$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa File: c18b0845-fc95-41d6-b476-af4e1e466849.roa (raw, json) Hash identifier: pLEUEUxRFD0PmPbSZ2MVlPyzymq9mAt10D86sD3TW4Y= Subject key identifier: 0C:2A:0A:C6:39:B0:5D:D4:55:65:65:10:53:24:EF:29:0D:86:2F:F1 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5D833FBB32CC69520289150728DE976DDD47A3C6 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa Signing time: Wed 25 Jun 2025 00:00:39 +0000 ROA not before: Wed 25 Jun 2025 00:00:39 +0000 ROA not after: Wed 30 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:83:3f:bb:32:cc:69:52:02:89:15:07:28:de:97:6d:dd:47:a3:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jun 25 00:00:39 2025 GMT Not After : Jul 30 23:59:59 2025 GMT Subject: serialNumber=fa8d456fc5081133514cd9fbf58ad05e5db679421b354c13bdcf94ed2d10bcba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:6b:90:ad:f5:9f:bc:e4:46:3e:cb:ad:29:2f: 87:23:ef:cc:13:70:7c:4d:2f:04:56:75:60:80:0a: 57:cd:1b:ed:ca:67:b4:e1:d6:2e:b4:b7:06:00:f6: f7:b9:61:7d:9a:36:7c:9a:6d:27:35:5e:dd:50:c5: d4:4f:b7:c0:1f:73:2e:92:12:e2:4c:42:a5:13:29: dd:e1:33:6f:f6:39:c7:06:31:51:0f:47:d0:d1:a0: 7d:8d:af:a1:13:a3:9a:80:41:15:a9:d3:ac:4b:34: 8e:85:7f:c9:05:45:8f:e3:34:6b:c4:57:bc:8f:2e: 1e:f1:c5:43:96:ab:18:4b:41:f4:b2:81:91:02:fa: 8c:b4:16:cf:72:c4:b1:ba:85:c9:f8:e4:7f:98:02: 8d:36:3a:4b:f8:84:42:b9:7c:3b:f1:93:e2:45:90: 0c:06:d2:21:d5:81:75:b2:89:9f:de:5d:90:24:f2: 33:c7:f0:ce:a2:e4:9c:bb:47:c3:97:01:9e:09:19: bc:c2:b3:12:bf:ca:80:fc:fd:0d:8d:a5:88:49:38: 57:56:62:18:62:e4:c9:13:ef:19:70:0e:b9:82:56: 8b:3f:79:da:e7:7d:6e:c6:8d:a8:39:17:6c:e5:7b: 7a:75:4a:cd:60:9a:10:0a:ee:02:a9:ed:26:19:19: 4f:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:2A:0A:C6:39:B0:5D:D4:55:65:65:10:53:24:EF:29:0D:86:2F:F1 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c18b0845-fc95-41d6-b476-af4e1e466849.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.133.0/24 Signature Algorithm: sha256WithRSAEncryption 09:2c:b3:46:13:cf:55:51:78:0e:e1:e9:ea:06:81:58:f7:e3: f4:b3:ca:3c:ab:ab:c1:c1:50:89:51:85:02:2e:50:ee:08:62: 61:dc:33:7d:53:3e:7f:24:66:e9:dd:97:77:80:e2:9e:ef:47: f3:fa:e6:85:b0:c4:97:88:b4:95:35:62:ce:d0:86:3e:8c:f2: 2b:8f:c3:38:5e:00:bd:4d:f0:44:a0:d1:56:a3:21:0e:fa:02: 8c:f0:c6:32:41:bc:f1:ca:0f:b0:98:f2:76:1c:78:f7:2a:66: a8:5c:6b:4a:81:c1:5d:3a:fc:72:73:19:d6:b9:10:c6:80:0a: ed:d4:db:a9:ac:fe:0e:c9:e3:85:2a:bf:95:2a:ae:9e:47:6d: a4:03:57:3b:22:1c:d9:e6:2c:b4:36:d7:fe:3e:82:f6:33:2a: 0b:12:32:b8:7f:78:da:eb:c6:1e:4e:5d:a0:54:20:1b:5a:18: f5:22:bb:bb:8e:f5:69:93:25:1a:eb:f3:24:a5:3f:32:f8:9e: fe:d4:8f:6b:67:ac:97:f0:27:78:1f:3f:e7:53:35:d2:dc:b2: 55:46:c8:12:d2:1b:ce:c9:87:92:ee:92:dc:0e:9b:6e:5d:a1: 4c:e0:de:e2:bd:9f:11:f8:a1:80:04:47:0d:1f:89:54:28:60: d8:cc:96:4e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXYM/uzLMaVICiRUHKN6Xbd1Ho8YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDYyNTAwMDAzOVoX DTI1MDczMDIzNTk1OVowejFJMEcGA1UEBRNAZmE4ZDQ1NmZjNTA4MTEzMzUxNGNk OWZiZjU4YWQwNWU1ZGI2Nzk0MjFiMzU0YzEzYmRjZjk0ZWQyZDEwYmNiYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmuQrfWfvORGPsutKS+HI+/ME3B8 TS8EVnVggApXzRvtyme04dYutLcGAPb3uWF9mjZ8mm0nNV7dUMXUT7fAH3MukhLi TEKlEynd4TNv9jnHBjFRD0fQ0aB9ja+hE6OagEEVqdOsSzSOhX/JBUWP4zRrxFe8 jy4e8cVDlqsYS0H0soGRAvqMtBbPcsSxuoXJ+OR/mAKNNjpL+IRCuXw78ZPiRZAM BtIh1YF1somf3l2QJPIzx/DOouScu0fDlwGeCRm8wrMSv8qA/P0NjaWISThXVmIY YuTJE+8ZcA65glaLP3na531uxo2oORds5Xt6dUrNYJoQCu4Cqe0mGRlPEQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAwqCsY5sF3UVWVlEFMk7ykNhi/xMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxOGIwODQ1LWZjOTUtNDFkNi1iNDc2LWFmNGUxZTQ2Njg0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAn/iFMA0GCSqGSIb3DQEBCwUAA4IBAQAJLLNGE89VUXgO4enqBoFY 9+P0s8o8q6vBwVCJUYUCLlDuCGJh3DN9Uz5/JGbp3Zd3gOKe70fz+uaFsMSXiLSV NWLO0IY+jPIrj8M4XgC9TfBEoNFWoyEO+gKM8MYyQbzxyg+wmPJ2HHj3KmaoXGtK gcFdOvxycxnWuRDGgArt1NuprP4OyeOFKr+VKq6eR22kA1c7IhzZ5iy0Ntf+PoL2 MyoLEjK4f3ja68YeTl2gVCAbWhj1Iru7jvVpkyUa6/MkpT8y+J7+1I9rZ6yX8Cd4 Hz/nUzXS3LJVRsgS0hvOyYeS7pLcDptuXaFM4N7ivZ8R+KGABEcNH4lUKGDYzJZO -----END CERTIFICATE-----Generated at Sun Jun 29 08:14:55 2025 by rpki-client