$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json) Hash identifier: 2F3ofkPn5PIhbleUXi2I1py7kySiWdx84gtajZuZAeI= Subject key identifier: E7:B1:4E:44:43:37:25:CD:58:7F:D0:E0:C3:B9:D1:1F:61:5E:4F:B5 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 53BD65D3DBD1A69643DD7DE51B4FA2273B30C418 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa Signing time: Fri 25 Apr 2025 00:00:29 +0000 ROA not before: Fri 25 Apr 2025 00:00:29 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:bd:65:d3:db:d1:a6:96:43:dd:7d:e5:1b:4f:a2:27:3b:30:c4:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:29 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=1c59585a8a42d390a1361035ec35b17b4456bb7b9012f20e271e79f17902def3, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:3c:a0:3e:9b:19:73:8a:93:05:63:15:90:87: 86:9c:0c:1e:55:12:b9:38:22:4f:6e:d4:39:12:d2: 6e:e1:ba:cb:65:3c:27:f7:f4:f5:85:65:85:92:72: 99:45:a1:d0:e5:d7:b7:e2:e9:e7:2e:db:c6:89:5e: 00:5d:64:37:f4:14:04:88:04:56:db:d2:c0:54:1a: ef:8c:6a:33:4e:24:41:a1:8d:6d:37:be:ea:3b:37: c3:0b:23:ff:f3:1a:ee:a5:ff:83:87:01:0e:31:6d: 54:88:6e:ae:de:92:22:df:21:2e:6c:e3:50:c2:b7: b0:f9:b5:39:cb:62:8d:43:47:d7:f8:2b:e6:ea:7f: 6c:fe:26:8f:2c:bd:da:32:1f:0b:c2:43:44:f2:df: bd:e8:ae:a2:50:5e:de:b6:29:16:2b:15:28:00:9f: 95:24:81:15:68:41:2b:1b:93:27:40:4f:e8:9d:63: f9:e8:c1:69:00:56:35:a3:10:70:f8:48:22:d6:81: f0:77:76:c5:ab:a7:04:14:49:53:13:aa:57:9d:47: 0f:13:42:df:7c:1d:30:2a:22:37:2b:3e:f7:b1:08: ae:5c:9b:4b:da:3d:cc:65:66:ac:0b:53:53:df:1f: 35:ba:20:96:94:31:c9:e7:e2:e4:93:6e:8b:66:de: a9:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:B1:4E:44:43:37:25:CD:58:7F:D0:E0:C3:B9:D1:1F:61:5E:4F:B5 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 6f:6f:af:f2:c3:23:04:15:a3:cb:9d:a9:3f:62:83:c8:71:3a: 0a:f9:a1:17:f2:27:d6:7f:28:60:57:68:9e:f3:a2:6a:1c:8d: 5e:6f:7f:0e:f0:1b:66:0e:19:cf:6e:3d:1e:ec:f6:66:0d:b6: 1f:3a:58:9e:b1:8a:12:07:01:b3:71:a1:3e:5e:df:8b:83:13: 71:c7:c7:34:a5:d2:62:dd:ad:1a:bb:db:4f:a8:b0:b0:ca:10: 06:29:2b:b0:13:dd:d0:b1:c7:f1:83:86:11:d1:d3:8c:05:58: 70:38:73:64:dd:65:c7:58:b9:6d:62:20:ff:46:b2:6c:25:ba: f4:bf:73:ef:3d:1d:25:37:a0:24:51:11:70:1a:33:2c:f7:3e: 00:e4:a0:93:33:e1:96:a9:ca:df:27:42:03:d1:81:f6:30:cf: 34:ec:26:d8:58:fe:28:92:b4:df:7e:c2:6d:49:35:59:50:23: eb:b8:64:94:10:b5:1e:79:24:bc:39:20:52:d2:89:a2:eb:cd: c1:c0:6a:0b:bc:44:c2:18:d2:f8:05:e0:06:59:89:26:ba:5d: b3:15:43:57:1b:8f:61:57:30:f2:43:c6:28:88:01:a3:39:09: 62:0c:2c:18:10:3a:2c:21:f8:25:3e:32:e6:5c:c1:94:73:86: 4a:a6:61:1d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUU71l09vRppZD3X3lG0+iJzswxBgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAyOVoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMWM1OTU4NWE4YTQyZDM5MGExMzYx MDM1ZWMzNWIxN2I0NDU2YmI3YjkwMTJmMjBlMjcxZTc5ZjE3OTAyZGVmMzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DygPpsZc4qTBWMVkIeGnAweVRK5 OCJPbtQ5EtJu4brLZTwn9/T1hWWFknKZRaHQ5de34unnLtvGiV4AXWQ39BQEiARW 29LAVBrvjGozTiRBoY1tN77qOzfDCyP/8xrupf+DhwEOMW1UiG6u3pIi3yEubONQ wrew+bU5y2KNQ0fX+Cvm6n9s/iaPLL3aMh8LwkNE8t+96K6iUF7etikWKxUoAJ+V JIEVaEErG5MnQE/onWP56MFpAFY1oxBw+Egi1oHwd3bFq6cEFElTE6pXnUcPE0Lf fB0wKiI3Kz73sQiuXJtL2j3MZWasC1NT3x81uiCWlDHJ5+Lkk26LZt6pdQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOexTkRDNyXNWH/Q4MO50R9hXk+1MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBAG9vr/LDIwQVo8udqT9i g8hxOgr5oRfyJ9Z/KGBXaJ7zomocjV5vfw7wG2YOGc9uPR7s9mYNth86WJ6xihIH AbNxoT5e34uDE3HHxzSl0mLdrRq720+osLDKEAYpK7AT3dCxx/GDhhHR04wFWHA4 c2TdZcdYuW1iIP9GsmwluvS/c+89HSU3oCRREXAaMyz3PgDkoJMz4Zapyt8nQgPR gfYwzzTsJthY/iiStN9+wm1JNVlQI+u4ZJQQtR55JLw5IFLSiaLrzcHAagu8RMIY 0vgF4AZZiSa6XbMVQ1cbj2FXMPJDxiiIAaM5CWIMLBgQOiwh+CU+MuZcwZRzhkqm YR0= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:06 2025 by rpki-client