$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: QMN7j+aVod6g5YbA8n8NIzpMPjAgvSE8PzVelcp5Otg= Subject key identifier: 51:C0:A0:EE:3B:58:0A:38:95:D7:03:85:7B:6F:56:D7:A0:CB:43:D6 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 04A64B04333820CC55089A65089B2476F576E185 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Fri 25 Apr 2025 00:00:38 +0000 ROA not before: Fri 25 Apr 2025 00:00:38 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:a6:4b:04:33:38:20:cc:55:08:9a:65:08:9b:24:76:f5:76:e1:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:38 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=b0243d1a3a2b08111e697fa3d9365c437861d4e4f4ee4c9aee7ff1c1735a4b43, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ca:54:14:88:97:70:2d:f1:d1:fe:36:19:74: 20:a7:db:4f:af:6b:9b:42:67:88:6e:dc:fb:51:a3: 16:99:71:91:e8:4a:fc:01:ad:e8:63:63:8e:c0:0f: b7:35:2b:ab:c4:58:3e:3f:34:07:82:45:90:b1:4f: c7:16:1d:70:6d:09:fd:b5:74:5c:c3:22:cb:40:7f: 24:a4:bb:a4:a7:4d:dd:c1:90:53:62:14:c9:d7:8c: 4d:75:70:03:4f:df:52:eb:f9:10:6c:85:8f:9c:99: 71:f3:11:f6:a4:76:8e:c6:20:e9:f2:29:b2:a1:af: 43:62:a8:4c:0f:88:e9:53:1d:93:09:89:a6:72:a6: 84:eb:9c:6e:66:d7:25:56:f7:b2:af:de:29:39:a9: 0e:7c:fe:0b:ef:fc:53:05:dc:72:2e:d9:3c:a0:cf: 3a:77:16:10:33:6b:c3:0a:09:26:35:7f:a9:f7:e3: f1:fd:8a:7a:71:40:42:e1:ab:9e:f8:76:3f:10:d3: f4:46:86:28:b8:7b:a6:51:de:db:27:73:d4:bf:37: 3d:8f:9f:6e:89:a5:7d:39:31:a0:cd:08:a6:bf:e5: 90:54:bc:f4:13:99:15:a5:82:d7:57:e0:c3:be:45: 53:8b:99:20:65:06:72:3e:47:94:43:0b:c8:b2:40: e4:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:C0:A0:EE:3B:58:0A:38:95:D7:03:85:7B:6F:56:D7:A0:CB:43:D6 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 1b:b2:ab:44:3d:e2:0d:80:78:38:b0:dd:3d:43:41:a0:3b:1c: cd:ca:e9:88:99:c3:19:72:e6:a6:ab:9b:a1:16:e4:76:fc:14: 58:b3:24:22:84:cd:bf:48:7c:fa:f8:a8:bd:87:b3:4f:46:09: f4:73:f8:fe:e4:98:ba:f0:77:46:be:0e:14:0a:8b:7c:eb:3b: 18:61:ad:f7:72:36:55:66:eb:dd:14:f4:a8:35:52:20:81:8f: f8:a6:57:26:1d:f3:ac:f0:20:3d:b5:32:70:50:a1:ef:81:ac: 5e:48:b5:b2:e9:0a:bc:cf:89:7f:20:df:5d:ea:ff:9d:4d:69: 83:e2:2d:ea:e1:ae:6c:3a:34:f9:0f:01:53:b1:2b:ea:69:11: a6:26:93:4e:de:f8:98:6f:80:cf:d7:6b:7a:72:2a:71:da:fe: 80:f1:79:68:65:b6:41:07:bb:a8:fc:60:ba:9b:6a:79:ba:f3: 4f:13:f1:69:9c:52:3f:aa:2c:71:57:31:1d:7b:cf:09:37:8e: 98:e6:b1:39:7e:b1:06:d8:26:11:a7:07:e0:c7:c9:e2:9d:7b: 88:05:9c:f5:c7:bc:04:95:4c:65:f4:86:82:fb:18:36:58:80: b9:72:61:59:83:00:70:8f:6e:bf:9e:a3:65:bb:16:95:dc:dd: 5c:cf:24:e7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBKZLBDM4IMxVCJplCJskdvV24YUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAzOFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAYjAyNDNkMWEzYTJiMDgxMTFlNjk3 ZmEzZDkzNjVjNDM3ODYxZDRlNGY0ZWU0YzlhZWU3ZmYxYzE3MzVhNGI0MzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApspUFIiXcC3x0f42GXQgp9tPr2ub QmeIbtz7UaMWmXGR6Er8Aa3oY2OOwA+3NSurxFg+PzQHgkWQsU/HFh1wbQn9tXRc wyLLQH8kpLukp03dwZBTYhTJ14xNdXADT99S6/kQbIWPnJlx8xH2pHaOxiDp8imy oa9DYqhMD4jpUx2TCYmmcqaE65xuZtclVveyr94pOakOfP4L7/xTBdxyLtk8oM86 dxYQM2vDCgkmNX+p9+Px/Yp6cUBC4aue+HY/ENP0RoYouHumUd7bJ3PUvzc9j59u iaV9OTGgzQimv+WQVLz0E5kVpYLXV+DDvkVTi5kgZQZyPkeUQwvIskDkrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFHAoO47WAo4ldcDhXtvVtegy0PWMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBABuyq0Q94g2AeDiw3T1D QaA7HM3K6YiZwxly5qarm6EW5Hb8FFizJCKEzb9IfPr4qL2Hs09GCfRz+P7kmLrw d0a+DhQKi3zrOxhhrfdyNlVm690U9Kg1UiCBj/imVyYd86zwID21MnBQoe+BrF5I tbLpCrzPiX8g313q/51NaYPiLerhrmw6NPkPAVOxK+ppEaYmk07e+JhvgM/Xa3py KnHa/oDxeWhltkEHu6j8YLqbanm6808T8WmcUj+qLHFXMR17zwk3jpjmsTl+sQbY JhGnB+DHyeKde4gFnPXHvASVTGX0hoL7GDZYgLlyYVmDAHCPbr+eo2W7FpXc3VzP JOc= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:09 2025 by rpki-client