$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa File: 5484d331-446c-4042-9500-dd3002e6a910.roa (raw, json) Hash identifier: ZarR8vWwE8LcFqqYqNUOInmUJ6jp6fgkvPNYgriCVW0= Subject key identifier: 74:70:04:6F:C5:FD:D7:A8:B2:3A:E6:A5:7A:A7:C2:3D:81:70:90:8B Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2BF1CC59897F3DAF51F04913163D2BF015CCCC9B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa Signing time: Fri 25 Apr 2025 00:00:42 +0000 ROA not before: Fri 25 Apr 2025 00:00:42 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:f1:cc:59:89:7f:3d:af:51:f0:49:13:16:3d:2b:f0:15:cc:cc:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:42 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=e942f96c5fadf30dc9030ed1d3aa31369482bf23bdf95ef27760d0893ad23ec0, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:50:19:4c:11:86:c4:02:c2:fe:11:f8:b0:14: 2c:a0:51:2d:5a:d2:73:50:0d:51:df:6d:37:12:d0: ee:7a:a7:27:36:e0:5b:8e:ff:f3:aa:d0:48:51:3e: 09:aa:a6:76:cd:da:30:e9:22:18:5d:86:81:a8:43: 2c:b6:6a:ea:80:90:30:9f:dd:11:5c:f8:f9:d5:55: 69:33:96:67:56:b8:9b:48:34:cc:40:66:7b:52:d0: 00:ee:69:23:f7:10:ef:99:11:c4:20:52:8b:d4:c1: e9:8e:80:72:b2:5d:bd:75:a3:21:d1:6b:a5:83:e6: 9a:a8:ab:30:1f:00:a6:4c:bc:07:fc:f1:bc:d3:92: d3:3c:4c:e3:6a:e8:ae:fd:6c:08:fa:52:66:f2:51: 0c:b3:c0:79:58:87:7a:7f:77:37:5e:c9:8d:7a:1a: a1:00:eb:60:c9:22:96:82:1a:ba:8a:cd:88:52:ec: ea:9e:30:aa:c8:49:3c:48:61:7e:01:21:ac:a7:1b: 8c:e8:d3:8e:96:15:7c:fd:b8:3a:7c:44:20:f3:83: e0:71:60:c1:bf:d7:f1:da:88:22:8b:3f:5f:b5:25: b8:81:d5:04:12:9e:b1:e8:fb:55:d3:0a:e7:2b:4a: 12:96:ea:26:73:2e:4c:e6:e3:b1:6c:1d:db:90:ab: 46:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:70:04:6F:C5:FD:D7:A8:B2:3A:E6:A5:7A:A7:C2:3D:81:70:90:8B X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:c00::/38 Signature Algorithm: sha256WithRSAEncryption 86:cd:21:da:c3:07:21:cc:15:ce:a5:34:d7:dd:80:b4:93:00: 35:88:a3:24:da:0e:e8:6b:9e:a5:bf:91:c1:4b:b9:0c:48:7c: 1d:90:3b:ff:22:a5:01:fc:2a:fc:2a:8c:e9:f8:13:ed:91:ae: 27:cd:72:16:cf:4d:76:86:03:6a:56:b6:10:50:7c:4e:ab:db: 4b:09:1a:bb:06:65:df:f3:d9:20:c3:02:d3:5c:35:87:73:21: bb:2b:21:b9:94:bb:f2:42:3d:ac:bc:44:d6:f3:c8:b5:33:5b: 5c:ea:99:e5:61:47:1b:89:88:7e:a7:db:c3:64:b0:d5:18:a8: 3d:04:fc:3b:ab:70:af:f1:0f:ef:6f:18:02:95:d5:18:70:65: 0c:62:26:77:23:61:57:97:4c:14:3e:88:0c:49:d4:27:3d:27: b0:b1:74:44:68:1d:46:79:4a:2e:1b:ba:78:2a:8f:cb:5e:b4: 6d:cc:75:00:12:d1:3a:8c:87:0b:88:f1:67:43:3d:e6:ee:80: 37:71:3b:a4:41:3d:5e:13:1a:04:82:da:7a:4c:1a:4a:3c:f1: c7:b4:39:71:d7:64:ce:21:45:e1:4a:1d:99:f5:ca:04:87:26: a3:a0:51:05:eb:d6:65:40:85:95:9d:ef:ae:ee:1a:8e:d1:1f: a2:fa:ce:8e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUK/HMWYl/Pa9R8EkTFj0r8BXMzJswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA0MloX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAZTk0MmY5NmM1ZmFkZjMwZGM5MDMw ZWQxZDNhYTMxMzY5NDgyYmYyM2JkZjk1ZWYyNzc2MGQwODkzYWQyM2VjMDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFAZTBGGxALC/hH4sBQsoFEtWtJz UA1R3203EtDueqcnNuBbjv/zqtBIUT4JqqZ2zdow6SIYXYaBqEMstmrqgJAwn90R XPj51VVpM5ZnVribSDTMQGZ7UtAA7mkj9xDvmRHEIFKL1MHpjoBysl29daMh0Wul g+aaqKswHwCmTLwH/PG805LTPEzjauiu/WwI+lJm8lEMs8B5WId6f3c3XsmNehqh AOtgySKWghq6is2IUuzqnjCqyEk8SGF+ASGspxuM6NOOlhV8/bg6fEQg84PgcWDB v9fx2ogiiz9ftSW4gdUEEp6x6PtV0wrnK0oSluomcy5M5uOxbB3bkKtGkQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHRwBG/F/deosjrmpXqnwj2BcJCLMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU0ODRkMzMxLTQ0NmMtNDA0Mi05NTAwLWRkMzAwMmU2YTkxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAwwDQYJKoZIhvcNAQELBQADggEBAIbNIdrDByHMFc6lNNfd gLSTADWIoyTaDuhrnqW/kcFLuQxIfB2QO/8ipQH8KvwqjOn4E+2RrifNchbPTXaG A2pWthBQfE6r20sJGrsGZd/z2SDDAtNcNYdzIbsrIbmUu/JCPay8RNbzyLUzW1zq meVhRxuJiH6n28NksNUYqD0E/DurcK/xD+9vGAKV1RhwZQxiJncjYVeXTBQ+iAxJ 1Cc9J7CxdERoHUZ5Si4bungqj8tetG3MdQAS0TqMhwuI8WdDPebugDdxO6RBPV4T GgSC2npMGko88ce0OXHXZM4hReFKHZn1ygSHJqOgUQXr1mVAhZWd767uGo7RH6L6 zo4= -----END CERTIFICATE-----Generated at Sat Apr 26 08:24:55 2025 by rpki-client