$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa File: b3ba338e-4843-454b-abe5-65f09756225a.roa (raw, json) Hash identifier: wpY4uD+9FOqqjUhYtknswcsvsVNhyrIpyUW61BPDV10= Subject key identifier: 2C:45:0C:CA:20:EB:74:39:33:64:ED:A5:54:8B:25:CC:51:FD:1E:11 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 54CC255360A10BACA3E5008612D7E49A7C6C5779 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa Signing time: Fri 17 Oct 2025 00:01:24 +0000 ROA not before: Fri 17 Oct 2025 00:01:24 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:cc:25:53:60:a1:0b:ac:a3:e5:00:86:12:d7:e4:9a:7c:6c:57:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Oct 17 00:01:24 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=1f3db897d67ae68334113705b6de3034bc84f81ee6bc9607f3ab70f410d2a471, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f4:78:77:0b:a5:2f:45:2c:c9:68:f6:03:72: 6d:3f:11:45:d0:20:6d:1c:e5:cd:15:22:01:30:24: 88:b0:11:a1:85:e3:85:13:49:5a:3f:cb:a8:1b:c5: 85:24:93:f8:b9:a7:26:7f:07:f2:41:2f:68:08:c8: da:3a:f0:9f:10:ca:6c:15:a2:0a:d6:01:a3:b9:80: d4:64:f1:6b:f5:f0:43:a6:e7:98:78:28:db:9c:36: 43:34:69:99:05:08:9f:3c:34:40:b7:a8:86:cc:72: a0:1a:c2:07:8f:02:31:57:87:ce:6a:08:3e:04:6e: 71:1c:eb:06:c8:f3:15:03:28:30:fd:52:1e:aa:6c: 98:86:3d:2b:16:69:4a:66:4e:fa:33:66:6c:2b:d4: 6e:aa:bd:e2:4d:ce:01:64:11:6b:80:b6:1e:2d:a6: 83:d1:12:94:35:81:97:41:f2:d0:0f:58:73:7c:57: 88:0f:5e:35:9d:ce:96:33:bd:1e:ee:60:e1:2b:ab: 50:6c:c0:0f:a0:2a:3a:9c:83:a8:aa:c8:f1:7c:45: f1:fe:76:4c:04:e6:be:dc:01:45:32:ce:a0:b0:56: 0c:70:dc:14:70:7b:51:ab:95:91:54:39:b1:54:48: 22:3b:52:ca:1f:67:ec:43:a9:24:b8:f5:60:2c:ef: 4f:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:45:0C:CA:20:EB:74:39:33:64:ED:A5:54:8B:25:CC:51:FD:1E:11 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.192.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:51:c9:59:1e:b6:fb:32:2f:de:18:89:84:53:83:b4:b6:90: eb:b1:df:ed:48:1f:06:d0:c1:28:34:cc:02:bf:77:f0:c2:d9: a5:6f:ae:8f:92:8c:e1:22:ef:47:08:73:e5:cf:4e:8e:98:90: 75:e1:dd:0b:3d:66:73:d1:3a:66:f8:c9:84:d5:6d:cb:2c:81: cd:6c:25:36:06:21:ca:3f:00:b3:24:7c:ac:84:c8:76:17:de: 06:6c:4d:31:68:c4:5f:55:63:2a:3a:f7:7d:80:c3:7e:7a:11: 0e:25:59:76:a0:af:da:d3:dc:6b:89:fa:6f:e9:ef:8d:09:0f: d4:b1:8a:c1:0f:aa:29:0e:64:fc:f3:01:d6:f5:e4:03:da:b6: 49:d6:6e:e0:9f:eb:d8:ab:d8:d8:eb:fc:6e:81:15:50:d7:79: 3a:0c:5c:bf:ff:74:cd:9a:5f:43:1b:df:59:c9:44:f8:bb:99: 4b:fd:6f:f1:fa:ea:27:a8:14:7d:c1:48:8b:11:20:c0:31:af: 67:72:a4:cb:a6:b5:71:31:e9:bc:5d:05:55:25:4b:f6:f2:fc: b1:3e:49:18:df:1d:db:c2:2f:96:00:84:24:35:59:65:87:34: 1e:f0:fd:85:fb:27:d5:82:13:fe:e6:ff:7c:17:3b:e0:ad:35: 6e:8f:5d:9b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVMwlU2ChC6yj5QCGEtfkmnxsV3kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MTAxNzAwMDEyNFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAMWYzZGI4OTdkNjdhZTY4MzM0MTEz NzA1YjZkZTMwMzRiYzg0ZjgxZWU2YmM5NjA3ZjNhYjcwZjQxMGQyYTQ3MTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/R4dwulL0UsyWj2A3JtPxFF0CBt HOXNFSIBMCSIsBGhheOFE0laP8uoG8WFJJP4uacmfwfyQS9oCMjaOvCfEMpsFaIK 1gGjuYDUZPFr9fBDpueYeCjbnDZDNGmZBQifPDRAt6iGzHKgGsIHjwIxV4fOagg+ BG5xHOsGyPMVAygw/VIeqmyYhj0rFmlKZk76M2ZsK9Ruqr3iTc4BZBFrgLYeLaaD 0RKUNYGXQfLQD1hzfFeID141nc6WM70e7mDhK6tQbMAPoCo6nIOoqsjxfEXx/nZM BOa+3AFFMs6gsFYMcNwUcHtRq5WRVDmxVEgiO1LKH2fsQ6kkuPVgLO9PNQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCxFDMog63Q5M2TtpVSLJcxR/R4RMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2IzYmEzMzhlLTQ4NDMtNDU0Yi1hYmU1LTY1ZjA5NzU2MjI1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynAMA0GCSqGSIb3DQEBCwUAA4IBAQB7UclZHrb7Mi/eGImEU4O0 tpDrsd/tSB8G0MEoNMwCv3fwwtmlb66PkozhIu9HCHPlz06OmJB14d0LPWZz0Tpm +MmE1W3LLIHNbCU2BiHKPwCzJHyshMh2F94GbE0xaMRfVWMqOvd9gMN+ehEOJVl2 oK/a09xrifpv6e+NCQ/UsYrBD6opDmT88wHW9eQD2rZJ1m7gn+vYq9jY6/xugRVQ 13k6DFy//3TNml9DG99ZyUT4u5lL/W/x+uonqBR9wUiLESDAMa9ncqTLprVxMem8 XQVVJUv28vyxPkkY3x3bwi+WAIQkNVllhzQe8P2F+yfVghP+5v98FzvgrTVuj12b -----END CERTIFICATE-----Generated at Mon Oct 20 18:16:18 2025 by rpki-client