$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa File: 788c3900-e4d5-439b-b231-3a69b5354901.roa (raw, json) Hash identifier: Qca7c4s6nvoK3SedLwRZvBwYQgJzX4Xzmkm+ObhmKes= Subject key identifier: 30:91:14:50:5B:5C:C1:2F:CB:49:E1:32:EF:FE:C1:DB:1E:99:17:57 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 334825ED03BF11EA7EDB0FB8482F78F3C272B265 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa Signing time: Fri 25 Apr 2025 00:00:54 +0000 ROA not before: Fri 25 Apr 2025 00:00:54 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:48:25:ed:03:bf:11:ea:7e:db:0f:b8:48:2f:78:f3:c2:72:b2:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:54 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=8a960b8177580bfe1b428b37d5e4d49bf9f267aa4ce3e853621be86512002138, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:8a:78:c7:38:11:bd:90:71:e4:f1:1f:39:01: fc:cf:88:c3:23:19:10:fc:95:43:07:f4:6f:c0:ad: 1d:eb:c3:2b:2c:ca:9f:ac:14:fa:08:7b:56:4c:17: 16:c5:9a:a0:dd:4f:dd:bf:e2:31:e8:a9:4e:ec:21: ef:aa:fd:a6:84:e5:02:5b:ce:e9:e2:21:db:1b:e3: cc:7b:0f:1a:92:51:3c:65:e5:7a:3d:aa:41:d0:ec: 25:5d:d1:24:b3:b5:0a:9d:5a:20:58:23:e2:c2:d8: 63:2b:ed:ca:4f:ba:ac:92:0a:3f:6d:b1:fb:50:13: 48:01:36:4b:c2:de:55:76:38:2e:71:bc:c9:56:e3: 29:c8:11:b8:a3:6e:1f:a7:43:d4:c2:6d:bb:94:c7: 73:e2:e1:76:2f:6b:24:3e:55:06:b7:83:7d:c6:1e: bc:e8:ec:ac:0e:ea:b4:18:fa:ba:17:db:de:fe:89: ce:6a:c9:4d:0f:03:4e:6e:4a:25:bf:b4:f6:ce:08: 4b:08:97:67:4b:8a:71:6b:a4:06:6e:48:7b:10:61: f4:9a:8c:ef:a9:32:e6:ad:2d:a7:62:fb:f9:f6:20: 9d:d4:f5:0e:0d:3f:7a:d0:d9:a5:4b:f2:9a:54:f0: ad:0c:bd:fb:e0:c5:87:94:38:98:69:5b:7a:b2:03: e0:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:91:14:50:5B:5C:C1:2F:CB:49:E1:32:EF:FE:C1:DB:1E:99:17:57 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014::/38 Signature Algorithm: sha256WithRSAEncryption 76:ed:53:79:99:7c:07:f3:8e:5c:85:1b:f7:85:57:e0:4c:a8: 42:e5:d9:50:8c:36:16:4c:02:87:26:1b:2d:2d:20:73:f5:c4: 87:af:5a:f6:92:e4:98:fe:a8:eb:66:a2:07:54:4f:da:2a:c4: f0:ae:77:a1:bb:93:3a:6a:15:ea:77:03:f2:fe:30:4d:a2:2a: ed:1e:3e:f1:54:ea:1d:96:e4:02:79:9d:72:3e:01:9d:a6:d6: a5:48:16:b5:89:1a:b6:ea:c3:67:48:a4:d0:7a:6c:2f:3e:64: a0:1b:81:7e:43:e5:f6:8b:fc:2d:0e:48:a3:72:bc:40:83:a8: 3b:d4:91:9a:f1:b9:30:44:7e:23:26:57:8c:de:56:e3:b0:2d: c6:45:15:25:7c:cf:d0:ae:4a:55:37:21:52:c2:5f:e4:04:c7: 8f:b1:83:b5:54:3c:85:7e:b8:97:d5:3c:10:e7:41:2b:9d:1d: 7d:41:5d:ba:dd:d3:1e:2b:44:ad:51:c2:94:71:7c:da:05:e5: 5d:be:4f:49:ef:55:64:05:7e:91:df:54:91:00:d4:b9:b7:73: 2c:2c:cb:82:27:ef:2d:64:de:4c:d0:0a:ff:17:be:06:da:df: 61:91:e2:36:08:a6:a0:38:1b:41:98:55:ed:01:46:24:b1:51: e6:28:84:8a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM0gl7QO/Eep+2w+4SC9488JysmUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA1NFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAOGE5NjBiODE3NzU4MGJmZTFiNDI4 YjM3ZDVlNGQ0OWJmOWYyNjdhYTRjZTNlODUzNjIxYmU4NjUxMjAwMjEzODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoop4xzgRvZBx5PEfOQH8z4jDIxkQ /JVDB/RvwK0d68MrLMqfrBT6CHtWTBcWxZqg3U/dv+Ix6KlO7CHvqv2mhOUCW87p 4iHbG+PMew8aklE8ZeV6PapB0OwlXdEks7UKnVogWCPiwthjK+3KT7qskgo/bbH7 UBNIATZLwt5VdjgucbzJVuMpyBG4o24fp0PUwm27lMdz4uF2L2skPlUGt4N9xh68 6OysDuq0GPq6F9ve/onOaslNDwNObkolv7T2zghLCJdnS4pxa6QGbkh7EGH0mozv qTLmrS2nYvv59iCd1PUODT960NmlS/KaVPCtDL374MWHlDiYaVt6sgPgfQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDCRFFBbXMEvy0nhMu/+wdsemRdXMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 Lzc4OGMzOTAwLWU0ZDUtNDM5Yi1iMjMxLTNhNjliNTM1NDkwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAAwDQYJKoZIhvcNAQELBQADggEBAHbtU3mZfAfzjlyFG/eF V+BMqELl2VCMNhZMAocmGy0tIHP1xIevWvaS5Jj+qOtmogdUT9oqxPCud6G7kzpq Fep3A/L+ME2iKu0ePvFU6h2W5AJ5nXI+AZ2m1qVIFrWJGrbqw2dIpNB6bC8+ZKAb gX5D5faL/C0OSKNyvECDqDvUkZrxuTBEfiMmV4zeVuOwLcZFFSV8z9CuSlU3IVLC X+QEx4+xg7VUPIV+uJfVPBDnQSudHX1BXbrd0x4rRK1RwpRxfNoF5V2+T0nvVWQF fpHfVJEA1Lm3cywsy4In7y1k3kzQCv8Xvgba32GR4jYIpqA4G0GYVe0BRiSxUeYo hIo= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:05 2025 by rpki-client