$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa File: b3ba338e-4843-454b-abe5-65f09756225a.roa (raw, json) Hash identifier: YfdhokvQFhPeWiDHOz7EEfcnP0J6uRoN9JNUru0ShSs= Subject key identifier: 42:12:C4:B4:D3:A8:96:70:D0:57:F8:1B:DB:91:37:8E:FA:ED:62:9E Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 5D5E3D0C8E5391F476F4C964DB34112E352386B9 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa Signing time: Fri 13 Jun 2025 00:00:05 +0000 ROA not before: Fri 13 Jun 2025 00:00:05 +0000 ROA not after: Fri 18 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:5e:3d:0c:8e:53:91:f4:76:f4:c9:64:db:34:11:2e:35:23:86:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Jun 13 00:00:05 2025 GMT Not After : Jul 18 23:59:59 2025 GMT Subject: serialNumber=3b54cbdaad14052c79fdccde4725d8054dadb16cb997c9b37caa187141b26721, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f7:b7:38:94:bc:ef:3f:84:7f:1f:6d:e0:a0: a6:e9:1b:9d:ff:b1:77:14:5d:86:79:78:5d:e3:48: 07:fc:ed:f4:03:c4:81:e0:c8:2a:35:1f:8b:9e:1b: b1:93:c6:66:7f:84:96:d4:17:8b:4c:93:a9:02:20: 06:d7:15:73:fa:46:45:23:5b:89:f4:b2:81:8e:67: 12:52:fd:3b:9b:e2:e6:8e:ea:05:ea:77:11:da:8f: d8:59:d1:71:43:b3:79:dd:53:ca:a6:48:4f:6e:3f: 03:a7:d8:1c:42:03:0c:cc:8f:e0:84:ae:77:4e:59: 23:61:93:03:85:37:06:0b:52:29:01:8b:b8:e6:9f: 9f:e9:fe:88:e6:c8:b3:01:18:8e:90:36:44:81:f6: a3:4b:96:dd:3b:90:a0:df:b4:0d:76:9c:2e:79:38: 59:f3:92:61:6a:ff:94:50:e7:3a:10:5e:73:04:e8: f1:d0:24:ba:95:b1:2a:46:65:3a:da:6e:8e:73:c2: bd:f4:e7:84:97:41:ee:a8:e0:5f:77:f2:e7:a2:d6: 60:29:39:51:43:6c:44:9f:d6:51:26:a1:6c:de:eb: 34:95:d8:7d:81:c0:af:63:6a:62:d0:c8:e1:22:2e: 16:da:ef:62:7a:15:5d:1e:f6:93:8a:b7:68:6b:4a: 33:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:12:C4:B4:D3:A8:96:70:D0:57:F8:1B:DB:91:37:8E:FA:ED:62:9E X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.192.0/24 Signature Algorithm: sha256WithRSAEncryption 75:6c:5c:77:d3:68:46:8c:4f:e8:f6:93:08:53:61:13:33:cd: b1:fa:5b:e4:9c:01:62:c7:dd:b3:35:2e:13:5b:ee:e8:65:ee: 34:ec:10:5c:1a:97:26:e8:83:45:fc:77:03:f5:13:eb:18:25: 6f:fa:49:c8:6d:d9:c1:a1:fa:9c:9d:3a:42:a2:65:60:80:61: 43:29:7d:0e:22:bf:49:3e:02:e5:9b:35:ac:98:d8:88:0e:a8: d6:29:c0:5e:e7:fc:8a:f3:3a:d5:e3:7f:98:f7:d5:63:0f:f5: 14:bc:a2:e8:e2:f8:c8:6a:a7:07:eb:c4:68:85:d9:8a:dd:11: f4:77:c2:e8:a4:2d:8c:0c:ae:2a:69:b6:c1:f4:71:a9:bf:1b: 00:2b:3c:6a:40:01:1f:90:e1:2a:5c:11:b1:f6:31:c7:84:f7: cb:d0:04:a5:c4:b3:6e:a6:06:39:f5:6d:37:cf:a9:78:59:96: 15:25:b1:4d:28:d8:22:6a:c2:37:53:76:9c:15:d3:e5:53:95: 25:aa:19:40:df:2b:0b:30:05:76:75:cf:c8:8d:89:39:73:36: ba:f7:93:d7:ef:31:48:9e:50:b2:c9:92:e0:a2:77:67:14:f0: 77:c1:6f:30:f9:db:61:ac:e9:3d:71:c9:41:c6:3b:7b:11:9e: 66:00:51:85 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXV49DI5TkfR29Mlk2zQRLjUjhrkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDYxMzAwMDAwNVoX DTI1MDcxODIzNTk1OVowejFJMEcGA1UEBRNAM2I1NGNiZGFhZDE0MDUyYzc5ZmRj Y2RlNDcyNWQ4MDU0ZGFkYjE2Y2I5OTdjOWIzN2NhYTE4NzE0MWIyNjcyMTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/e3OJS87z+Efx9t4KCm6Rud/7F3 FF2GeXhd40gH/O30A8SB4MgqNR+Lnhuxk8Zmf4SW1BeLTJOpAiAG1xVz+kZFI1uJ 9LKBjmcSUv07m+LmjuoF6ncR2o/YWdFxQ7N53VPKpkhPbj8Dp9gcQgMMzI/ghK53 TlkjYZMDhTcGC1IpAYu45p+f6f6I5sizARiOkDZEgfajS5bdO5Cg37QNdpwueThZ 85Jhav+UUOc6EF5zBOjx0CS6lbEqRmU62m6Oc8K99OeEl0HuqOBfd/LnotZgKTlR Q2xEn9ZRJqFs3us0ldh9gcCvY2pi0MjhIi4W2u9iehVdHvaTirdoa0ozzwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEISxLTTqJZw0Ff4G9uRN4767WKeMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2IzYmEzMzhlLTQ4NDMtNDU0Yi1hYmU1LTY1ZjA5NzU2MjI1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynAMA0GCSqGSIb3DQEBCwUAA4IBAQB1bFx302hGjE/o9pMIU2ET M82x+lvknAFix92zNS4TW+7oZe407BBcGpcm6INF/HcD9RPrGCVv+knIbdnBofqc nTpComVggGFDKX0OIr9JPgLlmzWsmNiIDqjWKcBe5/yK8zrV43+Y99VjD/UUvKLo 4vjIaqcH68RohdmK3RH0d8LopC2MDK4qabbB9HGpvxsAKzxqQAEfkOEqXBGx9jHH hPfL0ASlxLNupgY59W03z6l4WZYVJbFNKNgiasI3U3acFdPlU5UlqhlA3ysLMAV2 dc/IjYk5cza695PX7zFInlCyyZLgondnFPB3wW8w+dthrOk9cclBxjt7EZ5mAFGF -----END CERTIFICATE-----Generated at Sun Jun 29 04:26:13 2025 by rpki-client