$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa File: 8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa (raw, json) Hash identifier: f5adKiPU0uHiun3wElRCfYE/tbs6wRJrou1V+f8drDo= Subject key identifier: 9E:BF:39:19:66:BB:C1:02:56:0C:E7:BC:A3:CD:7B:0B:E7:06:E7:58 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2A23C07160EF07D15E1AA6E08349A571AAE92A5C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa Signing time: Fri 25 Apr 2025 00:00:44 +0000 ROA not before: Fri 25 Apr 2025 00:00:44 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:23:c0:71:60:ef:07:d1:5e:1a:a6:e0:83:49:a5:71:aa:e9:2a:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:44 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=d9907ed51b3f3db148623dd014c3daab8aeca2ce40e73c2ea6f6e6d4973bc560, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a0:b5:0e:67:3f:51:63:6f:e4:84:eb:4f:d4: 9b:da:29:c7:a7:ab:50:e6:06:0b:a6:46:7a:b2:42: 2e:3a:f7:60:2a:d9:9d:81:4b:79:8a:bd:c7:c9:fd: f8:46:ad:a5:7b:92:3e:fa:6e:f1:b6:ce:83:1f:a6: 69:5d:58:c7:0f:d0:84:56:a5:e8:2a:d1:b4:88:a9: 08:03:ee:c1:f0:77:08:0c:23:37:76:5d:06:4a:b1: 28:19:1b:3b:d2:3e:ea:aa:7a:92:c0:4c:ed:65:f4: b7:7c:87:a4:61:ac:2f:6b:18:50:8e:c6:2a:a4:1e: 6a:83:6e:72:a8:c7:b6:a6:4e:d9:5e:4d:f0:20:a3: 31:a1:3c:d6:74:14:a5:ba:2b:0c:7b:e1:d4:69:c6: b5:8b:50:62:12:f6:ed:4f:87:02:f9:51:d1:4e:8e: a4:b2:b0:4d:5a:90:04:ea:6a:6c:a7:79:e3:8b:d2: 72:9a:49:bc:36:a4:3a:b9:5e:21:84:dc:57:81:03: ad:55:ff:75:ca:28:bf:7c:17:63:6d:90:7c:7b:f7: 1f:c6:a9:8c:72:4c:e5:ca:e6:49:dd:fd:d3:f2:d4: 1d:21:97:55:22:b0:89:3c:d9:45:23:58:7b:a8:14: e8:ac:03:4d:02:7e:08:7a:00:52:7c:7e:09:90:09: 19:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:BF:39:19:66:BB:C1:02:56:0C:E7:BC:A3:CD:7B:0B:E7:06:E7:58 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:400::/38 Signature Algorithm: sha256WithRSAEncryption 98:11:1d:f6:32:ab:36:33:f2:ef:1a:c9:7a:27:50:f5:04:dc: 62:06:8a:4a:06:80:ff:e5:09:c8:c0:f4:ef:f9:f3:f2:cc:63: a2:e9:3d:f5:8d:5a:f6:d9:79:dc:aa:33:f6:8c:58:97:7d:1a: db:54:87:c2:77:de:29:6c:0c:ee:51:80:ec:d8:a3:64:04:7e: 39:5b:d5:c0:c2:58:68:cf:16:5e:58:3b:78:44:24:97:d8:73: 3e:cd:b0:7c:55:0f:aa:d8:43:d7:dd:bb:c8:2f:6c:3f:c6:ea: 20:01:ae:5a:27:65:82:6a:49:22:fd:67:18:71:3e:69:d4:8f: 7d:fd:d5:f6:e9:46:f9:6d:56:c6:7f:e8:e8:9a:c6:98:77:7c: 1e:14:b2:1c:a3:ec:a2:e4:e0:49:81:f1:9b:70:54:05:dd:45: a2:7e:75:39:04:05:e4:5c:85:23:ec:9c:26:b9:15:f9:d8:0f: 70:aa:c9:e9:f5:c6:7c:39:cc:60:ef:c9:c2:9a:b5:02:d2:e5: b8:af:c2:c2:82:7f:b1:45:39:f9:1b:5e:3a:16:98:3f:32:6d: 46:09:2b:36:20:ac:b0:a2:dd:56:16:b5:2d:84:7b:21:66:33: c3:58:9d:d5:11:11:08:33:84:d9:1b:27:90:b5:99:61:ad:46: 26:d6:8b:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKiPAcWDvB9FeGqbgg0mlcarpKlwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA0NFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAZDk5MDdlZDUxYjNmM2RiMTQ4NjIz ZGQwMTRjM2RhYWI4YWVjYTJjZTQwZTczYzJlYTZmNmU2ZDQ5NzNiYzU2MDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqC1Dmc/UWNv5ITrT9Sb2inHp6tQ 5gYLpkZ6skIuOvdgKtmdgUt5ir3Hyf34Rq2le5I++m7xts6DH6ZpXVjHD9CEVqXo KtG0iKkIA+7B8HcIDCM3dl0GSrEoGRs70j7qqnqSwEztZfS3fIekYawvaxhQjsYq pB5qg25yqMe2pk7ZXk3wIKMxoTzWdBSluisMe+HUaca1i1BiEvbtT4cC+VHRTo6k srBNWpAE6mpsp3nji9Jymkm8NqQ6uV4hhNxXgQOtVf91yii/fBdjbZB8e/cfxqmM ckzlyuZJ3f3T8tQdIZdVIrCJPNlFI1h7qBTorANNAn4IegBSfH4JkAkZiwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ6/ORlmu8ECVgznvKPNewvnBudYMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzhiZjMxMWU5LWQyN2YtNDZmYS04ZjA1LTJlZDZiMTc2YjViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAQwDQYJKoZIhvcNAQELBQADggEBAJgRHfYyqzYz8u8ayXon UPUE3GIGikoGgP/lCcjA9O/58/LMY6LpPfWNWvbZedyqM/aMWJd9GttUh8J33ils DO5RgOzYo2QEfjlb1cDCWGjPFl5YO3hEJJfYcz7NsHxVD6rYQ9fdu8gvbD/G6iAB rlonZYJqSSL9ZxhxPmnUj3391fbpRvltVsZ/6Oiaxph3fB4Ushyj7KLk4EmB8Ztw VAXdRaJ+dTkEBeRchSPsnCa5FfnYD3Cqyen1xnw5zGDvycKatQLS5bivwsKCf7FF OfkbXjoWmD8ybUYJKzYgrLCi3VYWtS2EeyFmM8NYndUREQgzhNkbJ5C1mWGtRibW i60= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:09 2025 by rpki-client