$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa File: cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa (raw, json) Hash identifier: VJjwA9E8igccih3oBbfYt2BRAHIMCoB6efVTGk4Se4s= Subject key identifier: 8B:CA:87:30:41:E1:79:9D:8B:F3:B8:4F:AE:B5:69:6F:04:90:2F:DF Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 2131F849F8A6D6872BE283D1927044A5B1A8A70C Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa Signing time: Fri 25 Apr 2025 00:00:13 +0000 ROA not before: Fri 25 Apr 2025 00:00:13 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:31:f8:49:f8:a6:d6:87:2b:e2:83:d1:92:70:44:a5:b1:a8:a7:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 25 00:00:13 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=411176c622528f939345a9d3e3440e2c9d2ea6c37e549f6e87e8f4002e26664f, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:8e:50:15:70:b7:1e:4b:5b:98:f0:31:19:b4: 25:58:2a:5e:af:87:9d:89:c4:fe:7b:39:12:3b:c6: 82:9b:c2:4f:c4:c7:b2:19:67:d2:95:29:a6:69:69: 78:12:7a:f2:59:9a:57:fc:9c:e5:65:94:b1:84:b5: 1f:63:30:4e:f9:66:19:7d:81:39:11:f3:75:9b:c7: b7:f4:a7:06:b9:2a:e7:3d:47:ff:fe:f5:27:a9:a2: bd:53:38:48:5f:6f:db:a0:9f:6d:9d:c0:a2:6d:96: de:77:48:62:fe:16:cb:fa:a6:83:1f:cc:40:dc:a1: 95:22:aa:c2:cb:71:c2:6b:de:81:cf:46:cd:42:cd: e3:e0:a7:9c:2a:55:31:15:6d:1a:23:ab:bc:03:4e: 55:71:65:ba:b2:27:29:f6:ce:33:7e:9e:bb:02:d5: 3e:64:14:c8:09:f2:50:28:4e:4c:7a:db:77:7b:23: 4c:da:6e:99:a2:7e:75:b5:92:74:a5:47:e2:bf:29: c3:54:d9:53:ef:ca:1e:9b:b5:f1:88:1f:a8:ab:ab: 3e:4d:5a:4d:97:02:e1:99:66:0b:21:08:81:62:74: bc:76:c7:bf:fb:dc:2d:2c:8b:ea:55:d0:c9:ee:d8: d5:a3:bb:16:97:93:62:e6:f2:dd:74:c3:9d:ac:f9: f0:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:CA:87:30:41:E1:79:9D:8B:F3:B8:4F:AE:B5:69:6F:04:90:2F:DF X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/cc2f7093-21a6-400f-9db1-93c2fe02bc1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300::/32 Signature Algorithm: sha256WithRSAEncryption 75:11:be:28:78:84:dc:56:52:14:7c:30:10:67:61:0a:d6:ef: 74:e8:00:48:6b:7e:99:c2:5a:3d:53:5d:ba:09:df:94:6a:c0: a0:f5:45:2e:d5:c4:79:7c:35:72:57:00:09:36:ce:63:dc:85: 50:12:5b:08:4a:89:a1:31:20:ab:7e:d4:74:4b:8a:3d:c9:ef: 51:47:4c:e3:b3:b5:e6:54:ce:a2:d9:59:fd:8c:53:f7:7e:4d: 51:fc:96:91:4e:ee:2e:f3:31:ec:93:33:9a:10:6d:ed:4a:3d: 78:0e:16:6d:9b:25:99:15:9b:39:7f:6f:d2:24:f1:c7:dc:18: d8:ed:6e:e3:9b:de:2e:54:8c:92:a9:f0:38:35:75:91:96:20: 59:e3:0d:6d:b8:07:f7:22:ba:f9:b5:86:92:ef:13:6a:7b:ca: 2d:2c:77:d8:e1:e8:f8:9e:f7:0b:1b:df:3f:b3:6c:d8:1e:4b: b0:fb:87:61:80:2a:57:80:b6:3d:64:66:22:8b:fd:1b:ba:d1: ea:e0:03:fa:a8:ac:df:d0:31:5b:73:b1:d8:e7:b5:60:8b:38: 47:01:6a:ee:0b:33:cd:3a:93:59:ec:14:15:a6:6d:ee:3f:0f: 8d:e8:da:b2:83:87:82:82:d0:cd:03:5f:dd:25:57:67:b6:74: de:79:b0:ea -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUITH4Sfim1ocr4oPRknBEpbGopwwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDQyNTAwMDAxM1oX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNANDExMTc2YzYyMjUyOGY5MzkzNDVh OWQzZTM0NDBlMmM5ZDJlYTZjMzdlNTQ5ZjZlODdlOGY0MDAyZTI2NjY0ZjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I5QFXC3HktbmPAxGbQlWCper4ed icT+ezkSO8aCm8JPxMeyGWfSlSmmaWl4EnryWZpX/JzlZZSxhLUfYzBO+WYZfYE5 EfN1m8e39KcGuSrnPUf//vUnqaK9UzhIX2/boJ9tncCibZbed0hi/hbL+qaDH8xA 3KGVIqrCy3HCa96Bz0bNQs3j4KecKlUxFW0aI6u8A05VcWW6sicp9s4zfp67AtU+ ZBTICfJQKE5Mett3eyNM2m6Zon51tZJ0pUfivynDVNlT78oem7XxiB+oq6s+TVpN lwLhmWYLIQiBYnS8dse/+9wtLIvqVdDJ7tjVo7sWl5Ni5vLddMOdrPnwoQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFIvKhzBB4Xmdi/O4T661aW8EkC/fMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2NjMmY3MDkzLTIxYTYtNDAwZi05ZGIxLTkzYzJmZTAyYmMxYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEAdRG+KHiE3FZSFHwwEGdh CtbvdOgASGt+mcJaPVNdugnflGrAoPVFLtXEeXw1clcACTbOY9yFUBJbCEqJoTEg q37UdEuKPcnvUUdM47O15lTOotlZ/YxT935NUfyWkU7uLvMx7JMzmhBt7Uo9eA4W bZslmRWbOX9v0iTxx9wY2O1u45veLlSMkqnwODV1kZYgWeMNbbgH9yK6+bWGku8T anvKLSx32OHo+J73CxvfP7Ns2B5LsPuHYYAqV4C2PWRmIov9G7rR6uAD+qis39Ax W3Ox2Oe1YIs4RwFq7gszzTqTWewUFaZt7j8PjejasoOHgoLQzQNf3SVXZ7Z03nmw 6g== -----END CERTIFICATE-----Generated at Sat Apr 26 17:39:16 2025 by rpki-client