$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa File: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (raw, json) Hash identifier: RGI32KwTOQd3MwPnwOZubKeCkeqmy6SvE78kJ8/C1no= Subject key identifier: A9:D4:19:C6:BB:A2:EF:4A:A0:C6:67:26:7C:25:D8:88:A9:02:43:51 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 22045639BF27EB26A82C42BEA1D61F4775E07AB5 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa Signing time: Mon 21 Apr 2025 17:00:10 +0000 ROA not before: Mon 21 Apr 2025 17:00:10 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:04:56:39:bf:27:eb:26:a8:2c:42:be:a1:d6:1f:47:75:e0:7a:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 21 17:00:10 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=d9924c7ff38a649cef6bc5eca48eea047695f199045235c2eb46bcb0539c1042, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:63:ae:5d:4f:26:63:33:c8:e4:42:1d:65:16: 81:a2:c6:fc:22:66:7e:f9:88:21:4e:9d:2e:a3:48: c9:11:c8:a5:91:2a:f0:8d:86:65:19:0a:79:98:e1: c9:b1:b1:21:e9:90:61:5d:55:ba:72:3e:a9:77:d9: 40:0d:4b:e4:64:aa:fd:b3:57:49:42:a5:15:b5:d4: 9b:b0:42:5c:7e:b3:a4:d7:0f:0a:1b:c3:6d:ef:52: 0e:3d:4d:3a:b2:67:4d:b6:9a:d0:bd:7a:78:32:69: f9:30:05:b2:9a:b3:c7:6a:64:e4:dc:eb:66:70:97: 47:2b:a2:0b:71:89:2b:7f:3a:61:97:bd:8e:b4:ee: 96:f0:92:31:0d:b6:6d:71:93:4b:68:3e:f3:8d:4d: 64:ee:e1:cb:b6:2e:61:b4:f7:9c:bf:46:ce:5a:67: 4d:dd:6a:3b:e2:84:3d:36:08:86:70:ac:27:56:6e: 78:fb:83:2f:6b:05:82:32:86:df:b0:63:ae:da:9a: d3:77:b5:c6:ee:6a:8e:5b:fc:d1:16:5c:29:8b:4e: de:74:04:84:e3:c6:d9:d1:96:83:12:a1:cb:7e:f3: 97:e8:d6:b6:f9:29:23:75:49:c0:7d:c1:9c:3c:12: 98:a0:af:95:c6:73:7b:b1:90:7c:f5:6a:62:cb:61: 61:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:D4:19:C6:BB:A2:EF:4A:A0:C6:67:26:7C:25:D8:88:A9:02:43:51 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:8000::/40 Signature Algorithm: sha256WithRSAEncryption 38:e1:a0:73:2a:90:f8:a8:9b:bd:16:5c:96:51:c0:97:ba:39: 42:f5:c5:1c:d7:21:e6:8b:28:34:bc:b2:f5:b2:c7:cd:9d:ff: 9b:d2:1f:ed:e5:1c:8d:9e:00:66:26:a3:c7:1b:f5:ac:9e:0e: 39:fc:57:bc:d0:48:36:85:18:28:9d:60:9e:54:11:21:70:ec: 29:e9:16:59:70:11:1a:60:d7:45:6b:b9:a3:0a:38:ad:37:ae: 05:5c:20:19:14:d6:8c:18:44:62:24:6c:cc:4c:61:22:f0:54: d2:1a:d6:4b:fd:35:e3:55:6a:c2:f5:20:16:59:b1:e6:46:77: 2c:80:b4:93:9c:98:66:db:3a:42:b6:c1:76:7a:15:6f:6b:f5: 54:17:fa:18:a8:b2:38:dc:bf:3a:8e:97:67:83:f9:92:f7:78: fd:74:2e:12:6d:7f:fa:dd:70:ea:a8:69:1f:8b:4e:e7:81:ac: 3f:bf:03:b8:17:8d:30:1b:8a:14:39:08:5a:d4:f9:02:3d:bf: 35:0a:53:b7:9b:c7:df:7b:38:84:bd:36:6c:52:1e:34:78:6c: c9:a7:33:dc:d6:d4:30:6b:ba:49:ca:5c:6d:5c:13:e6:d5:c7: 05:6e:e5:61:b8:34:b5:c7:d9:91:ab:f2:d5:04:32:42:75:c9: ea:ef:c1:95 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIgRWOb8n6yaoLEK+odYfR3XgerUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyMTE3MDAxMFoX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZDk5MjRjN2ZmMzhhNjQ5Y2VmNmJj NWVjYTQ4ZWVhMDQ3Njk1ZjE5OTA0NTIzNWMyZWI0NmJjYjA1MzljMTA0MjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmOuXU8mYzPI5EIdZRaBosb8ImZ+ +YghTp0uo0jJEcilkSrwjYZlGQp5mOHJsbEh6ZBhXVW6cj6pd9lADUvkZKr9s1dJ QqUVtdSbsEJcfrOk1w8KG8Nt71IOPU06smdNtprQvXp4Mmn5MAWymrPHamTk3Otm cJdHK6ILcYkrfzphl72OtO6W8JIxDbZtcZNLaD7zjU1k7uHLti5htPecv0bOWmdN 3Wo74oQ9NgiGcKwnVm54+4MvawWCMobfsGOu2prTd7XG7mqOW/zRFlwpi07edASE 48bZ0ZaDEqHLfvOX6Na2+SkjdUnAfcGcPBKYoK+VxnN7sZB89Wpiy2FhbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKnUGca7ou9KoMZnJnwl2IipAkNRMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU3Zjg0MzNjLWYxNjItNGIxMC04NTI3LWZiZjdjZGJiNmFhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+IAwDQYJKoZIhvcNAQELBQADggEBADjhoHMqkPiom70WXJZR wJe6OUL1xRzXIeaLKDS8svWyx82d/5vSH+3lHI2eAGYmo8cb9ayeDjn8V7zQSDaF GCidYJ5UESFw7CnpFllwERpg10VruaMKOK03rgVcIBkU1owYRGIkbMxMYSLwVNIa 1kv9NeNVasL1IBZZseZGdyyAtJOcmGbbOkK2wXZ6FW9r9VQX+hiosjjcvzqOl2eD +ZL3eP10LhJtf/rdcOqoaR+LTueBrD+/A7gXjTAbihQ5CFrU+QI9vzUKU7ebx997 OIS9NmxSHjR4bMmnM9zW1DBruknKXG1cE+bVxwVu5WG4NLXH2ZGr8tUEMkJ1yerv wZU= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:10 2025 by rpki-client