$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa File: 0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa (raw, json) Hash identifier: ckC1Dr/riv9p1pk0bUJjrFYYHVpxz5ELjz+tjrFdnrg= Subject key identifier: 0C:11:F9:FE:4C:DB:24:6B:03:37:B6:13:84:52:13:3C:54:A4:B0:BA Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2E9585ABE1A1715C777764A6BDDF579740A87DCC Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa Signing time: Fri 17 Oct 2025 00:01:27 +0000 ROA not before: Fri 17 Oct 2025 00:01:27 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.232.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:95:85:ab:e1:a1:71:5c:77:77:64:a6:bd:df:57:97:40:a8:7d:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Oct 17 00:01:27 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=acd70de72d2ea3670ae45e0be10882ddca891d74967a51ff047a7e46c6cb2ff5, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:45:f3:59:cc:63:5d:7d:cc:46:62:e7:ab:cf: 94:82:8f:22:20:48:ee:0b:6e:e7:8c:56:82:be:8b: a0:1a:5f:cf:c8:9b:56:c9:2d:a9:6f:7a:d0:48:92: 97:ce:52:26:19:70:9e:3a:51:71:57:49:5a:50:7e: a5:1a:ce:41:19:56:99:00:f6:12:59:24:e8:39:36: 8d:14:f5:95:74:96:90:69:ee:0d:8c:30:fe:4f:6d: 41:a5:8e:6e:57:64:83:03:cb:54:2a:46:54:8b:8b: 55:5a:b2:8b:d2:9b:f2:a8:52:fe:e3:67:7a:4d:f6: 33:d5:d5:df:4a:ac:1c:45:7e:ca:c1:cf:cf:ec:88: 1e:7f:ee:e3:60:db:bc:aa:68:af:07:c9:c8:e7:6f: 75:d8:13:4b:fc:84:8b:09:62:98:3d:bf:ff:a5:91: a3:81:d7:74:df:d9:85:3c:84:34:f8:0c:58:57:46: b3:ab:b5:3e:4c:7e:6c:32:5c:d5:0a:dc:5c:a8:92: 06:04:3a:51:ce:b4:6e:cb:2b:a0:f2:2c:0e:7e:58: 6d:51:0c:3b:b1:d0:af:92:c3:e4:11:24:c7:30:f2: bb:47:d8:d1:7c:96:0f:14:e0:79:31:97:93:85:ff: 5b:e9:bb:cd:6c:04:89:29:12:83:4e:f8:1c:0c:ad: f6:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:11:F9:FE:4C:DB:24:6B:03:37:B6:13:84:52:13:3C:54:A4:B0:BA X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0c5c54ff-f977-4b96-8ce9-a1eaf082fe9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.232.0/22 Signature Algorithm: sha256WithRSAEncryption 89:2a:fe:e8:d9:93:7c:29:88:25:96:32:ac:e9:11:2c:70:71: 8d:fb:13:9f:fe:5b:f0:4e:ae:84:ed:ba:2f:8d:43:c8:4f:ac: f6:a6:96:a2:ff:c2:21:2d:0c:61:8e:d0:50:4b:b9:62:8b:e2: 68:25:c6:49:76:7a:c5:47:fe:b6:0a:4b:bb:2a:da:d1:36:31: 9b:40:6c:b5:5b:9f:c3:a8:6f:0c:a8:20:ee:e6:e7:51:bf:ff: f1:d5:cb:0c:50:cb:8f:ef:f8:8e:89:b1:2b:d6:8d:57:30:51: 93:04:91:41:1b:c2:e0:5a:04:e4:51:35:a4:00:c7:c8:71:b4: 94:c9:6f:f0:99:97:98:aa:ad:27:d4:b9:3d:82:14:20:f2:6d: fe:6d:c9:80:31:03:e8:a9:3c:16:21:39:24:71:89:42:35:6b: 86:e8:7f:2f:11:de:e0:a3:ed:d2:a2:e4:2a:73:ce:e7:80:59: a2:2c:94:cb:52:5a:1f:d8:71:de:e8:62:7a:2e:10:3d:07:94: 01:97:60:26:98:ee:8e:d1:bd:78:2e:32:19:b2:d9:6d:3d:d3: 46:55:03:11:c8:b0:68:0a:b2:18:ba:91:51:e0:3f:f2:80:6c: 37:a6:fd:cd:ab:5c:37:ec:a1:3b:97:60:88:74:a2:b9:c3:c3: d7:00:22:f5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULpWFq+GhcVx3d2Smvd9Xl0CofcwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTAxNzAwMDEyN1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAYWNkNzBkZTcyZDJlYTM2NzBhZTQ1 ZTBiZTEwODgyZGRjYTg5MWQ3NDk2N2E1MWZmMDQ3YTdlNDZjNmNiMmZmNTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEXzWcxjXX3MRmLnq8+Ugo8iIEju C27njFaCvougGl/PyJtWyS2pb3rQSJKXzlImGXCeOlFxV0laUH6lGs5BGVaZAPYS WSToOTaNFPWVdJaQae4NjDD+T21BpY5uV2SDA8tUKkZUi4tVWrKL0pvyqFL+42d6 TfYz1dXfSqwcRX7Kwc/P7Igef+7jYNu8qmivB8nI52912BNL/ISLCWKYPb//pZGj gdd039mFPIQ0+AxYV0azq7U+TH5sMlzVCtxcqJIGBDpRzrRuyyug8iwOflhtUQw7 sdCvksPkESTHMPK7R9jRfJYPFOB5MZeThf9b6bvNbASJKRKDTvgcDK32ZwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAwR+f5M2yRrAze2E4RSEzxUpLC6MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzBjNWM1NGZmLWY5NzctNGI5Ni04Y2U5LWExZWFmMDgyZmU5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrynoMA0GCSqGSIb3DQEBCwUAA4IBAQCJKv7o2ZN8KYglljKs6REs cHGN+xOf/lvwTq6E7bovjUPIT6z2ppai/8IhLQxhjtBQS7lii+JoJcZJdnrFR/62 Cku7KtrRNjGbQGy1W5/DqG8MqCDu5udRv//x1csMUMuP7/iOibEr1o1XMFGTBJFB G8LgWgTkUTWkAMfIcbSUyW/wmZeYqq0n1Lk9ghQg8m3+bcmAMQPoqTwWITkkcYlC NWuG6H8vEd7go+3SouQqc87ngFmiLJTLUlof2HHe6GJ6LhA9B5QBl2AmmO6O0b14 LjIZstltPdNGVQMRyLBoCrIYupFR4D/ygGw3pv3Nq1w37KE7l2CIdKK5w8PXACL1 -----END CERTIFICATE-----Generated at Mon Oct 20 09:45:26 2025 by rpki-client