$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: 1qCT2IAmbrL6ggBAizoqvmMijAOFpynSDLesioUlgsA= Subject key identifier: 9A:D0:12:40:92:97:CE:37:58:89:01:AF:7C:40:AC:D2:46:34:FC:A4 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 2245C1DA94BAF645286ED3082FFB616F303F594E Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Sat 04 Oct 2025 00:00:05 +0000 ROA not before: Sat 04 Oct 2025 00:00:05 +0000 ROA not after: Sat 08 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:45:c1:da:94:ba:f6:45:28:6e:d3:08:2f:fb:61:6f:30:3f:59:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 4 00:00:05 2025 GMT Not After : Nov 8 23:59:59 2025 GMT Subject: serialNumber=c81593e3b34ab728009e526a3f8db40409c448191bbbe2402d1ab65529dd37d5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:7d:23:a5:cf:c6:07:71:17:00:96:b7:23:f4: a8:0a:40:73:cf:7b:64:8f:9c:87:68:3f:85:9e:2d: 54:d0:9e:e1:09:c4:14:de:34:d5:a0:d4:b6:a2:b9: 92:50:85:07:2c:a9:f2:57:a3:db:14:6a:9d:05:52: c7:2b:b5:68:2c:d6:96:70:9f:38:88:cf:11:38:f8: ff:a5:ab:20:98:26:6e:90:92:07:17:d0:bd:96:3d: d2:f9:6f:96:f4:22:5e:a2:e2:dd:99:57:3d:98:83: 49:8b:1f:c1:5c:ae:db:1b:16:62:11:3d:ec:53:be: b0:e6:c9:df:af:b1:1f:48:39:33:8e:4c:10:99:aa: dc:49:c3:85:2d:ec:36:62:f4:fb:84:83:98:dc:b0: db:ce:31:3f:d9:09:3d:7d:37:c1:73:58:bb:cb:e6: e6:09:04:2f:80:57:fe:15:12:17:13:30:20:8f:a9: f6:bf:83:86:ca:46:73:be:67:7d:08:d5:dc:de:9c: d4:67:dd:18:cc:df:1a:eb:89:f7:24:b2:86:33:b5: 54:95:3f:3a:5d:1d:ed:eb:85:bc:82:34:0b:12:ab: 91:84:60:1b:9c:31:55:08:bc:ad:bd:1c:cb:55:6a: 6b:9b:0b:fe:f0:7a:d0:8f:87:d0:99:35:58:92:b8: 5c:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:D0:12:40:92:97:CE:37:58:89:01:AF:7C:40:AC:D2:46:34:FC:A4 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 97:42:da:0b:2d:fa:33:f2:52:65:8f:1c:4d:76:e0:34:08:21: 5b:e9:7a:5f:48:3b:9f:f8:0b:36:05:4b:93:42:e5:d8:76:84: 4f:9b:fc:45:00:07:37:22:48:b3:0e:76:63:2f:9e:45:0d:37: e9:23:42:50:e0:34:3f:f0:8b:6a:58:81:f0:60:f9:a0:f5:67: aa:74:d3:6c:c2:5f:a3:ac:73:17:d0:4d:76:00:d7:f5:b1:b1: dc:1a:84:0e:db:31:f8:b8:57:d5:cb:50:24:bb:83:85:b1:a1: 9f:4c:cf:12:62:0f:9a:a2:6b:dd:7f:64:5c:ed:fd:77:de:f5: 5a:04:b1:04:e5:e9:41:88:48:99:ff:11:47:8a:a8:ef:8c:dc: ff:1f:a0:fb:5f:5c:54:d6:f9:cf:5b:bd:21:1c:0d:ff:ce:3e: be:64:c9:27:b2:92:3a:c4:0b:22:00:d7:5f:71:85:d2:79:68: 8b:20:ef:4e:cd:51:64:31:69:0a:3d:ef:be:12:48:e2:7f:c2: 34:cc:54:4c:b6:8c:7b:fa:42:4c:90:34:f5:e0:3d:51:d0:cf: e2:c0:0b:5b:92:a0:39:58:29:86:1c:45:83:35:3f:f9:88:24: 1c:13:11:84:ac:be:6b:21:81:58:9e:9d:cd:18:b3:bf:66:aa: a0:6d:34:72 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUIkXB2pS69kUobtMIL/thbzA/WU4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MTAwNDAwMDAwNVoX DTI1MTEwODIzNTk1OVowejFJMEcGA1UEBRNAYzgxNTkzZTNiMzRhYjcyODAwOWU1 MjZhM2Y4ZGI0MDQwOWM0NDgxOTFiYmJlMjQwMmQxYWI2NTUyOWRkMzdkNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu30jpc/GB3EXAJa3I/SoCkBzz3tk j5yHaD+Fni1U0J7hCcQU3jTVoNS2ormSUIUHLKnyV6PbFGqdBVLHK7VoLNaWcJ84 iM8ROPj/pasgmCZukJIHF9C9lj3S+W+W9CJeouLdmVc9mINJix/BXK7bGxZiET3s U76w5snfr7EfSDkzjkwQmarcScOFLew2YvT7hIOY3LDbzjE/2Qk9fTfBc1i7y+bm CQQvgFf+FRIXEzAgj6n2v4OGykZzvmd9CNXc3pzUZ90YzN8a64n3JLKGM7VUlT86 XR3t64W8gjQLEquRhGAbnDFVCLytvRzLVWprmwv+8HrQj4fQmTVYkrhcBQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJrQEkCSl843WIkBr3xArNJGNPykMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQCXQtoLLfoz8lJljxxNduA0 CCFb6XpfSDuf+As2BUuTQuXYdoRPm/xFAAc3IkizDnZjL55FDTfpI0JQ4DQ/8Itq WIHwYPmg9WeqdNNswl+jrHMX0E12ANf1sbHcGoQO2zH4uFfVy1Aku4OFsaGfTM8S Yg+aomvdf2Rc7f133vVaBLEE5elBiEiZ/xFHiqjvjNz/H6D7X1xU1vnPW70hHA3/ zj6+ZMknspI6xAsiANdfcYXSeWiLIO9OzVFkMWkKPe++Ekjif8I0zFRMtox7+kJM kDT14D1R0M/iwAtbkqA5WCmGHEWDNT/5iCQcExGErL5rIYFYnp3NGLO/ZqqgbTRy -----END CERTIFICATE-----Generated at Mon Oct 20 20:43:32 2025 by rpki-client