$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa File: 018dea0d-42eb-4d58-8914-636d25ca3b3c.roa (raw, json) Hash identifier: 8Frkjxu8YDtbxL9YZItNzU8laYZ1csHW2hDDgwzn8sg= Subject key identifier: 5E:8F:5B:7D:38:BB:EC:10:D2:62:BE:4B:6F:5C:EC:5D:4A:29:86:0E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 19CB28B3405746DD7EC769636DDE69DEFE3854DD Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa Signing time: Fri 25 Apr 2025 00:00:40 +0000 ROA not before: Fri 25 Apr 2025 00:00:40 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:cb:28:b3:40:57:46:dd:7e:c7:69:63:6d:de:69:de:fe:38:54:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:40 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=680452657dba42686eb1c25646100aaeac13af443db18d30fa5284e770f9a111, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:17:96:74:9e:08:48:28:72:db:e4:f1:e4:49: 90:27:03:60:ce:20:85:2e:e8:fd:7f:c7:18:cc:93: fd:69:45:46:5c:56:50:7a:3a:99:15:dd:ca:10:17: 59:ba:48:c0:32:4f:83:05:3f:21:9b:46:2b:ee:ca: 78:48:4c:46:0e:a9:2a:0d:8f:a0:ca:30:7f:35:56: 45:72:5e:a7:9d:ef:83:0b:d0:8f:ec:c2:e6:6d:85: 81:3a:1f:30:2c:1b:21:29:77:1f:8b:d6:63:06:90: eb:fa:75:66:5c:78:f1:6f:66:2e:02:dd:b8:ed:6e: c2:6e:73:28:ee:d9:2e:78:9d:fd:a7:5f:cb:8d:17: 7d:07:be:64:71:a9:6b:90:11:51:75:e1:45:ba:86: 70:01:30:52:83:d1:d7:b1:05:09:de:61:3b:70:54: 1d:dc:42:07:e3:e9:ca:6b:d4:01:18:8d:24:7c:8e: c6:c3:80:ce:ce:7d:5c:fc:bd:b3:3b:5d:11:ee:fd: 5a:fa:2e:9d:0b:9e:67:02:e8:5d:59:dc:7b:8b:f3: 03:46:0e:16:e0:fc:6e:52:79:dc:45:bc:6e:f4:fd: c1:e0:8e:b0:4f:6b:17:a3:a1:80:60:89:c6:99:5d: c6:b7:01:95:76:55:7f:ad:af:84:10:62:84:12:a4: 36:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:8F:5B:7D:38:BB:EC:10:D2:62:BE:4B:6F:5C:EC:5D:4A:29:86:0E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:800::/38 Signature Algorithm: sha256WithRSAEncryption 12:ec:6d:ac:76:fa:85:c9:0e:27:35:ac:d8:d1:b5:39:d6:86: 2f:2f:80:14:e4:b0:6c:7f:25:2d:6e:15:6f:39:2d:1d:0a:2b: f8:15:df:ea:3e:43:ff:1d:1a:b5:23:fe:c2:82:8a:89:fd:e8: 45:62:67:50:4f:6d:26:db:04:ce:ca:c9:0c:a8:62:85:e7:f9: b3:7c:e1:39:f9:f5:9d:b7:a6:e0:d1:62:d8:51:15:f6:04:51: b8:06:85:3b:f6:e0:90:8d:d7:a7:1e:84:6a:56:b0:77:64:f3: 70:bb:80:3c:64:d4:e2:86:60:b5:ee:05:0a:3d:ad:49:79:4d: a1:51:c2:25:7c:0d:51:4c:99:e0:58:b5:49:a4:16:0a:17:9d: f6:f0:d0:63:cf:51:d9:fb:b9:c3:02:a7:5a:c3:bb:d1:ab:a4: 1e:81:31:10:e3:fb:fe:90:8a:81:88:e8:60:26:1e:fc:67:13: 62:3b:c3:e6:49:eb:1f:76:b2:04:f3:59:dc:09:0e:20:61:a3: cc:70:b2:d5:46:7c:c2:21:f8:4a:4a:80:a3:18:e3:55:81:f4: f5:19:dd:5f:6b:e2:3e:2d:5b:83:b3:9b:49:15:41:0a:dc:6f: 8e:57:7d:34:56:4b:35:d9:77:bf:e4:98:67:33:0f:ff:72:30: aa:41:52:b7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGcsos0BXRt1+x2ljbd5p3v44VN0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA0MFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNANjgwNDUyNjU3ZGJhNDI2ODZlYjFj MjU2NDYxMDBhYWVhYzEzYWY0NDNkYjE4ZDMwZmE1Mjg0ZTc3MGY5YTExMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ReWdJ4ISChy2+Tx5EmQJwNgziCF Luj9f8cYzJP9aUVGXFZQejqZFd3KEBdZukjAMk+DBT8hm0Yr7sp4SExGDqkqDY+g yjB/NVZFcl6nne+DC9CP7MLmbYWBOh8wLBshKXcfi9ZjBpDr+nVmXHjxb2YuAt24 7W7CbnMo7tkueJ39p1/LjRd9B75kcalrkBFRdeFFuoZwATBSg9HXsQUJ3mE7cFQd 3EIH4+nKa9QBGI0kfI7Gw4DOzn1c/L2zO10R7v1a+i6dC55nAuhdWdx7i/MDRg4W 4PxuUnncRbxu9P3B4I6wT2sXo6GAYInGmV3GtwGVdlV/ra+EEGKEEqQ22QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF6PW304u+wQ0mK+S29c7F1KKYYOMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzAxOGRlYTBkLTQyZWItNGQ1OC04OTE0LTYzNmQyNWNhM2IzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAgwDQYJKoZIhvcNAQELBQADggEBABLsbax2+oXJDic1rNjR tTnWhi8vgBTksGx/JS1uFW85LR0KK/gV3+o+Q/8dGrUj/sKCion96EViZ1BPbSbb BM7KyQyoYoXn+bN84Tn59Z23puDRYthRFfYEUbgGhTv24JCN16cehGpWsHdk83C7 gDxk1OKGYLXuBQo9rUl5TaFRwiV8DVFMmeBYtUmkFgoXnfbw0GPPUdn7ucMCp1rD u9GrpB6BMRDj+/6QioGI6GAmHvxnE2I7w+ZJ6x92sgTzWdwJDiBho8xwstVGfMIh +EpKgKMY41WB9PUZ3V9r4j4tW4Ozm0kVQQrcb45XfTRWSzXZd7/kmGczD/9yMKpB Urc= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:08 2025 by rpki-client