$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json) Hash identifier: ZqKsnw3M+YACxZsLtcx8J4bXonEiMePk5x/Cwmv/hgg= Subject key identifier: 30:07:27:A4:B9:55:A7:67:03:55:C5:1D:72:D8:11:B7:E5:D2:33:EE Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 43FE2F4646F2512DE6C2A4037683753CCDBBAE65 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa Signing time: Fri 25 Apr 2025 00:00:59 +0000 ROA not before: Fri 25 Apr 2025 00:00:59 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:fe:2f:46:46:f2:51:2d:e6:c2:a4:03:76:83:75:3c:cd:bb:ae:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:59 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=9753e35559ba85673025a7c07d13b9ad11d6514124ccbd5fc03df8bd3bc54dd9, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:91:d5:7f:95:61:b9:82:72:50:e5:e8:5c:cd: 2c:e8:03:07:17:e6:7c:d3:3c:07:f9:77:09:ac:08: 55:a6:b1:f5:4f:7a:a2:ba:91:eb:62:0c:09:e9:b8: 0b:a2:45:62:5b:01:22:61:2a:29:74:9e:92:7c:20: 3e:5e:de:a2:b3:dd:5c:10:f0:90:6f:0a:24:26:28: db:9a:d6:97:33:e9:3e:63:be:6e:a8:7a:a0:e0:c8: be:18:00:b4:09:5e:04:cf:da:db:7f:b6:b9:d5:1f: ba:49:49:ed:4e:e6:93:82:1c:57:ab:09:29:ab:c7: 8a:2f:98:a3:0e:27:a1:a6:d8:fb:1b:3c:98:2a:a2: fe:78:d1:2f:d7:58:ea:34:53:be:cd:3a:ae:c0:aa: 88:c9:1f:9e:92:b8:2b:54:47:2b:c3:33:7b:2b:8a: 5b:ff:20:50:cd:9b:e3:f0:27:4b:c7:0d:82:80:84: 30:c5:aa:e8:61:2f:97:08:ef:07:71:11:6a:dc:3d: f0:57:b8:a7:e3:93:33:fc:f3:a5:19:8e:18:20:a6: 40:16:5d:05:14:88:d0:d0:02:10:f7:0e:9d:d9:6a: 02:07:53:01:52:8f:4f:83:e4:e8:de:13:b7:cf:ac: 98:a6:8a:7d:7f:88:e3:0e:3f:a5:76:11:8c:3b:8e: 5f:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:07:27:A4:B9:55:A7:67:03:55:C5:1D:72:D8:11:B7:E5:D2:33:EE X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fc::/32 Signature Algorithm: sha256WithRSAEncryption 26:b9:88:67:cf:79:72:39:3d:10:22:31:9c:1c:0f:9f:c5:d8: 07:a6:f0:e9:f4:2e:4e:a4:0f:fd:c5:e5:c8:25:c7:2f:a1:73: d6:2b:ed:f3:8b:fb:7f:25:ed:28:24:e2:a1:ad:4a:3a:e5:b6: e0:3c:59:09:e1:d9:97:27:75:c9:fe:38:06:ff:ce:5b:c8:5f: 16:7d:08:37:b6:51:c9:4d:5f:33:a3:9d:21:ab:82:38:df:8a: 30:d5:74:b3:0a:f3:8a:fc:8b:60:4f:89:24:eb:5f:77:b0:d3: 52:94:c3:29:a5:c4:db:e2:33:be:c3:ea:a1:54:4a:0f:24:56: c5:b0:fa:48:0f:a7:63:43:e1:dd:03:87:c2:ba:94:01:8e:df: 72:92:08:99:73:9b:72:08:f5:f2:e5:55:48:0e:df:bf:f0:3e: 99:45:24:bc:89:02:c7:7a:d9:fd:90:28:ff:42:e8:97:9c:04: 9a:a7:17:16:3f:01:41:c0:fb:e0:78:df:b9:7c:4a:44:e5:3e: 9d:29:44:a1:f7:75:9c:6f:79:8b:47:f4:b1:30:3f:59:22:d4: 23:4c:a5:ab:cc:43:37:68:7b:35:65:0e:5f:2c:91:a3:40:8c: ce:b1:f6:a4:f2:68:5a:4c:3a:5c:e9:25:ae:44:11:6f:f7:2e: 85:4f:2a:89 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUQ/4vRkbyUS3mwqQDdoN1PM27rmUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA1OVoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAOTc1M2UzNTU1OWJhODU2NzMwMjVh N2MwN2QxM2I5YWQxMWQ2NTE0MTI0Y2NiZDVmYzAzZGY4YmQzYmM1NGRkOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ZHVf5VhuYJyUOXoXM0s6AMHF+Z8 0zwH+XcJrAhVprH1T3qiupHrYgwJ6bgLokViWwEiYSopdJ6SfCA+Xt6is91cEPCQ bwokJijbmtaXM+k+Y75uqHqg4Mi+GAC0CV4Ez9rbf7a51R+6SUntTuaTghxXqwkp q8eKL5ijDiehptj7GzyYKqL+eNEv11jqNFO+zTquwKqIyR+ekrgrVEcrwzN7K4pb /yBQzZvj8CdLxw2CgIQwxaroYS+XCO8HcRFq3D3wV7in45Mz/POlGY4YIKZAFl0F FIjQ0AIQ9w6d2WoCB1MBUo9Pg+To3hO3z6yYpop9f4jjDj+ldhGMO45fkQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFDAHJ6S5VadnA1XFHXLYEbfl0jPuMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAJrmIZ895cjk9ECIxnBwP n8XYB6bw6fQuTqQP/cXlyCXHL6Fz1ivt84v7fyXtKCTioa1KOuW24DxZCeHZlyd1 yf44Bv/OW8hfFn0IN7ZRyU1fM6OdIauCON+KMNV0swrzivyLYE+JJOtfd7DTUpTD KaXE2+IzvsPqoVRKDyRWxbD6SA+nY0Ph3QOHwrqUAY7fcpIImXObcgj18uVVSA7f v/A+mUUkvIkCx3rZ/ZAo/0Lol5wEmqcXFj8BQcD74HjfuXxKROU+nSlEofd1nG95 i0f0sTA/WSLUI0ylq8xDN2h7NWUOXyyRo0CMzrH2pPJoWkw6XOklrkQRb/cuhU8q iQ== -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:10 2025 by rpki-client