$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa File: 453c01e0-c333-4283-987c-be2c8b71798c.roa (raw, json) Hash identifier: 6t800I6Qw7lc2RLTgHCaNjfi14CN2ckwTimL3tDGehA= Subject key identifier: CF:19:64:3A:59:0B:25:13:3B:AF:7D:54:81:70:83:62:F4:C6:CE:E4 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 28F1351DA8C309F8C517340E98AEDCD4E4C616BB Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa Signing time: Fri 25 Apr 2025 00:00:27 +0000 ROA not before: Fri 25 Apr 2025 00:00:27 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:f1:35:1d:a8:c3:09:f8:c5:17:34:0e:98:ae:dc:d4:e4:c6:16:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:27 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=fb7eb8494117a672bbdde631ee6f2c63deaec518a8ba8c5735bf7ea1d3466f4a, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:01:c7:4a:05:e9:06:12:99:9f:f4:20:af:7f: 10:5b:e4:b8:f9:17:ac:43:83:bb:da:6e:e7:ad:44: 04:6c:1a:2c:49:b9:6f:ed:33:88:44:b1:e5:70:e1: 26:c3:95:bb:e9:6b:e0:48:6b:a1:12:57:06:8d:a6: b0:06:93:7e:86:32:92:f6:9c:a1:e0:5f:f7:00:c3: 08:c3:8d:d3:7a:32:c8:63:e8:ea:90:87:88:78:03: 55:59:d3:10:aa:bb:e1:8c:2e:c9:3e:e7:c1:9a:66: cd:20:41:22:77:43:09:7d:d6:ef:6b:db:67:83:36: cf:ee:ff:6d:56:c0:b6:11:37:2b:75:3e:46:38:00: 61:71:8c:e4:4b:6e:e8:cf:ba:33:f2:33:2a:65:19: 17:e3:6f:d5:f9:94:73:49:fa:07:46:c7:54:6a:06: 30:11:7d:cf:62:e6:bc:dc:5b:e9:bf:4b:8d:c8:da: 66:70:22:79:d2:b2:a3:69:3f:14:db:82:f5:ce:86: 70:aa:cb:3b:d2:6d:f2:15:ea:ba:de:e3:0d:f6:4f: 8e:38:66:48:16:42:af:f4:e2:47:fd:d0:2f:e6:cb: a6:59:6b:d1:79:be:04:91:1e:48:d0:7a:6a:94:c8: 12:69:12:29:52:91:dd:6b:2b:d5:2c:4f:1d:ac:5b: c1:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:19:64:3A:59:0B:25:13:3B:AF:7D:54:81:70:83:62:F4:C6:CE:E4 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 42:fa:19:22:a3:1c:0f:5b:4c:ff:10:b5:b8:0c:dc:b3:95:ef: 39:31:db:32:b9:30:cc:73:86:4b:8a:ce:83:cc:62:41:f9:7d: c0:d2:0c:b6:98:da:0f:58:a6:07:44:d6:8e:0d:34:d1:d5:d6: 35:b5:b7:93:88:e5:f7:9c:f5:42:87:0b:3b:a9:ae:ca:5a:0c: da:11:c4:45:1b:26:2a:29:bb:8c:39:7b:7a:84:3b:6f:43:6d: 83:da:06:51:ff:17:dd:71:8d:96:7a:3a:95:f3:c1:e6:eb:ea: 38:5c:92:93:3a:bb:c9:f6:42:11:45:59:e9:df:20:fa:87:87: cf:4b:4b:53:18:e2:bd:d8:73:4e:66:f3:7a:ee:48:49:f1:27: 0e:25:97:33:1e:cc:9c:a7:34:7b:fa:4e:36:50:3d:f7:2a:5b: eb:91:64:2d:8e:91:3e:9d:0f:66:8f:bd:4a:30:57:00:14:20: 4c:c2:90:3c:24:4c:9d:b1:48:20:c9:55:b2:57:5a:bb:f5:87: a2:ed:1d:f7:e9:d8:94:a9:f1:14:22:ff:e3:93:7e:d0:31:19: 23:4a:99:b2:25:a4:3e:1a:46:e4:33:78:99:9f:02:57:44:ae: d4:e4:64:be:fd:17:fb:ad:39:06:92:ee:6a:95:b0:91:79:a6: ab:c5:df:6d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKPE1HajDCfjFFzQOmK7c1OTGFrswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAyN1oX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAZmI3ZWI4NDk0MTE3YTY3MmJiZGRl NjMxZWU2ZjJjNjNkZWFlYzUxOGE4YmE4YzU3MzViZjdlYTFkMzQ2NmY0YTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgHHSgXpBhKZn/Qgr38QW+S4+Res Q4O72m7nrUQEbBosSblv7TOIRLHlcOEmw5W76WvgSGuhElcGjaawBpN+hjKS9pyh 4F/3AMMIw43TejLIY+jqkIeIeANVWdMQqrvhjC7JPufBmmbNIEEid0MJfdbva9tn gzbP7v9tVsC2ETcrdT5GOABhcYzkS27oz7oz8jMqZRkX42/V+ZRzSfoHRsdUagYw EX3PYua83Fvpv0uNyNpmcCJ50rKjaT8U24L1zoZwqss70m3yFeq63uMN9k+OOGZI FkKv9OJH/dAv5sumWWvReb4EkR5I0HpqlMgSaRIpUpHdayvVLE8drFvBUQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFM8ZZDpZCyUTO699VIFwg2L0xs7kMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzQ1M2MwMWUwLWMzMzMtNDI4My05ODdjLWJlMmM4YjcxNzk4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4DAMA0GCSqGSIb3DQEBCwUAA4IBAQBC+hkioxwPW0z/ELW4 DNyzle85MdsyuTDMc4ZLis6DzGJB+X3A0gy2mNoPWKYHRNaODTTR1dY1tbeTiOX3 nPVChws7qa7KWgzaEcRFGyYqKbuMOXt6hDtvQ22D2gZR/xfdcY2WejqV88Hm6+o4 XJKTOrvJ9kIRRVnp3yD6h4fPS0tTGOK92HNOZvN67khJ8ScOJZczHsycpzR7+k42 UD33KlvrkWQtjpE+nQ9mj71KMFcAFCBMwpA8JEydsUggyVWyV1q79Yei7R336diU qfEUIv/jk37QMRkjSpmyJaQ+GkbkM3iZnwJXRK7U5GS+/Rf7rTkGku5qlbCReaar xd9t -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:07 2025 by rpki-client