$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa File: 2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa (raw, json) Hash identifier: MG9kewkpdSnNhIhBlptfiEIpXGKPELBh5UcDo7cbCxs= Subject key identifier: 10:53:41:B0:DD:72:55:17:B2:30:F8:AC:E3:8F:9B:65:BD:AE:0F:91 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 4868373899B6B5C930F8D0D957BC0435BCFF6613 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa Signing time: Fri 17 Oct 2025 00:01:23 +0000 ROA not before: Fri 17 Oct 2025 00:01:23 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:68:37:38:99:b6:b5:c9:30:f8:d0:d9:57:bc:04:35:bc:ff:66:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Oct 17 00:01:23 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=597dd161a5401956b96d37938ebe5935ac048d1eac2ddd7e1d06e84f0dc09fc5, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e3:bf:8d:82:13:f8:85:fd:ed:03:df:25:e2: e2:70:08:1b:dd:94:06:cc:16:27:58:e4:b6:fc:ef: 24:ff:7d:2a:d5:58:a3:b0:e9:e2:9a:02:77:ec:1b: b9:94:61:c9:57:d2:85:66:cb:ab:01:e1:19:5d:4b: b9:69:8e:bf:9f:48:70:99:68:10:21:84:a1:2e:0a: cc:53:24:3e:f5:80:4e:ac:ed:cc:f6:b2:a5:08:75: c4:c5:f7:87:f8:c3:3f:8d:0d:b4:72:38:ee:d4:af: 8b:b0:3b:8a:97:63:1a:42:5f:1d:06:58:ea:ea:7f: b5:2a:c0:78:9a:32:3b:0d:fb:16:68:51:eb:ac:4a: 11:ff:be:70:61:08:93:94:6e:43:52:24:dc:ef:2e: 65:e0:90:af:17:c9:25:19:61:20:2f:9a:2d:75:4c: c6:a3:79:21:f8:76:48:7d:e5:8c:f1:32:65:be:b3: 99:4b:b0:92:28:f0:06:14:7e:e9:5c:de:30:d2:fa: 35:6b:8e:b8:cf:21:2b:f0:c4:b9:ba:e6:a4:5f:91: 8d:33:b9:be:58:3d:eb:37:66:00:0a:3c:e6:ad:70: 9e:b4:07:77:50:eb:0d:4d:e4:37:90:bc:68:da:4d: a0:ad:d7:d2:c2:b1:9f:af:dd:33:41:5f:79:90:2a: 9e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:53:41:B0:DD:72:55:17:B2:30:F8:AC:E3:8F:9B:65:BD:AE:0F:91 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/2f47dcdd-c384-4eb2-aefd-f4ad64f26cce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.193.0/24 Signature Algorithm: sha256WithRSAEncryption 86:b5:63:bf:4c:ec:fb:99:71:82:5d:bf:20:a0:9f:4b:93:20: 50:fd:6f:d6:77:aa:36:ec:63:23:9d:70:8d:17:52:1f:3b:ae: de:0c:c8:c2:7b:51:f6:fd:d0:1c:97:a6:e9:48:d2:77:c7:a4: 64:dd:79:d7:cb:14:f2:76:f9:3d:4c:27:10:a5:68:8c:ea:3d: 89:99:fa:d1:1e:42:2d:29:2e:3e:e6:58:06:cd:b5:a3:22:eb: df:36:4e:48:b4:11:a7:78:b2:44:ee:21:87:b9:de:36:01:cf: 1d:00:e2:6b:97:cf:d7:2b:32:fa:9d:20:f3:fd:25:47:d4:df: 5e:64:55:d5:2f:4f:47:c4:1f:f2:ee:69:4c:d3:43:5b:63:21: 31:b6:1c:86:4f:44:d6:36:9f:f0:9e:8d:b6:66:d1:67:99:7e: 8e:a1:68:4e:16:b9:51:e5:95:7b:80:3d:d5:3e:bb:fb:07:c6: 73:c6:8b:f0:bd:e7:1a:a4:45:3b:ec:a4:70:ed:ee:e0:4e:69: 9a:2f:fe:20:7f:1d:aa:ff:00:5e:49:de:3d:31:9b:c3:c2:c8: f9:19:ee:e4:35:68:be:bf:19:84:d6:8c:7d:e8:2c:85:14:9c: bd:09:9d:ae:5e:7f:23:62:12:6a:d4:dd:dc:5c:51:57:3e:b7: 17:06:9a:f3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSGg3OJm2tckw+NDZV7wENbz/ZhMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTAxNzAwMDEyM1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANTk3ZGQxNjFhNTQwMTk1NmI5NmQz NzkzOGViZTU5MzVhYzA0OGQxZWFjMmRkZDdlMWQwNmU4NGYwZGMwOWZjNTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOO/jYIT+IX97QPfJeLicAgb3ZQG zBYnWOS2/O8k/30q1VijsOnimgJ37Bu5lGHJV9KFZsurAeEZXUu5aY6/n0hwmWgQ IYShLgrMUyQ+9YBOrO3M9rKlCHXExfeH+MM/jQ20cjju1K+LsDuKl2MaQl8dBljq 6n+1KsB4mjI7DfsWaFHrrEoR/75wYQiTlG5DUiTc7y5l4JCvF8klGWEgL5otdUzG o3kh+HZIfeWM8TJlvrOZS7CSKPAGFH7pXN4w0vo1a464zyEr8MS5uuakX5GNM7m+ WD3rN2YACjzmrXCetAd3UOsNTeQ3kLxo2k2grdfSwrGfr90zQV95kCqe2QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBBTQbDdclUXsjD4rOOPm2W9rg+RMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzJmNDdkY2RkLWMzODQtNGViMi1hZWZkLWY0YWQ2NGYyNmNjZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynBMA0GCSqGSIb3DQEBCwUAA4IBAQCGtWO/TOz7mXGCXb8goJ9L kyBQ/W/Wd6o27GMjnXCNF1IfO67eDMjCe1H2/dAcl6bpSNJ3x6Rk3XnXyxTydvk9 TCcQpWiM6j2JmfrRHkItKS4+5lgGzbWjIuvfNk5ItBGneLJE7iGHud42Ac8dAOJr l8/XKzL6nSDz/SVH1N9eZFXVL09HxB/y7mlM00NbYyExthyGT0TWNp/wno22ZtFn mX6OoWhOFrlR5ZV7gD3VPrv7B8ZzxovwvecapEU77KRw7e7gTmmaL/4gfx2q/wBe Sd49MZvDwsj5Ge7kNWi+vxmE1ox96CyFFJy9CZ2uXn8jYhJq1N3cXFFXPrcXBprz -----END CERTIFICATE-----Generated at Mon Oct 20 12:25:25 2025 by rpki-client