$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa File: 205af9d8-3799-4d38-b1fb-da840e362ff1.roa (raw, json) Hash identifier: haNPY1k4mGcY0yIDJMGlDJUIZExLbPWdi5th68AyPqk= Subject key identifier: 48:2A:DA:C7:5B:7B:C5:FD:5A:2B:D2:65:26:9E:CB:E6:D1:B7:D7:1F Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0428EB757BDA04BE85EB65C6ABFC6741CA3D29C6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa Signing time: Fri 25 Apr 2025 00:00:57 +0000 ROA not before: Fri 25 Apr 2025 00:00:57 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:28:eb:75:7b:da:04:be:85:eb:65:c6:ab:fc:67:41:ca:3d:29:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:57 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=12fd2ecdaf29ff70605e4c67ae78b251ed612aa49ee7fd5548ad7ad4ac6b7017, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:15:a0:c4:67:19:8d:45:74:50:f6:0e:2c:26: 97:47:01:e1:fe:b0:65:3c:14:f7:09:f8:01:1d:64: 5f:42:19:8c:f7:9c:8c:bf:df:81:2e:c2:e9:7a:d6: 0b:89:4f:23:3f:b9:d7:b5:28:c9:34:05:76:22:8f: 5d:2c:92:8d:d2:84:93:83:ea:fa:72:04:21:41:ba: a3:ee:53:6e:77:3d:f0:6a:5c:f8:23:5c:3d:79:bc: 29:64:9b:fd:89:a3:ce:da:d2:9e:06:f2:63:e3:61: a3:52:ef:9f:5f:98:4e:24:cc:2a:1b:7b:93:81:36: 13:7a:f5:e0:37:6d:5d:bd:3d:04:64:7c:84:f2:4f: 00:ee:ff:6c:6d:de:af:ab:3e:89:09:28:98:7c:ac: 53:aa:40:e6:ae:e7:14:31:69:12:a5:bc:cd:4c:cf: 30:30:62:a9:43:d5:16:1d:ff:65:6a:7f:fd:88:fa: 05:7b:04:fb:2a:15:ad:82:9d:94:b4:59:dd:1f:d0: d7:3e:26:5f:8f:09:20:29:f6:d1:39:dd:15:81:80: 48:20:c1:9d:1e:50:9d:fd:2b:4d:64:67:23:6b:ce: e4:8f:db:8c:02:0e:11:b2:1b:70:0c:e5:34:75:3b: fa:26:75:92:10:96:ff:ba:f7:c7:c7:ae:d7:9b:9d: 3f:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:2A:DA:C7:5B:7B:C5:FD:5A:2B:D2:65:26:9E:CB:E6:D1:B7:D7:1F X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/205af9d8-3799-4d38-b1fb-da840e362ff1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/36 Signature Algorithm: sha256WithRSAEncryption 80:df:91:8f:b6:f7:07:89:3d:77:34:97:4a:c1:95:5c:0a:83: 2e:3e:8f:99:92:f5:f0:79:ad:e2:78:4f:dd:0e:e8:3a:e1:49: e1:7f:e6:28:c0:22:94:21:33:5d:f2:09:0d:23:a7:9a:6f:f8: 66:9d:df:ba:98:e4:6b:d5:28:12:3b:38:87:2c:0b:67:db:7b: 99:b5:06:c2:ff:d8:b2:f1:f1:53:e4:8c:28:ba:20:02:de:ba: 7e:73:b8:48:e0:a2:7c:cc:a9:d6:5a:7c:5d:40:a8:c3:15:59: 00:82:ee:d1:5a:f4:4f:dd:68:a2:b0:51:a2:7c:fd:08:13:59: 9a:0e:9d:95:13:9f:f4:f6:07:79:9e:39:60:42:74:fe:97:22: e9:0a:e5:af:7c:e3:39:ae:ec:0b:d6:4d:90:fd:19:8a:d1:19: 25:9c:da:4c:e1:d2:de:f6:0e:4c:f3:85:15:bf:fc:48:d2:d8: be:f5:ff:71:2c:2a:a6:f1:7c:7d:1d:d1:01:a3:0c:a0:c7:99: 03:8f:8e:65:15:e1:50:99:80:db:3e:79:4d:08:b3:b3:aa:ad: 14:5c:49:80:3a:ec:2a:ff:46:c8:42:05:a0:45:82:a6:af:a3: bd:25:d3:fa:d4:2b:0e:25:59:9f:20:ab:d3:89:19:5c:f8:b8: f6:25:71:53 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBCjrdXvaBL6F62XGq/xnQco9KcYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA1N1oX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMTJmZDJlY2RhZjI5ZmY3MDYwNWU0 YzY3YWU3OGIyNTFlZDYxMmFhNDllZTdmZDU1NDhhZDdhZDRhYzZiNzAxNzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+xWgxGcZjUV0UPYOLCaXRwHh/rBl PBT3CfgBHWRfQhmM95yMv9+BLsLpetYLiU8jP7nXtSjJNAV2Io9dLJKN0oSTg+r6 cgQhQbqj7lNudz3walz4I1w9ebwpZJv9iaPO2tKeBvJj42GjUu+fX5hOJMwqG3uT gTYTevXgN21dvT0EZHyE8k8A7v9sbd6vqz6JCSiYfKxTqkDmrucUMWkSpbzNTM8w MGKpQ9UWHf9lan/9iPoFewT7KhWtgp2UtFndH9DXPiZfjwkgKfbROd0VgYBIIMGd HlCd/StNZGcja87kj9uMAg4RshtwDOU0dTv6JnWSEJb/uvfHx67Xm50/swIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEgq2sdbe8X9WivSZSaey+bRt9cfMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIwNWFmOWQ4LTM3OTktNGQzOC1iMWZiLWRhODQwZTM2MmZmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAIDfkY+29weJPXc0l0rB lVwKgy4+j5mS9fB5reJ4T90O6DrhSeF/5ijAIpQhM13yCQ0jp5pv+Gad37qY5GvV KBI7OIcsC2fbe5m1BsL/2LLx8VPkjCi6IALeun5zuEjgonzMqdZafF1AqMMVWQCC 7tFa9E/daKKwUaJ8/QgTWZoOnZUTn/T2B3meOWBCdP6XIukK5a984zmu7AvWTZD9 GYrRGSWc2kzh0t72DkzzhRW//EjS2L71/3EsKqbxfH0d0QGjDKDHmQOPjmUV4VCZ gNs+eU0Is7OqrRRcSYA67Cr/RshCBaBFgqavo70l0/rUKw4lWZ8gq9OJGVz4uPYl cVM= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:08 2025 by rpki-client