$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa File: 33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa (raw, json) Hash identifier: xmPyegoSy2NiV1Ib6fuaB2hKSXTas0OlxhypaHOoTUo= Subject key identifier: D7:4D:30:B5:20:80:54:B2:48:72:2C:6B:34:FD:B1:BF:B6:11:65:10 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 67B576BCCBA97E352C36A272538AF8382D10D10E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa Signing time: Fri 25 Apr 2025 00:00:36 +0000 ROA not before: Fri 25 Apr 2025 00:00:36 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:b5:76:bc:cb:a9:7e:35:2c:36:a2:72:53:8a:f8:38:2d:10:d1:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:36 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=c26e9acd18c894aaa7a0156d3fd852565094704242321196d4c569e21f4cd55f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:5e:57:76:73:90:1c:86:e2:1d:1e:ab:2d:d1: 7b:0c:45:46:53:63:38:43:7d:63:38:3d:97:c7:92: 81:d6:f3:d9:29:ac:26:0a:91:45:98:4f:7f:9b:05: 64:f1:3b:72:ec:f5:0e:d0:d0:ce:15:08:c6:5f:be: b8:33:79:3a:29:0c:85:a1:df:a3:c4:9f:52:a9:54: c8:4f:63:4c:b9:4e:34:7b:02:8f:29:0d:71:d5:91: e9:cd:53:cd:b5:81:14:26:dd:3f:f0:dd:0c:d3:8d: 3c:22:39:47:f4:72:ba:99:2f:40:b9:4c:07:71:1e: d6:3f:80:17:a3:ee:a9:e1:f5:9b:71:3d:34:36:34: 50:a4:6a:82:5f:bc:61:76:f0:5f:a8:d4:e7:8a:5d: 25:18:43:a1:f4:1c:62:b9:4d:18:ea:53:35:f4:a8: 5e:90:b0:5f:e8:85:89:e8:43:48:f6:8b:06:59:b2: d9:bc:0a:69:d8:23:df:5f:7b:3e:7c:c0:01:b9:84: a9:6d:99:77:ce:0d:47:fb:90:f9:dd:77:2a:e1:44: 2b:4d:1f:d9:09:b0:19:60:7e:f1:ab:98:fa:59:99: 35:37:43:9f:97:52:a8:07:26:5f:19:4b:7c:4d:44: f3:4f:f7:ac:d9:f2:06:f8:f1:2b:6a:23:88:37:b4: 71:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:4D:30:B5:20:80:54:B2:48:72:2C:6B:34:FD:B1:BF:B6:11:65:10 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4080::/48 Signature Algorithm: sha256WithRSAEncryption 6b:34:41:69:aa:15:55:83:a7:9f:9e:bc:58:ac:19:68:f0:f3: 6e:7c:2d:0d:f8:88:cd:b2:d5:11:ed:00:fd:be:5e:fe:2f:63: c9:cf:a8:02:73:6c:d3:da:2b:5d:29:ff:a6:00:a2:f2:60:6d: 98:69:c9:61:87:ba:0c:10:d4:f0:5c:53:21:4d:c5:4c:b7:b0: 5d:d4:d5:b5:cc:78:5d:55:69:5c:85:0a:b0:de:9f:5e:74:46: 2d:97:55:3f:5a:e4:e0:f8:03:e0:d2:3c:c6:f2:da:64:dc:2a: c2:32:13:d9:82:58:30:c5:e7:95:1a:ae:f9:45:ed:2f:91:77: 09:06:29:47:d9:c5:32:52:a2:8d:d7:4b:fa:fd:f4:46:44:c3: 79:1d:7c:01:e8:82:18:d4:8b:89:8c:f1:d6:a5:e5:ea:15:d0: 18:c6:84:1e:94:48:ce:e1:80:86:f8:af:9a:4f:22:8e:98:b8: 50:57:59:bb:9b:9e:40:ea:0a:d9:46:ad:08:4a:fa:7e:8c:4f: e1:a5:19:b5:2b:c9:fd:99:02:c5:83:0e:c7:f8:9b:65:86:b6: af:79:91:63:81:cf:c9:78:f9:63:2f:d7:6e:b6:4b:19:df:14: fe:5c:c3:f6:a2:aa:33:13:5c:fc:b5:89:49:63:de:61:d4:57: d5:f1:68:41 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZ7V2vMupfjUsNqJyU4r4OC0Q0Q4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAzNloX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAYzI2ZTlhY2QxOGM4OTRhYWE3YTAx NTZkM2ZkODUyNTY1MDk0NzA0MjQyMzIxMTk2ZDRjNTY5ZTIxZjRjZDU1ZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF5XdnOQHIbiHR6rLdF7DEVGU2M4 Q31jOD2Xx5KB1vPZKawmCpFFmE9/mwVk8Tty7PUO0NDOFQjGX764M3k6KQyFod+j xJ9SqVTIT2NMuU40ewKPKQ1x1ZHpzVPNtYEUJt0/8N0M0408IjlH9HK6mS9AuUwH cR7WP4AXo+6p4fWbcT00NjRQpGqCX7xhdvBfqNTnil0lGEOh9BxiuU0Y6lM19Khe kLBf6IWJ6ENI9osGWbLZvApp2CPfX3s+fMABuYSpbZl3zg1H+5D53Xcq4UQrTR/Z CbAZYH7xq5j6WZk1N0Ofl1KoByZfGUt8TUTzT/es2fIG+PEraiOIN7Rx7wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNdNMLUggFSySHIsazT9sb+2EWUQMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMzZGQzMWUwLTcwMzktNGZmOC1hYWZlLTk3ZjdiOTViMDdkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQBrNEFpqhVVg6efnrxY rBlo8PNufC0N+IjNstUR7QD9vl7+L2PJz6gCc2zT2itdKf+mAKLyYG2Yaclhh7oM ENTwXFMhTcVMt7Bd1NW1zHhdVWlchQqw3p9edEYtl1U/WuTg+APg0jzG8tpk3CrC MhPZglgwxeeVGq75Re0vkXcJBilH2cUyUqKN10v6/fRGRMN5HXwB6IIY1IuJjPHW peXqFdAYxoQelEjO4YCG+K+aTyKOmLhQV1m7m55A6grZRq0ISvp+jE/hpRm1K8n9 mQLFgw7H+JtlhraveZFjgc/JePljL9dutksZ3xT+XMP2oqozE1z8tYlJY95h1FfV 8WhB -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:09 2025 by rpki-client