$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json) Hash identifier: EEpGnDssDT5F6TC5weTFiIsLtmOPA71qsLq3d55nmBE= Subject key identifier: 19:3A:86:10:0B:FE:BE:F9:F0:5F:B0:9E:B1:14:DD:C3:E8:C4:5E:6C Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 204FE657854C7732932BB34F9B8B7D53944085E9 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa Signing time: Fri 17 Oct 2025 00:01:27 +0000 ROA not before: Fri 17 Oct 2025 00:01:27 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:4f:e6:57:85:4c:77:32:93:2b:b3:4f:9b:8b:7d:53:94:40:85:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Oct 17 00:01:27 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=7154b7f62a9d2792d2a3a722572be42f44dc70949b14d79e6a8c832b602f8811, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:bb:3d:3e:86:7a:f5:7c:b0:a5:98:92:46:5b: 8f:b8:ac:df:c0:d8:23:40:03:12:a8:27:09:08:76: 62:bb:ae:05:36:cd:06:49:13:de:7c:a8:7c:92:66: f5:77:61:29:ae:24:69:09:7b:9a:c7:05:30:a7:d8: 6e:fc:ba:1c:e5:16:05:8a:2f:6a:63:d8:87:1a:6b: 84:30:b7:29:7c:3d:f3:04:a3:ab:66:56:44:80:2a: ba:9c:02:3b:94:b8:7b:99:19:dd:25:9c:cd:45:05: 0a:52:f9:dc:0b:6b:1b:c5:f1:c4:30:10:da:2b:46: de:29:1d:d7:37:e6:39:61:d2:d8:84:0d:d9:f0:f8: 3b:9f:cf:a8:4a:06:c7:3f:80:52:a0:72:27:64:c7: 57:78:a8:92:89:b5:8f:10:01:3c:f0:0d:fd:f0:04: bb:4c:64:e8:6a:74:96:f0:7d:bd:91:6d:ab:00:f4: fc:72:2d:90:4e:ff:6c:dc:69:cf:a0:46:8a:f5:e6: e0:35:d0:59:54:ea:88:55:cf:7d:dc:8e:d1:a9:fd: 2e:98:87:6a:f3:9e:e3:24:44:cc:a7:03:30:d4:37: 2f:08:4d:89:9d:4a:2e:4d:14:c3:48:6d:ee:97:fd: d7:04:30:2f:11:9a:eb:c3:cb:bb:ca:f9:3f:42:80: ee:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:3A:86:10:0B:FE:BE:F9:F0:5F:B0:9E:B1:14:DD:C3:E8:C4:5E:6C X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.224.0/21 Signature Algorithm: sha256WithRSAEncryption 6f:4c:63:ba:c5:74:a9:bd:c3:9a:2d:b1:06:80:42:2e:44:c9: ba:06:1e:ed:a4:94:40:b1:06:71:90:5b:37:3f:58:59:6d:54: 6b:9b:d0:61:36:86:14:a2:4c:6d:b0:f2:f5:66:e4:e2:a5:07: fb:89:ae:05:32:d0:5b:69:ec:43:98:c6:c7:d0:09:d3:fb:fc: 8b:f4:f4:07:8b:0c:66:24:55:2b:63:d1:6a:7b:b2:1b:2f:ab: 39:f9:3b:b2:48:38:1f:4d:b6:b5:a2:e5:4b:2c:1c:57:30:5d: 8d:b4:d4:21:5b:97:47:55:8f:7b:15:63:05:63:40:33:48:f3: f3:a1:a7:f4:62:e0:3a:56:40:d7:d3:2f:34:c0:c3:a7:22:48: c4:4b:bf:3e:8c:d3:b9:22:6f:a8:63:5b:dc:17:6c:bd:8c:9e: d2:42:29:94:cd:38:a4:3e:06:fb:16:d6:e2:45:76:d3:cf:1c: 2e:96:ec:0a:1a:ba:03:96:60:f3:91:53:4a:e5:c1:1e:8c:77: c0:1a:ef:d9:83:27:a5:26:28:19:f7:02:73:3a:1b:d0:69:a0: 5d:34:56:03:10:50:c5:a9:2d:72:bd:9d:73:c0:38:e6:3b:db: 43:79:61:b1:89:f2:28:54:32:7c:59:95:17:ef:28:19:a3:fe: 5e:50:e1:41 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUIE/mV4VMdzKTK7NPm4t9U5RAhekwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTAxNzAwMDEyN1oX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANzE1NGI3ZjYyYTlkMjc5MmQyYTNh NzIyNTcyYmU0MmY0NGRjNzA5NDliMTRkNzllNmE4YzgzMmI2MDJmODgxMTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprs9PoZ69XywpZiSRluPuKzfwNgj QAMSqCcJCHZiu64FNs0GSRPefKh8kmb1d2EpriRpCXuaxwUwp9hu/Loc5RYFii9q Y9iHGmuEMLcpfD3zBKOrZlZEgCq6nAI7lLh7mRndJZzNRQUKUvncC2sbxfHEMBDa K0beKR3XN+Y5YdLYhA3Z8Pg7n8+oSgbHP4BSoHInZMdXeKiSibWPEAE88A398AS7 TGToanSW8H29kW2rAPT8ci2QTv9s3GnPoEaK9ebgNdBZVOqIVc993I7Rqf0umIdq 857jJETMpwMw1DcvCE2JnUouTRTDSG3ul/3XBDAvEZrrw8u7yvk/QoDuHwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBk6hhAL/r758F+wnrEU3cPoxF5sMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQBvTGO6xXSpvcOaLbEGgEIu RMm6Bh7tpJRAsQZxkFs3P1hZbVRrm9BhNoYUokxtsPL1ZuTipQf7ia4FMtBbaexD mMbH0AnT+/yL9PQHiwxmJFUrY9Fqe7IbL6s5+TuySDgfTba1ouVLLBxXMF2NtNQh W5dHVY97FWMFY0AzSPPzoaf0YuA6VkDX0y80wMOnIkjES78+jNO5Im+oY1vcF2y9 jJ7SQimUzTikPgb7FtbiRXbTzxwuluwKGroDlmDzkVNK5cEejHfAGu/ZgyelJigZ 9wJzOhvQaaBdNFYDEFDFqS1yvZ1zwDjmO9tDeWGxifIoVDJ8WZUX7ygZo/5eUOFB -----END CERTIFICATE-----Generated at Mon Oct 20 07:19:05 2025 by rpki-client