$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: EakTpsjg8XbW1cpR2oHcTT8EbYnqa5DVQybZqrZLkNY= Subject key identifier: A0:8D:7A:2D:78:D1:DA:28:74:16:8D:AF:3B:EF:91:AD:4D:A4:FB:B2 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 3ECB4BEE1B493CB89CA28F93E1A990B26F705E3B Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Sat 11 Oct 2025 00:00:33 +0000 ROA not before: Sat 11 Oct 2025 00:00:33 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 00:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:cb:4b:ee:1b:49:3c:b8:9c:a2:8f:93:e1:a9:90:b2:6f:70:5e:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 11 00:00:33 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=7d3264c16a56e48480ab292c758cbe68bd545463303735dd64c4b45e2525ecdd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:db:d5:f9:88:c9:89:04:ce:c2:19:cf:53:c6: cc:a7:5a:08:63:0f:39:f0:ae:3e:15:af:01:ca:e1: dc:fa:ff:7b:90:c3:c6:7c:67:6b:c2:b4:d2:1b:44: a3:f1:84:97:4e:01:cc:93:3e:f9:f1:56:ca:ef:b4: b3:6d:54:2d:22:38:c9:1d:c0:ba:e9:2b:be:25:82: 0e:e2:c6:f6:47:41:47:fa:dc:31:7b:a8:cd:84:5d: 60:3a:4a:fb:99:7f:2b:93:33:5a:40:d3:b5:bb:69: 4f:3b:29:aa:1a:87:50:ed:a0:4d:d9:d3:d6:15:04: 01:d5:21:8a:66:6d:8d:68:58:f8:69:8b:8f:c5:05: 03:1f:1a:47:68:a5:a3:73:44:1a:58:a9:b1:1b:79: 52:3a:af:1f:d4:7a:85:1b:de:32:05:00:8c:cc:eb: e8:e8:d1:7f:a7:aa:b7:56:ff:78:8a:0a:8a:51:52: 6b:41:70:48:d1:6a:c5:a0:19:c4:a8:d5:a8:62:21: 6f:00:25:eb:e2:80:25:92:59:d1:ec:fc:02:b7:e9: a8:0c:ec:94:69:34:10:2a:fc:14:9a:6a:39:f1:1f: 22:23:b1:5d:71:6e:99:a9:16:7c:e1:4b:8f:d5:f2: e5:76:3b:71:8b:c9:b9:4b:04:bf:66:61:d9:b8:4d: 98:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:8D:7A:2D:78:D1:DA:28:74:16:8D:AF:3B:EF:91:AD:4D:A4:FB:B2 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:ff:75:04:20:eb:20:fd:99:c3:cd:6e:fb:a3:d9:bc:b5:fa: 2a:17:54:47:fb:ba:3d:3c:36:ef:13:b7:40:19:0d:40:29:d8: 61:47:cd:e0:0e:02:0c:91:af:0d:61:a6:e5:80:f0:83:1b:96: 54:7e:a8:9b:ff:75:9d:a6:1a:c0:c2:2e:ce:26:b5:2e:3c:c2: 43:f1:ed:fe:3a:a7:b6:9a:d9:ff:4c:ac:0f:8f:96:84:85:5c: 20:81:fb:e2:e5:cf:72:2a:05:b1:da:90:ec:8a:29:92:72:29: d3:11:34:dd:9a:17:53:9d:a9:8e:fa:50:66:07:40:59:b7:d6: 98:1e:70:7d:98:89:6c:0b:8f:70:0a:12:49:61:7b:6e:05:d6: 1e:58:a5:fe:83:87:40:47:df:d7:11:9e:3f:5e:38:84:98:13: 98:81:bd:86:36:35:9a:38:b7:9d:3c:23:0b:f3:4f:c9:df:8d: b4:e1:a4:bc:09:f1:7b:d0:b9:8d:3c:3d:5a:66:93:5d:21:f7: 73:d3:cd:cf:45:e8:f0:f9:05:3a:b4:31:51:cd:37:a2:d7:65: 8b:2d:89:85:df:e4:70:ad:30:bd:71:a1:62:ef:5f:79:dc:20: 00:2c:61:22:aa:98:84:56:d3:cf:0a:b8:5f:48:de:bc:00:b9: 3d:f8:cc:b0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUPstL7htJPLicoo+T4amQsm9wXjswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAxMTAwMDAzM1oX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAN2QzMjY0YzE2YTU2ZTQ4NDgwYWIy OTJjNzU4Y2JlNjhiZDU0NTQ2MzMwMzczNWRkNjRjNGI0NWUyNTI1ZWNkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19vV+YjJiQTOwhnPU8bMp1oIYw85 8K4+Fa8ByuHc+v97kMPGfGdrwrTSG0Sj8YSXTgHMkz758VbK77SzbVQtIjjJHcC6 6Su+JYIO4sb2R0FH+twxe6jNhF1gOkr7mX8rkzNaQNO1u2lPOymqGodQ7aBN2dPW FQQB1SGKZm2NaFj4aYuPxQUDHxpHaKWjc0QaWKmxG3lSOq8f1HqFG94yBQCMzOvo 6NF/p6q3Vv94igqKUVJrQXBI0WrFoBnEqNWoYiFvACXr4oAlklnR7PwCt+moDOyU aTQQKvwUmmo58R8iI7FdcW6ZqRZ84UuP1fLldjtxi8m5SwS/ZmHZuE2YaQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKCNei140doodBaNrzvvka1NpPuyMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQBq/3UEIOsg/ZnDzW77o9m8 tfoqF1RH+7o9PDbvE7dAGQ1AKdhhR83gDgIMka8NYablgPCDG5ZUfqib/3WdphrA wi7OJrUuPMJD8e3+Oqe2mtn/TKwPj5aEhVwggfvi5c9yKgWx2pDsiimScinTETTd mhdTnamO+lBmB0BZt9aYHnB9mIlsC49wChJJYXtuBdYeWKX+g4dAR9/XEZ4/XjiE mBOYgb2GNjWaOLedPCML80/J34204aS8CfF70LmNPD1aZpNdIfdz083PRejw+QU6 tDFRzTei12WLLYmF3+RwrTC9caFi71953CAALGEiqpiEVtPPCrhfSN68ALk9+Myw -----END CERTIFICATE-----Generated at Sun Oct 19 23:20:15 2025 by rpki-client