4:4e:5a:17:98:b4:fa:cf:57:24:83:a5: ba:90:18:fd:78:59:57:7f:d7:6b:cc:e7:84:bc:1d: 1b:a4:89:21:07:9a:35:3f:21:00:0b:ed:c2:fc:1d: 16:eb:12:35:0f:47:38:77:6b:29:aa:2b:3a:02:72: 30:af:4d:d7:d5:0b:a1:58:9c:c5:e3:84:91:ed:ad: da:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:2B:9A:4E:86:E9:29:C2:E9:BE:6D:65:15:B3:A0:2E:DA:E9:B6:FF X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 59:c7:c9:e6:19:ee:6d:c1:27:15:bf:5c:80:a8:42:3c:c6:5f: 0b:06:e3:8f:70:d8:4a:91:d2:a8:80:b4:c6:f3:77:a6:72:03: 6b:46:8d:7b:cf:ec:cf:db:91:97:6f:15:f8:80:e8:4d:57:91: 44:5c:01:01:6f:1c:83:70:2a:5c:1f:9f:83:10:95:69:87:7e: d2:ae:7e:d6:3a:11:b3:00:23:6f:4f:00:73:50:18:92:b3:63: ab:8c:c1:a7:a5:2a:e4:23:be:a2:d5:6b:e2:54:0d:3b:77:3c: db:d2:0b:46:dc:4c:d8:40:86:99:7b:90:aa:76:21:0c:43:d8: 37:51:3f:0d:e0:4d:8e:fe:48:a0:0c:64:0b:af:81:1f:6d:33: cf:a3:78:bc:83:31:80:b5:86:ce:63:4f:46:a9:cc:f0:92:2d: 4a:3c:d8:55:f4:86:6d:88:31:d1:e6:de:41:55:5c:d8:e4:db: 58:bb:03:ec:ea:74:4e:55:6e:5d:31:20:93:22:78:11:8a:ab: c7:0e:ef:e2:b2:18:45:85:46:26:03:6c:68:fc:25:08:9e:16: 8e:95:66:18:d0:84:5c:fa:de:a1:72:29:8e:aa:cd:aa:82:1f: 21:50:c2:e3:a5:8a:3c:2c:1f:20:1c:a0:fb:a0:33:83:4c:c7: 66:e9:a8:4d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUI7A/WUsOcdb09t1cKHPN3z4OVbswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDgyMjAwMDAwM1oX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAYmZlMGUxM2Y5MTI3MWMxOGIzODFh OGUzZGFlMGY1Yjc2OTBmYjlkZjE5MzZmYzExMGZmYmNmZmNmNjA4YzVjNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CYNIVPz9vJUOk09+NzIhvMaRqrI ZG7qXRnIrCwKzZWvY231GcJ0TkYsjIGkderFPQmrALvHO4gRZ3Quw86904ON2PLm ZI8Xe45eaydm+v0Sdk+CsU7svachWmA5UA3mV6dNaZO8MfO3wU/mh2DqePPEOLlz M33qprKkbfhORpP9ZjRhYtxk3Zyuk+Hg8hmoESUUL2KP1dl631+gE6skbvO/n3Mu wc3t5ufq1hxtcYg7r2L/kzy0TloXmLT6z1ckg6W6kBj9eFlXf9drzOeEvB0bpIkh B5o1PyEAC+3C/B0W6xI1D0c4d2spqis6AnIwr03X1QuhWJzF44SR7a3a4QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNgrmk6G6SnC6b5tZRWzoC7a6bb/MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQBZx8nmGe5twScVv1yAqEI8 xl8LBuOPcNhKkdKogLTG83emcgNrRo17z+zP25GXbxX4gOhNV5FEXAEBbxyDcCpc H5+DEJVph37Srn7WOhGzACNvTwBzUBiSs2OrjMGnpSrkI76i1WviVA07dzzb0gtG 3EzYQIaZe5CqdiEMQ9g3UT8N4E2O/kigDGQLr4EfbTPPo3i8gzGAtYbOY09Gqczw ki1KPNhV9IZtiDHR5t5BVVzY5NtYuwPs6nROVW5dMSCTIngRiqvHDu/ishhFhUYm A2xo/CUInhaOlWYY0IRc+t6hcimOqs2qgh8hUMLjpYo8LB8gHKD7oDODTMdm6ahN -----END CERTIFICATE-----Generated at Sat Aug 23 15:48:06 2025 by rpki-client