$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: eSAAfvsF0PsJPUKNj15NIABi7e42vFNWezreV1h0h+s= Subject key identifier: 0D:49:24:1B:D1:DB:F3:DE:45:C5:E2:84:F8:B6:4B:80:3F:CB:79:41 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4AC1E5472FEBAD09D2F06979B760DCFB3142B285 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Wed 11 Jun 2025 00:00:04 +0000 ROA not before: Wed 11 Jun 2025 00:00:04 +0000 ROA not after: Wed 16 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:c1:e5:47:2f:eb:ad:09:d2:f0:69:79:b7:60:dc:fb:31:42:b2:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 11 00:00:04 2025 GMT Not After : Jul 16 23:59:59 2025 GMT Subject: serialNumber=66d2c5442b3421b0ee9db1bf13c2b2b7b41551950fa45510ffee712b1a1fbadb, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:df:c3:4a:c6:9f:cc:5e:6a:f4:5e:3f:40:5d: 15:cb:fe:2f:fb:42:6c:01:5d:d8:33:ff:7d:46:b1: 83:93:11:67:dd:d1:18:df:98:11:74:a7:be:2c:78: df:9f:41:e9:9d:4f:8d:ea:57:ee:59:6d:d6:4a:15: 0d:d1:7b:aa:05:a9:49:e4:01:b7:6f:94:25:6a:b5: 78:f0:60:70:d3:42:c5:59:6f:e5:06:a2:21:c2:37: ea:07:c5:ce:4a:76:f2:5b:c4:14:2a:b3:90:35:8e: 50:ea:f6:99:5f:f8:6f:6d:fe:0c:ea:51:3d:bc:87: 26:e7:44:42:ff:2a:45:69:4d:88:24:20:be:b7:73: 33:e7:f3:cc:57:d0:ab:52:29:d3:a3:52:36:d9:95: 22:a9:9a:dd:bf:a8:d7:9e:ee:41:51:18:7f:a9:a2: df:ba:10:e7:7c:80:ff:3b:fe:cb:ff:49:4e:8b:86: 9f:0b:77:12:a0:bc:68:d8:28:db:75:eb:ad:d8:3f: 1a:1f:e8:67:4e:e6:53:59:35:a7:b8:50:96:e2:a8: 2d:a4:b0:c9:6b:c1:d0:ab:2c:cb:23:31:25:c9:00: 22:8c:5b:e2:28:9f:2a:64:a5:32:21:7d:34:89:2e: 73:80:94:70:56:87:e6:9e:11:be:f0:4f:8d:ad:5e: f5:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:49:24:1B:D1:DB:F3:DE:45:C5:E2:84:F8:B6:4B:80:3F:CB:79:41 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 24:20:c7:40:a9:ec:d2:32:20:c8:02:df:28:e1:64:dd:4a:85: 57:2c:2d:82:ae:3d:1d:3d:a7:a2:c2:ea:75:cd:d9:aa:43:98: c5:69:e7:47:87:a8:61:16:0c:48:40:95:29:ea:35:7e:cd:6f: a4:c1:42:bd:6a:ff:39:c7:07:1d:c4:a1:0b:cf:82:ee:28:e4: 66:15:2d:1f:b0:35:ce:16:e9:e0:9e:a0:e5:69:2c:d1:f4:a4: 9a:59:4d:c3:58:81:e4:2b:3d:34:92:d5:8b:4f:dc:b5:a1:0f: 0c:d0:51:28:d5:1e:f3:34:7b:d0:f3:1c:d9:67:73:b0:e4:39: c5:e4:13:4c:c3:6a:71:fe:00:b4:32:b0:d2:3c:78:32:62:1e: 30:33:d6:5d:7c:d6:13:98:c3:e0:23:17:22:99:cb:40:86:0f: d2:02:55:34:44:20:bf:8a:07:87:e4:5a:e4:7c:4f:79:35:49: 0e:c3:21:3e:20:33:76:cd:68:93:1b:f4:4c:36:89:00:e0:16: e0:40:7f:44:24:b4:26:b5:a7:4f:89:3b:a6:0a:ee:2b:d4:df: 27:7f:dd:b4:ee:d9:2d:aa:38:8d:f1:11:e0:ad:5b:37:69:b1: dd:f2:e3:3c:c0:b2:6c:4a:7a:9e:53:be:4e:70:4d:ae:e8:db: f3:8e:8d:9b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSsHlRy/rrQnS8Gl5t2Dc+zFCsoUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxMTAwMDAwNFoX DTI1MDcxNjIzNTk1OVowejFJMEcGA1UEBRNANjZkMmM1NDQyYjM0MjFiMGVlOWRi MWJmMTNjMmIyYjdiNDE1NTE5NTBmYTQ1NTEwZmZlZTcxMmIxYTFmYmFkYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9/DSsafzF5q9F4/QF0Vy/4v+0Js AV3YM/99RrGDkxFn3dEY35gRdKe+LHjfn0HpnU+N6lfuWW3WShUN0XuqBalJ5AG3 b5QlarV48GBw00LFWW/lBqIhwjfqB8XOSnbyW8QUKrOQNY5Q6vaZX/hvbf4M6lE9 vIcm50RC/ypFaU2IJCC+t3Mz5/PMV9CrUinTo1I22ZUiqZrdv6jXnu5BURh/qaLf uhDnfID/O/7L/0lOi4afC3cSoLxo2Cjbdeut2D8aH+hnTuZTWTWnuFCW4qgtpLDJ a8HQqyzLIzElyQAijFviKJ8qZKUyIX00iS5zgJRwVofmnhG+8E+NrV71QwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA1JJBvR2/PeRcXihPi2S4A/y3lBMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBACQgx0Cp7NIyIMgC3yjh ZN1KhVcsLYKuPR09p6LC6nXN2apDmMVp50eHqGEWDEhAlSnqNX7Nb6TBQr1q/znH Bx3EoQvPgu4o5GYVLR+wNc4W6eCeoOVpLNH0pJpZTcNYgeQrPTSS1YtP3LWhDwzQ USjVHvM0e9DzHNlnc7DkOcXkE0zDanH+ALQysNI8eDJiHjAz1l181hOYw+AjFyKZ y0CGD9ICVTREIL+KB4fkWuR8T3k1SQ7DIT4gM3bNaJMb9Ew2iQDgFuBAf0QktCa1 p0+JO6YK7ivU3yd/3bTu2S2qOI3xEeCtWzdpsd3y4zzAsmxKep5Tvk5wTa7o2/OO jZs= -----END CERTIFICATE-----Generated at Sat Jun 14 05:51:39 2025 by rpki-client