$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0feedd18-2b71-48d5-a2ee-07ca90b4d203.roa File: 0feedd18-2b71-48d5-a2ee-07ca90b4d203.roa (raw, json) Hash identifier: Wcac63O+iExPzObS6Y/SYTeK2WxAAA1AIwEF651JVF8= Subject key identifier: 2C:37:3C:FF:7A:61:42:02:F2:BF:B7:DB:F7:BB:31:AE:FA:75:B0:35 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2233FBF6FCDAEDA658CBB55B78572E9E86D13A20 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0feedd18-2b71-48d5-a2ee-07ca90b4d203.roa Signing time: Fri 25 Apr 2025 00:00:45 +0000 ROA not before: Fri 25 Apr 2025 00:00:45 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:33:fb:f6:fc:da:ed:a6:58:cb:b5:5b:78:57:2e:9e:86:d1:3a:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:45 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=160a2a2b9e946ec04ecb386d4e519a3a57b46658c896837cf9088af827703eba, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:79:af:61:0c:d0:78:bf:32:e5:90:2c:54:f4: 54:a0:ac:df:a4:23:96:98:9b:89:5e:d5:63:ca:26: cc:d2:2e:0d:aa:8c:23:e7:38:6a:74:7b:03:33:ef: 87:eb:99:6b:93:c8:d0:e8:07:ff:19:11:9b:8d:45: 23:5e:f7:2e:2f:f2:3d:ae:a6:0c:e5:82:c0:54:94: 63:55:39:59:ac:6a:4a:1c:96:f8:cc:9c:6a:12:33: 50:b9:8d:48:70:20:8c:98:14:5b:11:88:c2:8c:47: d6:4a:c1:be:79:99:bf:03:d9:33:0f:a0:b2:1d:79: cf:67:5d:8b:8c:f4:e0:de:19:8e:e3:c9:c5:de:38: cc:a0:4a:75:fa:58:0d:3e:7e:b3:8f:7c:0c:c0:9b: 6a:0c:d5:66:66:0c:db:fe:bb:68:06:3f:5d:cc:4c: 8e:dc:5d:c9:b1:85:68:0b:a3:46:ac:1e:be:b3:34: aa:3d:0a:d5:9b:36:68:e0:88:05:66:3a:fc:19:2b: 11:bd:a3:6e:9b:be:24:ae:5d:77:bf:59:59:64:1f: 71:b0:07:f8:74:3b:40:6e:49:fc:2c:8e:15:7e:ea: cd:15:61:87:58:5f:76:01:17:99:62:95:9a:5e:1d: 1e:0e:15:75:ea:9b:90:0a:77:cf:61:cf:a4:9c:da: 9f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:37:3C:FF:7A:61:42:02:F2:BF:B7:DB:F7:BB:31:AE:FA:75:B0:35 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0feedd18-2b71-48d5-a2ee-07ca90b4d203.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:800::/38 Signature Algorithm: sha256WithRSAEncryption ab:fa:f7:16:00:d5:ed:a8:d0:44:af:ae:d5:66:e9:cb:a0:3b: 52:be:19:eb:64:b1:13:b7:bb:90:fd:eb:69:3b:91:6d:a9:29: 1d:65:50:75:3b:8a:63:c5:36:82:aa:9a:d0:ec:cb:e9:fb:e6: c1:91:7c:7e:c3:9a:52:28:fa:85:44:7c:bf:5f:f9:b2:3f:02: 0d:5c:24:9d:9d:44:31:13:d1:f0:65:b4:e9:48:71:46:56:25: 36:8d:bf:db:51:66:ae:e3:32:9e:af:20:89:00:64:93:5b:a3: ce:e4:66:bc:01:38:75:2e:ee:29:ec:ea:24:28:ee:e4:e6:93: a6:a0:72:c6:a1:f4:23:5e:d9:b9:3f:89:64:90:a3:a6:09:10: 21:d1:2a:9f:55:f4:b3:51:f1:37:1d:76:bf:2c:70:1b:1a:a5: 5e:8c:d5:a4:19:08:20:fe:29:83:6b:7f:7e:54:a0:89:39:eb: ef:8c:75:9f:0d:3b:9a:95:68:42:e9:70:ed:1d:42:88:0c:61: 47:1c:46:92:4f:26:54:0f:b9:00:11:2a:a1:5e:11:97:c5:df: 36:db:a9:b7:2f:72:d5:3d:e9:de:36:24:26:8a:92:ee:c9:e8: e5:c6:24:1e:ab:c5:b7:e6:a7:43:2a:6d:34:29:16:f9:49:c9: 66:b6:68:8d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIjP79vza7aZYy7VbeFcunobROiAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA0NVoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMTYwYTJhMmI5ZTk0NmVjMDRlY2Iz ODZkNGU1MTlhM2E1N2I0NjY1OGM4OTY4MzdjZjkwODhhZjgyNzcwM2ViYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43mvYQzQeL8y5ZAsVPRUoKzfpCOW mJuJXtVjyibM0i4Nqowj5zhqdHsDM++H65lrk8jQ6Af/GRGbjUUjXvcuL/I9rqYM 5YLAVJRjVTlZrGpKHJb4zJxqEjNQuY1IcCCMmBRbEYjCjEfWSsG+eZm/A9kzD6Cy HXnPZ12LjPTg3hmO48nF3jjMoEp1+lgNPn6zj3wMwJtqDNVmZgzb/rtoBj9dzEyO 3F3JsYVoC6NGrB6+szSqPQrVmzZo4IgFZjr8GSsRvaNum74krl13v1lZZB9xsAf4 dDtAbkn8LI4VfurNFWGHWF92AReZYpWaXh0eDhV16puQCnfPYc+knNqf8QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCw3PP96YUIC8r+32/e7Ma76dbA1MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBmZWVkZDE4LTJiNzEtNDhkNS1hMmVlLTA3Y2E5MGI0ZDIwMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAgwDQYJKoZIhvcNAQELBQADggEBAKv69xYA1e2o0ESvrtVm 6cugO1K+GetksRO3u5D962k7kW2pKR1lUHU7imPFNoKqmtDsy+n75sGRfH7DmlIo +oVEfL9f+bI/Ag1cJJ2dRDET0fBltOlIcUZWJTaNv9tRZq7jMp6vIIkAZJNbo87k ZrwBOHUu7ins6iQo7uTmk6agcsah9CNe2bk/iWSQo6YJECHRKp9V9LNR8Tcddr8s cBsapV6M1aQZCCD+KYNrf35UoIk56++MdZ8NO5qVaELpcO0dQogMYUccRpJPJlQP uQARKqFeEZfF3zbbqbcvctU96d42JCaKku7J6OXGJB6rxbfmp0MqbTQpFvlJyWa2 aI0= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:10 2025 by rpki-client