$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa File: a3080b31-8684-4ce8-b4e6-33db63d13627.roa (raw, json) Hash identifier: uyQYvRzz4CPekOsruZ3LRZr5BhzwpgEfbEhDUTpzfcs= Subject key identifier: DB:5D:99:B2:DB:53:2A:28:41:AD:D6:6C:8C:3A:E5:1B:35:8C:E1:8C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2E4D14850B7AABAD19B8B0E82CC144B1D3929135 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa Signing time: Fri 25 Apr 2025 00:00:59 +0000 ROA not before: Fri 25 Apr 2025 00:00:59 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8060::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:4d:14:85:0b:7a:ab:ad:19:b8:b0:e8:2c:c1:44:b1:d3:92:91:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:59 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=4d94e71f13e95de6648c70890851123238081db1634420c5ddfa1a772044f6bc, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:e7:9c:02:9b:69:f9:9f:4d:16:ab:9b:93:35: 3b:e7:02:35:9b:fc:2c:7c:05:d5:bd:2c:3c:9d:ca: 9b:c6:92:d5:82:f6:40:1a:d5:02:34:aa:46:61:fd: 6f:92:3e:51:ab:93:b3:b2:39:ca:6e:d5:72:b0:f7: 47:54:d4:59:ce:3c:13:21:11:5c:49:6b:b2:f0:4c: be:29:d9:78:d8:d0:d3:54:17:f5:ff:8c:4e:9f:14: 96:a4:73:40:4a:28:72:ac:61:43:6b:53:2d:80:d1: 28:ea:dc:32:9f:7d:e4:d6:e5:0b:0a:28:f6:c7:75: 0e:ee:76:2c:79:12:b6:5c:b4:6e:59:9a:1b:df:ad: 98:16:f0:7d:62:4e:34:5f:14:54:ee:f3:ed:d2:3e: 36:00:fc:15:ce:51:a1:3f:a9:10:62:84:71:ef:1a: 97:87:3b:fd:25:55:f9:04:8f:cd:f8:7c:4a:74:79: e9:89:34:57:a8:34:b8:ad:0c:f0:91:d2:e7:11:67: f2:29:64:67:4a:b5:93:6e:8c:e6:80:64:6b:4e:b0: f2:24:e2:96:56:48:eb:4c:5a:69:2a:fa:16:d5:da: 4c:56:68:de:b3:3a:08:95:75:6e:00:06:b5:b0:5b: 52:6f:5b:a6:6c:34:c7:f9:15:a0:63:4a:a8:94:1c: 00:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:5D:99:B2:DB:53:2A:28:41:AD:D6:6C:8C:3A:E5:1B:35:8C:E1:8C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8060::/32 Signature Algorithm: sha256WithRSAEncryption ab:74:60:6c:5c:18:29:a7:ec:c3:72:ea:9e:3d:6b:87:7d:45: 85:00:8e:ba:d3:88:9a:e8:04:5f:40:25:32:71:55:0d:15:a3: 32:eb:ed:16:dd:39:4b:02:a8:86:52:c5:4c:87:f9:24:fb:d8: 72:76:c0:cf:34:49:66:c0:f9:75:84:97:12:2d:9e:ae:86:66: af:b0:7a:4a:fb:83:5d:56:c8:15:5f:46:2a:2b:df:ed:6c:23: 40:6b:7c:d6:b9:60:e6:67:67:6c:23:47:97:d5:f4:20:cd:9b: 8e:60:d0:a0:cb:1c:17:cc:d4:ad:1a:72:92:5f:7a:e1:3f:74: 21:c2:4c:49:7c:9b:da:fe:ab:ab:6e:c3:30:50:9b:51:6d:0d: c6:60:72:64:fd:5b:5f:35:6e:1d:fe:a0:31:3b:cd:00:ae:c9: d5:95:b0:fe:8b:fc:26:af:ab:75:1e:5c:0a:f5:78:e3:75:61: ac:d5:c5:2a:7b:0f:31:2e:19:a5:ad:94:9a:ea:75:9b:55:db: ce:3f:47:5d:f4:b2:64:f4:13:ad:48:dd:4c:57:64:68:ac:b6: 4e:19:dc:86:71:4d:3d:08:59:cd:d5:7e:af:76:77:e7:82:e6: 16:ac:52:09:73:61:e7:45:ab:3a:6c:77:8a:1f:59:72:0d:ed: ae:6a:82:06 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIULk0UhQt6q60ZuLDoLMFEsdOSkTUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA1OVoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNANGQ5NGU3MWYxM2U5NWRlNjY0OGM3 MDg5MDg1MTEyMzIzODA4MWRiMTYzNDQyMGM1ZGRmYTFhNzcyMDQ0ZjZiYzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieecAptp+Z9NFqubkzU75wI1m/ws fAXVvSw8ncqbxpLVgvZAGtUCNKpGYf1vkj5Rq5OzsjnKbtVysPdHVNRZzjwTIRFc SWuy8Ey+Kdl42NDTVBf1/4xOnxSWpHNASihyrGFDa1MtgNEo6twyn33k1uULCij2 x3UO7nYseRK2XLRuWZob362YFvB9Yk40XxRU7vPt0j42APwVzlGhP6kQYoRx7xqX hzv9JVX5BI/N+HxKdHnpiTRXqDS4rQzwkdLnEWfyKWRnSrWTbozmgGRrTrDyJOKW VkjrTFppKvoW1dpMVmjeszoIlXVuAAa1sFtSb1umbDTH+RWgY0qolBwAdQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNtdmbLbUyooQa3WbIw65Rs1jOGMMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzMDgwYjMxLTg2ODQtNGNlOC1iNGU2LTMzZGI2M2QxMzYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+AYDANBgkqhkiG9w0BAQsFAAOCAQEAq3RgbFwYKafsw3Lqnj1r h31FhQCOutOImugEX0AlMnFVDRWjMuvtFt05SwKohlLFTIf5JPvYcnbAzzRJZsD5 dYSXEi2eroZmr7B6SvuDXVbIFV9GKivf7WwjQGt81rlg5mdnbCNHl9X0IM2bjmDQ oMscF8zUrRpykl964T90IcJMSXyb2v6rq27DMFCbUW0NxmByZP1bXzVuHf6gMTvN AK7J1ZWw/ov8Jq+rdR5cCvV443VhrNXFKnsPMS4Zpa2Umup1m1Xbzj9HXfSyZPQT rUjdTFdkaKy2ThnchnFNPQhZzdV+r3Z354LmFqxSCXNh50WrOmx3ih9Zcg3trmqC Bg== -----END CERTIFICATE-----Generated at Sat Apr 26 08:24:57 2025 by rpki-client