$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa File: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (raw, json) Hash identifier: FB1Qpi6ubFBBb9QiCsmL14R/uNLcJYJQgm5SPXnPMkY= Subject key identifier: 62:88:5C:CB:C5:1D:D5:B1:D7:B2:99:83:F6:1E:4F:AC:C3:58:25:36 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 0B0605DEBBF8B6493E73E7C811073B42D012B970 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa Signing time: Sun 19 Oct 2025 00:00:05 +0000 ROA not before: Sun 19 Oct 2025 00:00:05 +0000 ROA not after: Sun 23 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 160.235.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:06:05:de:bb:f8:b6:49:3e:73:e7:c8:11:07:3b:42:d0:12:b9:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 19 00:00:05 2025 GMT Not After : Nov 23 23:59:59 2025 GMT Subject: serialNumber=66397a9d2a523d64fa33e9b1856d3e7247aed0917b687fcf1e2d42aaddfb6c83, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1c:e9:9f:81:d5:24:00:3c:0c:98:f1:f1:16: 66:93:8e:e2:d7:57:34:78:65:0c:05:2d:60:6f:ad: 04:56:a8:95:b7:9e:c1:7a:ea:68:00:62:24:85:36: 3b:b7:5a:ce:ff:f0:3b:08:02:99:d3:4f:bf:07:6f: b1:80:9b:72:ec:bf:1e:b9:04:60:f9:9c:17:99:a1: c5:c5:e9:fa:1d:2c:e1:fe:c2:75:d0:c3:b5:e6:d1: 88:03:68:f4:5b:fa:83:7a:1e:3c:79:4c:f3:8b:ad: fd:4e:f9:b7:18:41:12:83:cf:b3:57:43:b2:d5:cb: d5:1e:55:0c:02:42:14:ed:81:b2:6d:18:7b:ae:da: 8f:54:c3:a6:54:5b:ba:5e:2e:5c:7e:07:d5:19:53: 04:e5:db:2a:99:4f:58:e3:23:f6:1f:67:6d:f8:d8: 09:4e:b5:a1:cc:ab:16:3a:e9:c6:3d:3e:c8:c0:33: d0:0f:b7:93:2c:a9:d5:3f:3b:3f:2e:ec:31:96:82: 21:a5:71:8a:2e:66:44:60:b6:99:6d:e1:a3:75:4c: b9:70:08:7a:23:bd:72:41:06:98:43:c3:25:50:de: 20:6d:31:e7:d6:26:f0:9e:3c:ad:a8:ce:14:1f:ee: f3:52:36:c4:27:6a:81:ac:14:f9:16:39:11:55:97: 18:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:88:5C:CB:C5:1D:D5:B1:D7:B2:99:83:F6:1E:4F:AC:C3:58:25:36 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.235.0.0/16 Signature Algorithm: sha256WithRSAEncryption 7d:49:5b:38:e9:58:ef:39:32:3e:b4:d7:d0:62:da:14:5a:76: 89:d6:43:9f:37:4e:7f:56:4e:a0:7e:cd:9c:93:ad:89:da:86: 59:de:5a:6a:d0:a2:a0:30:6f:ab:fe:dd:18:cc:3c:75:6a:80: 1e:44:48:76:41:d0:27:a0:be:ce:8e:cd:d1:88:1b:37:5d:51: 0b:56:0c:c7:aa:20:fd:77:84:62:e3:db:0a:d6:71:e5:31:f6: f2:ae:71:f9:e8:0e:62:93:f6:cc:df:21:94:63:04:a6:85:29: ac:29:42:b0:46:8f:07:6d:2f:02:88:3b:15:1d:1d:4c:43:b2: c4:ea:dd:45:f1:75:2e:a8:0d:d0:fc:97:e2:c5:a3:60:c4:a2: 4c:ae:56:c7:72:51:1a:90:d8:b1:83:40:e7:8a:0b:de:c1:af: c1:5d:7d:d2:36:8a:d4:f3:59:58:b4:d8:fd:97:d2:40:cc:ac: 8b:62:b8:cc:74:fa:1a:b4:6f:85:8f:69:bd:b7:72:b4:14:f5: fc:5a:ec:b7:41:82:c3:81:a9:71:0c:81:a3:46:83:b3:b3:85: 9f:45:53:03:80:67:2f:b4:7f:ef:98:41:42:db:f9:d8:d8:02: 51:4c:b2:47:4b:db:3c:34:60:76:c6:bf:9a:8f:21:26:c8:ca: d0:1c:02:dc -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUCwYF3rv4tkk+c+fIEQc7QtASuXAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAxOTAwMDAwNVoX DTI1MTEyMzIzNTk1OVowejFJMEcGA1UEBRNANjYzOTdhOWQyYTUyM2Q2NGZhMzNl OWIxODU2ZDNlNzI0N2FlZDA5MTdiNjg3ZmNmMWUyZDQyYWFkZGZiNmM4MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRzpn4HVJAA8DJjx8RZmk47i11c0 eGUMBS1gb60EVqiVt57BeupoAGIkhTY7t1rO//A7CAKZ00+/B2+xgJty7L8euQRg +ZwXmaHFxen6HSzh/sJ10MO15tGIA2j0W/qDeh48eUzzi639Tvm3GEESg8+zV0Oy 1cvVHlUMAkIU7YGybRh7rtqPVMOmVFu6Xi5cfgfVGVME5dsqmU9Y4yP2H2dt+NgJ TrWhzKsWOunGPT7IwDPQD7eTLKnVPzs/LuwxloIhpXGKLmZEYLaZbeGjdUy5cAh6 I71yQQaYQ8MlUN4gbTHn1ibwnjytqM4UH+7zUjbEJ2qBrBT5FjkRVZcYlwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFGKIXMvFHdWx17KZg/YeT6zDWCU2MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkMWZiMWM3LTYxNDAtNGM1Ny05MjhmLTFhNTk1ODZmOWUyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAoOswDQYJKoZIhvcNAQELBQADggEBAH1JWzjpWO85Mj6019Bi2hRa donWQ583Tn9WTqB+zZyTrYnahlneWmrQoqAwb6v+3RjMPHVqgB5ESHZB0Cegvs6O zdGIGzddUQtWDMeqIP13hGLj2wrWceUx9vKucfnoDmKT9szfIZRjBKaFKawpQrBG jwdtLwKIOxUdHUxDssTq3UXxdS6oDdD8l+LFo2DEokyuVsdyURqQ2LGDQOeKC97B r8FdfdI2itTzWVi02P2X0kDMrItiuMx0+hq0b4WPab23crQU9fxa7LdBgsOBqXEM gaNGg7OzhZ9FUwOAZy+0f++YQULb+djYAlFMskdL2zw0YHbGv5qPISbIytAcAtw= -----END CERTIFICATE-----Generated at Mon Oct 20 23:32:26 2025 by rpki-client