$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: y6300OW8yTSeKdHqQ/PnRnkGKDNilhwbmi9rIkZhvqc= Subject key identifier: 17:48:C5:11:76:E1:70:A6:40:89:26:FE:4C:B7:78:A8:50:77:6E:A9 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 578217F323B4A092FF2E298B4933CD0AA1AA06A3 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Fri 15 Aug 2025 00:01:35 +0000 ROA not before: Fri 15 Aug 2025 00:01:35 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:02:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:82:17:f3:23:b4:a0:92:ff:2e:29:8b:49:33:cd:0a:a1:aa:06:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Aug 15 00:01:35 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=30eceebb695e137c40ead4ee44d49e418a11b7e0c430b23842331ad6a0ace5a2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a7:d7:3b:bf:cc:ec:5d:37:90:94:5e:8d:d9: 89:89:ad:27:6c:4f:33:1d:dd:94:9f:5c:ad:6a:5e: d7:a0:e5:1a:64:1d:4a:9f:3e:1e:81:c4:65:fa:8a: fd:ef:83:c7:68:77:ae:fa:2a:0b:49:86:52:3c:a0: df:38:f6:21:9a:c3:bf:75:90:b6:4b:81:d8:20:bd: 1f:32:1b:33:22:29:7a:b4:2f:24:75:9e:b0:2d:d2: b6:2f:a2:45:24:c4:e7:aa:ff:af:29:d1:89:17:92: 44:16:8b:ee:f7:8d:97:fb:d7:89:62:6e:d5:8d:ae: 20:01:4c:a6:fd:05:6f:00:1e:fb:39:c8:91:7a:ef: 29:08:ae:fc:38:c9:9b:09:d2:5a:b3:16:04:71:e2: 95:0c:c9:1e:b5:12:67:ae:0a:c9:c7:66:f7:57:4c: 1a:89:52:f1:ca:99:d5:2b:20:f6:c7:d1:59:0e:e6: 42:4f:e7:2b:bb:80:58:06:28:0a:5d:b4:93:e0:ce: 75:a8:8d:60:1a:64:e1:55:fc:8c:3c:55:a1:b4:bd: bb:b4:50:53:1f:57:c2:1a:fc:29:b2:55:a1:45:ff: af:09:9b:06:5e:8e:5d:db:2b:70:65:b9:83:12:7c: 90:89:81:c0:67:f1:91:c8:2b:3b:7a:a2:5f:07:04: 9e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:48:C5:11:76:E1:70:A6:40:89:26:FE:4C:B7:78:A8:50:77:6E:A9 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:78:32:46:ee:59:72:c7:d8:d6:86:f3:4e:dc:de:61:fa:29: e3:2c:40:dd:56:d3:c0:34:0b:5c:e5:5a:61:f4:79:82:e5:a7: 26:55:fa:3a:a7:2e:bb:4b:63:99:4c:4d:8d:7f:49:f5:cc:95: 5d:35:a3:15:04:8d:89:da:8e:64:27:3b:70:72:c0:90:83:ad: f3:d2:16:ff:65:db:0f:f5:c6:16:70:54:e5:5b:08:66:f7:48: dd:fa:eb:e2:fc:60:96:32:b3:03:a6:f9:8d:73:01:d4:de:c8: aa:84:32:d9:6d:e6:74:89:54:c0:80:19:4b:be:7d:2e:1c:3f: ec:4e:f3:8d:19:43:fd:59:1d:c8:e6:a8:c5:02:07:67:00:72: e5:68:90:bd:11:f1:5a:0d:2c:51:cd:2f:4e:57:00:d7:3b:d5: 62:ad:c2:81:bc:bd:e4:b7:f5:55:94:8f:04:84:45:84:0e:92: 7c:c6:ba:8b:eb:ea:02:f3:fe:fd:fb:e2:2c:83:91:12:e8:1f: d2:31:fd:26:bf:5b:e6:99:8a:5c:e2:da:c0:39:cb:db:cf:1d: 4e:37:96:bd:21:07:9c:72:72:ce:99:77:70:6f:ce:b5:93:69: d5:04:76:85:34:aa:47:0f:5c:f6:fd:8f:cb:c9:a2:20:4c:7e: f1:7c:6f:e7 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUV4IX8yO0oJL/LimLSTPNCqGqBqMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDgxNTAwMDEzNVoX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNAMzBlY2VlYmI2OTVlMTM3YzQwZWFk NGVlNDRkNDllNDE4YTExYjdlMGM0MzBiMjM4NDIzMzFhZDZhMGFjZTVhMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqfXO7/M7F03kJRejdmJia0nbE8z Hd2Un1ytal7XoOUaZB1Knz4egcRl+or974PHaHeu+ioLSYZSPKDfOPYhmsO/dZC2 S4HYIL0fMhszIil6tC8kdZ6wLdK2L6JFJMTnqv+vKdGJF5JEFovu942X+9eJYm7V ja4gAUym/QVvAB77OciReu8pCK78OMmbCdJasxYEceKVDMketRJnrgrJx2b3V0wa iVLxypnVKyD2x9FZDuZCT+cru4BYBigKXbST4M51qI1gGmThVfyMPFWhtL27tFBT H1fCGvwpslWhRf+vCZsGXo5d2ytwZbmDEnyQiYHAZ/GRyCs7eqJfBwSePQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBdIxRF24XCmQIkm/ky3eKhQd26pMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQB/eDJG7llyx9jWhvNO3N5h +injLEDdVtPANAtc5Vph9HmC5acmVfo6py67S2OZTE2Nf0n1zJVdNaMVBI2J2o5k JztwcsCQg63z0hb/ZdsP9cYWcFTlWwhm90jd+uvi/GCWMrMDpvmNcwHU3siqhDLZ beZ0iVTAgBlLvn0uHD/sTvONGUP9WR3I5qjFAgdnAHLlaJC9EfFaDSxRzS9OVwDX O9VircKBvL3kt/VVlI8EhEWEDpJ8xrqL6+oC8/79++Isg5ES6B/SMf0mv1vmmYpc 4trAOcvbzx1ON5a9IQeccnLOmXdwb861k2nVBHaFNKpHD1z2/Y/LyaIgTH7xfG/n -----END CERTIFICATE-----Generated at Sat Aug 23 08:15:41 2025 by rpki-client