$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: /IwkgI1D8NkQNjrtqQE+DTElI9sVUsPsaPzz0mp6BHM= Subject key identifier: 2C:BD:3F:66:AA:24:5C:8A:05:07:C2:D4:23:1B:67:59:3F:63:A7:4D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3695A4B90A7F55000197AEC4608CCF7C335A68A1 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Fri 25 Apr 2025 00:00:36 +0000 ROA not before: Fri 25 Apr 2025 00:00:36 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:95:a4:b9:0a:7f:55:00:01:97:ae:c4:60:8c:cf:7c:33:5a:68:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:36 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=0b53a1727dcdf5569ebaf729861a0e5ab6825d96be847650ce53bdcb00b04518, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0d:a7:d6:95:1f:a3:0c:54:0f:16:9a:73:f9: 03:f1:c8:a5:1f:94:3a:9e:54:27:3a:9f:d8:e6:d7: 17:0f:fe:e1:5c:de:63:32:16:93:3c:f9:01:4b:6d: 59:e4:50:c0:4e:9b:0c:93:0e:39:6c:5a:ee:ca:9d: b5:bf:1c:e9:39:16:89:f6:5b:17:d6:10:e1:8a:eb: a4:84:ef:02:0e:2e:4d:01:f4:da:7b:76:a1:8b:89: aa:a0:f5:38:7e:d7:1f:45:90:07:2f:68:fa:8d:30: 71:25:0c:b7:b5:81:97:dd:76:40:62:c7:a2:9d:b6: 89:77:66:c1:0b:a4:d3:0e:e5:de:75:1b:f4:99:bc: 18:96:2c:de:73:30:69:4c:4c:98:6e:c9:b8:45:21: a7:a0:0a:19:b2:fb:f1:05:0f:93:a7:a2:44:2a:a9: f7:6e:68:a5:04:69:88:66:01:c7:c4:03:97:2b:6c: 16:d5:b7:f4:a9:11:c8:a4:65:69:a3:74:a7:05:85: 2b:c5:ed:32:16:51:c5:a9:47:68:04:4b:d8:96:93: 7b:f7:cf:ed:8a:a1:98:63:c5:f0:45:09:40:69:00: fc:49:c1:6b:03:8a:1b:9f:48:3f:7d:c1:8d:59:6b: 40:df:66:ed:af:01:f1:28:ee:91:d3:63:ce:89:2d: 0f:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:BD:3F:66:AA:24:5C:8A:05:07:C2:D4:23:1B:67:59:3F:63:A7:4D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption 0b:7b:00:7d:90:0f:33:04:e7:15:6e:49:e1:e5:eb:33:07:11: ad:8e:23:31:7d:2f:29:2d:2c:c3:d9:98:81:85:16:cf:ab:64: 7c:a6:c5:c1:e3:12:d0:b9:a4:88:a7:c1:5b:f2:d2:d3:39:03: f0:1f:c9:29:e1:ab:40:ec:ac:be:eb:ee:f6:7d:e7:59:e7:26: a9:1a:34:89:9e:af:e8:05:da:1c:fe:69:01:83:bd:09:5b:19: 65:2c:88:8e:e8:38:71:ce:cc:4c:0b:91:c7:a0:bc:27:b5:e5: d2:6c:b6:6f:d9:c2:c9:41:aa:2f:54:7f:09:19:19:cd:c1:7a: 63:4e:e9:ef:8a:dc:81:cd:4b:19:da:23:50:0a:15:92:d7:74: d3:ad:e4:f6:91:3a:45:5b:5c:eb:85:72:25:73:0b:bd:05:2c: 48:a3:f4:b2:cd:85:e8:1a:1c:8f:93:63:12:7b:9f:3a:ba:b6: 89:6e:48:b9:d5:11:89:3e:53:da:23:7b:bf:de:17:79:bb:c2: 0d:de:16:6a:8c:d8:dd:1e:4f:1b:87:23:e7:f2:79:8d:1e:45: b1:9d:da:9a:2b:42:3d:ae:b7:57:98:f8:40:5b:11:30:18:e5: 07:33:ff:fd:4d:52:20:cf:20:dc:5b:fb:ce:8d:d5:2d:51:d4: 72:a7:2a:3e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNpWkuQp/VQABl67EYIzPfDNaaKEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAzNloX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMGI1M2ExNzI3ZGNkZjU1NjllYmFm NzI5ODYxYTBlNWFiNjgyNWQ5NmJlODQ3NjUwY2U1M2JkY2IwMGIwNDUxODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw2n1pUfowxUDxaac/kD8cilH5Q6 nlQnOp/Y5tcXD/7hXN5jMhaTPPkBS21Z5FDATpsMkw45bFruyp21vxzpORaJ9lsX 1hDhiuukhO8CDi5NAfTae3ahi4mqoPU4ftcfRZAHL2j6jTBxJQy3tYGX3XZAYsei nbaJd2bBC6TTDuXedRv0mbwYlizeczBpTEyYbsm4RSGnoAoZsvvxBQ+Tp6JEKqn3 bmilBGmIZgHHxAOXK2wW1bf0qRHIpGVpo3SnBYUrxe0yFlHFqUdoBEvYlpN798/t iqGYY8XwRQlAaQD8ScFrA4obn0g/fcGNWWtA32btrwHxKO6R02POiS0PYwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCy9P2aqJFyKBQfC1CMbZ1k/Y6dNMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBAAt7AH2QDzME5xVuSeHl 6zMHEa2OIzF9LyktLMPZmIGFFs+rZHymxcHjEtC5pIinwVvy0tM5A/AfySnhq0Ds rL7r7vZ951nnJqkaNImer+gF2hz+aQGDvQlbGWUsiI7oOHHOzEwLkcegvCe15dJs tm/ZwslBqi9UfwkZGc3BemNO6e+K3IHNSxnaI1AKFZLXdNOt5PaROkVbXOuFciVz C70FLEij9LLNhegaHI+TYxJ7nzq6toluSLnVEYk+U9oje7/eF3m7wg3eFmqM2N0e TxuHI+fyeY0eRbGd2porQj2ut1eY+EBbETAY5Qcz//1NUiDPINxb+86N1S1R1HKn Kj4= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:03 2025 by rpki-client