$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: uGJFqCueh2l+gr0Z+hHn6vzSnoi9x/XCP/s2cVrss+A= Subject key identifier: D5:EE:C9:9F:F8:41:64:C9:92:48:57:3D:E1:23:69:3F:8C:EF:3D:E8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 508736E4E097260004E06C252391401425187CDB Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Fri 25 Apr 2025 00:01:02 +0000 ROA not before: Fri 25 Apr 2025 00:01:02 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:87:36:e4:e0:97:26:00:04:e0:6c:25:23:91:40:14:25:18:7c:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:01:02 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=881889a3b59bb4b6161e9e04399fdc616307801509d1410fa954c2d169d98985, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:41:a5:fe:32:f0:92:c1:9c:d8:51:6e:f7:9c: a9:04:20:74:64:35:ef:de:65:27:4f:15:d3:85:3e: 0f:52:d6:6a:50:d5:e0:03:af:e6:2a:81:11:d3:2f: a2:c8:05:27:81:ac:4e:23:ed:92:b1:35:bb:2a:56: ee:71:e0:a6:23:d0:a4:5b:83:ca:33:b7:56:7d:21: eb:bb:c0:cd:0e:9c:e9:ce:16:87:65:ce:cc:e9:70: b2:6d:a8:69:67:39:df:da:46:c8:76:85:43:87:9f: b7:a6:11:53:3c:dd:d4:e5:4d:7c:1e:e4:8c:10:11: ee:44:ea:44:b8:7e:da:61:05:3d:0f:dc:63:8f:1a: dc:74:22:6a:04:c9:64:76:00:37:c2:bd:3d:92:02: e3:f6:ce:08:ad:70:11:ba:fe:5e:45:24:52:c2:68: 3d:85:a9:48:0b:bf:90:8b:72:75:90:c1:dc:1a:0a: fc:01:1e:27:f5:99:a3:2f:0a:e7:10:61:4f:81:3c: c1:ef:5c:d7:ce:29:20:37:c8:e7:05:6e:f4:18:58: 06:9a:8a:2e:df:1e:c5:0c:19:2e:20:74:df:bc:20: fd:f1:9c:94:44:bc:68:bd:f0:3a:41:e3:79:b4:7e: b3:81:10:44:00:fe:fd:c1:54:61:3b:cc:6b:66:94: 8f:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:EE:C9:9F:F8:41:64:C9:92:48:57:3D:E1:23:69:3F:8C:EF:3D:E8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption b0:bb:bd:59:64:62:6e:88:6f:b2:05:7c:41:96:3c:e9:9d:99: b5:a5:f6:42:76:11:dc:26:61:3d:96:15:1b:e0:c4:84:bb:b0: 49:f5:5b:8d:ad:73:87:18:78:ff:f7:0e:b3:93:3d:c9:b6:25: 51:59:56:a4:51:2a:b7:54:83:c4:b4:3e:5a:e6:74:04:7e:e7: d9:88:02:7b:f4:ad:fa:62:2d:56:2c:53:da:6b:b7:ad:76:aa: 8f:da:fa:4a:de:00:4d:f6:be:28:03:22:0c:0b:e4:03:57:d7: f6:f2:9e:9f:79:de:c4:fa:b3:89:d3:7c:0f:c8:25:64:f0:9e: 1a:d6:6a:1d:05:5a:ff:77:bc:27:10:88:38:eb:7a:10:ad:09: d4:e1:a2:97:f2:8b:8c:33:4d:0a:b8:91:26:0c:a3:c9:64:6d: f5:b1:95:0c:ea:d6:36:90:47:e6:e6:bb:aa:69:14:ec:01:52: f4:f7:39:5a:5a:a5:32:5a:12:c2:d5:34:be:8f:4e:6b:30:5e: b2:95:ef:72:2c:d0:2b:24:78:ab:3c:bc:56:a7:06:2f:11:4b: cd:bb:c8:93:8c:62:3a:02:c8:2b:02:45:c9:28:e5:ca:7c:02: 66:30:3a:33:b7:30:84:d6:bd:7d:52:44:ad:85:fb:72:6e:6a: d2:42:99:4e -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUUIc25OCXJgAE4GwlI5FAFCUYfNswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDEwMloX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAODgxODg5YTNiNTliYjRiNjE2MWU5 ZTA0Mzk5ZmRjNjE2MzA3ODAxNTA5ZDE0MTBmYTk1NGMyZDE2OWQ5ODk4NTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0Gl/jLwksGc2FFu95ypBCB0ZDXv 3mUnTxXThT4PUtZqUNXgA6/mKoER0y+iyAUngaxOI+2SsTW7KlbuceCmI9CkW4PK M7dWfSHru8DNDpzpzhaHZc7M6XCybahpZznf2kbIdoVDh5+3phFTPN3U5U18HuSM EBHuROpEuH7aYQU9D9xjjxrcdCJqBMlkdgA3wr09kgLj9s4IrXARuv5eRSRSwmg9 halIC7+Qi3J1kMHcGgr8AR4n9ZmjLwrnEGFPgTzB71zXzikgN8jnBW70GFgGmoou 3x7FDBkuIHTfvCD98ZyURLxovfA6QeN5tH6zgRBEAP79wVRhO8xrZpSPrQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNXuyZ/4QWTJkkhXPeEjaT+M7z3oMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAsLu9WWRibohvsgV8QZY8 6Z2ZtaX2QnYR3CZhPZYVG+DEhLuwSfVbja1zhxh4//cOs5M9ybYlUVlWpFEqt1SD xLQ+WuZ0BH7n2YgCe/St+mItVixT2mu3rXaqj9r6St4ATfa+KAMiDAvkA1fX9vKe n3nexPqzidN8D8glZPCeGtZqHQVa/3e8JxCIOOt6EK0J1OGil/KLjDNNCriRJgyj yWRt9bGVDOrWNpBH5ua7qmkU7AFS9Pc5WlqlMloSwtU0vo9OazBespXvcizQKyR4 qzy8VqcGLxFLzbvIk4xiOgLIKwJFySjlynwCZjA6M7cwhNa9fVJErYX7cm5q0kKZ Tg== -----END CERTIFICATE-----Generated at Sat Apr 26 08:24:55 2025 by rpki-client