$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa File: 05bc8dbb-c70a-48da-b45b-4448364614ff.roa (raw, json) Hash identifier: /reVIe2YEIi4m5jK093GGyA8i7HBrWakCLGWnSNEr/o= Subject key identifier: AB:0A:0B:C2:58:BC:18:B3:97:90:B9:BB:42:FC:44:7B:DD:7D:9D:0B Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 23EEDD7984CB10EFA40AA33DDBE50D0BE691F482 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa Signing time: Fri 17 Oct 2025 00:01:29 +0000 ROA not before: Fri 17 Oct 2025 00:01:29 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.208.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:ee:dd:79:84:cb:10:ef:a4:0a:a3:3d:db:e5:0d:0b:e6:91:f4:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Oct 17 00:01:29 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=ee7f694319f077734374aa6ec88968ce7cd1e9f5fd66e345c2c8cccad1bb01f9, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:1a:76:bd:ed:ed:14:98:26:55:16:02:fd:e9: 07:30:7f:f3:af:d7:b6:3a:6f:ef:fe:ba:bc:2d:ba: a6:11:6f:73:58:09:77:61:50:cc:d5:59:eb:b7:01: 80:5c:89:68:59:0a:25:07:cd:23:5a:ae:c0:bc:45: 71:42:f1:5c:e0:b4:f7:88:71:69:63:50:1f:90:c9: 3f:84:ac:9b:cd:6c:73:40:3c:78:7b:61:43:42:65: f5:16:d4:99:b5:74:e8:6e:05:1b:cf:bb:0b:1a:fb: dc:be:58:f9:5f:8d:99:21:db:a1:ff:8a:b7:85:41: df:d7:b7:ee:df:69:2c:24:e8:fc:63:76:2a:4c:f2: a8:f8:4a:f7:95:50:a5:54:89:b8:21:7d:de:76:0f: 4a:83:dc:f2:bc:a7:60:b3:67:74:e1:50:41:77:66: f3:a8:96:b0:6c:0c:ae:65:d7:20:5e:0f:b6:8c:77: dc:1b:29:9c:10:b5:bb:e1:77:a9:01:e8:24:08:ec: 62:de:40:7f:f0:42:cf:a5:93:ea:63:2d:51:a9:b7: ff:23:9d:f1:98:22:aa:3c:a9:76:18:8a:35:31:37: 49:27:8b:99:a4:7d:b2:81:35:80:50:16:e5:a5:7f: 10:14:46:d5:04:19:b7:b4:ab:b6:e1:9e:09:63:83: 0b:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:0A:0B:C2:58:BC:18:B3:97:90:B9:BB:42:FC:44:7B:DD:7D:9D:0B X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/05bc8dbb-c70a-48da-b45b-4448364614ff.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.208.0/20 Signature Algorithm: sha256WithRSAEncryption a3:e1:72:95:7f:26:cc:cb:d6:34:ea:8b:a5:24:bf:3c:42:71: 0d:0f:c2:0f:3d:42:80:c1:23:5f:d1:06:fb:b1:8a:16:d3:21: d0:7a:86:9c:e0:c3:90:a3:d8:84:49:95:34:85:54:2e:5b:e9: 8a:f2:16:08:67:fb:54:34:dc:e7:54:fc:7a:f1:73:76:ae:5b: a9:1a:e7:ad:04:16:5b:bf:34:e5:54:b6:3b:73:58:34:3d:88: 42:29:34:b6:ac:66:0d:5d:49:1d:11:19:1e:4a:48:83:c0:f2: fc:bb:13:d5:32:fe:0f:ae:d3:d9:c0:1c:9b:f3:2b:80:df:54: c5:f3:31:12:00:c9:15:74:02:9a:1c:40:69:bf:dc:ca:b8:f9: 4d:b3:20:b0:90:0f:43:a1:c3:b4:3b:81:fe:52:92:9a:d9:79: fb:d2:7e:b2:bf:78:7c:fa:f2:27:3b:b4:ae:cd:00:fd:61:c4: eb:ba:00:b3:27:d9:28:d3:48:d7:7a:7f:c2:a8:c1:56:e2:72: 78:74:2b:5e:52:0e:0a:94:cb:44:2d:1a:eb:ff:d2:e6:fa:cd: 82:d9:72:99:82:e5:4d:fa:ae:3e:bb:27:d3:da:e8:cd:4d:3a: fa:95:f6:e2:be:b4:f9:ca:ad:40:c0:2b:a6:88:16:9f:ec:f4: 56:47:b0:df -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUI+7deYTLEO+kCqM92+UNC+aR9IIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTAxNzAwMDEyOVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAZWU3ZjY5NDMxOWYwNzc3MzQzNzRh YTZlYzg4OTY4Y2U3Y2QxZTlmNWZkNjZlMzQ1YzJjOGNjY2FkMWJiMDFmOTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hp2ve3tFJgmVRYC/ekHMH/zr9e2 Om/v/rq8LbqmEW9zWAl3YVDM1VnrtwGAXIloWQolB80jWq7AvEVxQvFc4LT3iHFp Y1AfkMk/hKybzWxzQDx4e2FDQmX1FtSZtXTobgUbz7sLGvvcvlj5X42ZIduh/4q3 hUHf17fu32ksJOj8Y3YqTPKo+Er3lVClVIm4IX3edg9Kg9zyvKdgs2d04VBBd2bz qJawbAyuZdcgXg+2jHfcGymcELW74XepAegkCOxi3kB/8ELPpZPqYy1Rqbf/I53x mCKqPKl2GIo1MTdJJ4uZpH2ygTWAUBblpX8QFEbVBBm3tKu24Z4JY4MLSQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKsKC8JYvBizl5C5u0L8RHvdfZ0LMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzA1YmM4ZGJiLWM3MGEtNDhkYS1iNDViLTQ0NDgzNjQ2MTRmZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQErynQMA0GCSqGSIb3DQEBCwUAA4IBAQCj4XKVfybMy9Y06oulJL88 QnEND8IPPUKAwSNf0Qb7sYoW0yHQeoac4MOQo9iESZU0hVQuW+mK8hYIZ/tUNNzn VPx68XN2rlupGuetBBZbvzTlVLY7c1g0PYhCKTS2rGYNXUkdERkeSkiDwPL8uxPV Mv4PrtPZwByb8yuA31TF8zESAMkVdAKaHEBpv9zKuPlNsyCwkA9DocO0O4H+UpKa 2Xn70n6yv3h8+vInO7SuzQD9YcTrugCzJ9ko00jXen/CqMFW4nJ4dCteUg4KlMtE LRrr/9Lm+s2C2XKZguVN+q4+uyfT2ujNTTr6lfbivrT5yq1AwCumiBaf7PRWR7Df -----END CERTIFICATE-----Generated at Mon Oct 20 09:50:37 2025 by rpki-client