$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa File: 64aa0337-4cf9-42c7-b236-4cd36e69005e.roa (raw, json) Hash identifier: dK2e3MV435MELU8pPNdW8m9gBgJxE+diOHT2HgM+WKU= Subject key identifier: 0B:30:ED:17:23:2C:A7:20:E0:F7:EC:B8:92:14:5A:2C:A0:29:73:57 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0F04D8537A61084EBC3F0A6C79BA481ED344616A Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa Signing time: Fri 25 Apr 2025 00:01:00 +0000 ROA not before: Fri 25 Apr 2025 00:01:00 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:04:d8:53:7a:61:08:4e:bc:3f:0a:6c:79:ba:48:1e:d3:44:61:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:01:00 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=d01985957fbf8a934e2aacea9df05610b6306c60e8f7172970f5a927259f63b4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:48:f6:47:e1:09:bd:3e:cd:28:e3:c4:f0:31: 7c:09:62:5a:7a:28:90:46:35:42:db:35:58:14:b8: 3d:88:24:f8:3b:83:15:40:66:65:4a:86:5b:10:1e: d4:41:b7:8f:7a:2f:12:be:0a:99:81:0f:75:c6:a7: 0d:c0:8b:8b:ac:93:c0:22:0c:5e:d2:7d:67:7a:a9: f7:00:0d:36:34:97:5a:92:aa:98:0c:31:02:ad:75: 01:bd:55:e4:74:88:34:0b:e8:56:be:67:ba:40:27: 15:47:f1:e2:7f:66:77:f0:e0:f6:ef:d8:c1:4b:83: 50:de:d7:0a:2f:4f:a1:fd:93:a0:0f:53:b4:ba:07: ab:b2:cf:e8:c8:67:3a:c3:6c:8e:21:c3:c4:8d:a6: 74:85:d5:d5:d9:f9:b6:37:74:d5:6d:4b:55:32:18: ed:31:d2:0a:34:23:01:27:76:e3:c7:76:e3:09:6d: 76:4b:d3:a1:d9:39:1c:41:9d:42:c7:be:e1:2f:48: b2:31:a3:f8:69:40:8c:5a:e7:79:49:dc:84:36:e6: a7:a5:5e:bd:26:92:0e:07:d6:f8:30:d0:bc:09:37: 02:4e:62:7f:cc:be:cf:c9:ca:b9:cf:92:31:9d:80: f9:ab:4b:9b:1c:de:88:14:02:0a:b1:50:e5:25:8c: 39:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:30:ED:17:23:2C:A7:20:E0:F7:EC:B8:92:14:5A:2C:A0:29:73:57 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f1::/32 Signature Algorithm: sha256WithRSAEncryption 1d:5a:55:d5:21:5e:c2:46:91:57:13:03:a2:fc:c5:22:97:84: a7:56:56:af:c0:bc:bc:6d:53:3c:43:e9:fb:1b:0f:39:0e:8a: b8:c0:97:00:53:b2:13:e4:1c:b1:8f:54:f0:63:7b:ba:e4:12: 1e:41:ed:ae:c5:9b:da:f6:34:fd:e9:4e:9a:0a:fa:ae:be:1d: dd:92:25:26:22:ab:2f:ea:4a:6b:c3:a4:58:01:32:ae:2d:d1: 72:d6:0d:a2:60:c1:fb:71:46:b1:dd:3d:4e:c7:37:11:52:d6: b8:61:b0:53:03:42:81:57:79:60:9a:71:6c:87:e0:22:45:2f: 01:ba:4f:00:0f:1c:ea:be:7c:c7:5c:48:f8:a6:2b:cf:2b:da: 59:47:4c:65:c5:82:2a:db:31:d1:db:d0:3e:a1:3f:7a:3f:31: 7d:55:af:f9:aa:b7:92:8e:0d:d4:6d:06:a6:c4:73:44:15:9d: a3:8c:6a:91:b7:b3:77:49:65:aa:54:a8:ca:88:2f:21:e6:ed: 82:34:d8:2a:84:d7:aa:86:64:27:e2:80:4b:14:6e:9b:02:fc: 0c:ce:a3:25:31:94:07:2b:46:7a:83:3a:28:95:45:86:ed:0a: f8:80:0e:8c:52:11:39:3d:41:66:1d:99:3e:9c:9c:a4:d7:3b: f5:be:43:71 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUDwTYU3phCE68PwpsebpIHtNEYWowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDEwMFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAZDAxOTg1OTU3ZmJmOGE5MzRlMmFh Y2VhOWRmMDU2MTBiNjMwNmM2MGU4ZjcxNzI5NzBmNWE5MjcyNTlmNjNiNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEj2R+EJvT7NKOPE8DF8CWJaeiiQ RjVC2zVYFLg9iCT4O4MVQGZlSoZbEB7UQbePei8SvgqZgQ91xqcNwIuLrJPAIgxe 0n1neqn3AA02NJdakqqYDDECrXUBvVXkdIg0C+hWvme6QCcVR/Hif2Z38OD279jB S4NQ3tcKL0+h/ZOgD1O0ugerss/oyGc6w2yOIcPEjaZ0hdXV2fm2N3TVbUtVMhjt MdIKNCMBJ3bjx3bjCW12S9Oh2TkcQZ1Cx77hL0iyMaP4aUCMWud5SdyENuanpV69 JpIOB9b4MNC8CTcCTmJ/zL7Pycq5z5IxnYD5q0ubHN6IFAIKsVDlJYw5sQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFAsw7RcjLKcg4PfsuJIUWiygKXNXMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzY0YWEwMzM3LTRjZjktNDJjNy1iMjM2LTRjZDM2ZTY5MDA1ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8TANBgkqhkiG9w0BAQsFAAOCAQEAHVpV1SFewkaRVxMDovzF IpeEp1ZWr8C8vG1TPEPp+xsPOQ6KuMCXAFOyE+QcsY9U8GN7uuQSHkHtrsWb2vY0 /elOmgr6rr4d3ZIlJiKrL+pKa8OkWAEyri3RctYNomDB+3FGsd09Tsc3EVLWuGGw UwNCgVd5YJpxbIfgIkUvAbpPAA8c6r58x1xI+KYrzyvaWUdMZcWCKtsx0dvQPqE/ ej8xfVWv+aq3ko4N1G0GpsRzRBWdo4xqkbezd0llqlSoyogvIebtgjTYKoTXqoZk J+KASxRumwL8DM6jJTGUBytGeoM6KJVFhu0K+IAOjFIROT1BZh2ZPpycpNc79b5D cQ== -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:09 2025 by rpki-client