$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ab4ad185-2bfb-4281-9e23-00a2ab4b6e8f.roa File: ab4ad185-2bfb-4281-9e23-00a2ab4b6e8f.roa (raw, json) Hash identifier: JKTXGLK5A4TYrPAWrnmjqdHxL9mPdpnv8zb2Ihu80gY= Subject key identifier: AB:F4:2B:FE:99:BD:DF:D3:0C:79:D9:B2:46:70:E6:76:47:2D:C2:A7 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 46F5049EF57C9CFBFB7D8B31796940B479A6CD25 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ab4ad185-2bfb-4281-9e23-00a2ab4b6e8f.roa Signing time: Fri 25 Apr 2025 00:00:30 +0000 ROA not before: Fri 25 Apr 2025 00:00:30 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:f5:04:9e:f5:7c:9c:fb:fb:7d:8b:31:79:69:40:b4:79:a6:cd:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:30 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=bba1d699921a751ece99cac64756f7e82cd53dfd050ffadb1c17ea6166e4a305, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3c:5e:9e:39:55:ae:83:ed:9d:7f:cf:7e:83: fc:f1:d4:10:03:d4:41:be:50:67:b6:3c:f4:b3:24: 38:70:37:ee:00:7b:47:c4:ab:f8:9d:73:51:5f:65: 3f:e0:20:ac:be:02:bf:0c:48:d9:24:f4:25:c6:aa: 7d:34:7a:f0:47:d1:13:17:94:3a:ec:eb:d3:27:a2: b1:f8:5e:5e:9c:76:3b:a1:0f:07:af:2c:ba:e9:86: 0e:af:b4:1d:35:1c:90:85:f3:43:2f:ef:6b:3f:e2: 18:24:83:ae:1c:a7:8d:31:e1:78:b0:6f:0a:ad:73: de:73:a2:55:ef:17:78:b3:af:11:20:b1:5b:44:14: 20:ff:af:29:fd:25:ec:f4:a1:0f:58:8d:09:53:18: d7:ab:28:9d:a7:d9:ae:c7:58:c0:70:c7:5a:47:94: 18:75:16:3d:6c:3d:6d:28:f5:66:3d:55:19:e8:06: 69:6d:b0:05:fb:58:6a:55:c3:ab:1c:2c:cb:b5:f1: 2b:e0:d2:b3:45:e0:f0:74:fd:fe:58:d4:16:cc:f0: e0:5f:b0:91:c4:e9:5e:53:ec:ef:b4:33:be:3e:e1: f6:f1:09:7f:cb:ef:ba:15:1c:16:cc:88:a4:38:5b: b2:f3:41:b2:b1:37:77:4f:a7:1b:f1:28:2a:24:bb: e0:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:F4:2B:FE:99:BD:DF:D3:0C:79:D9:B2:46:70:E6:76:47:2D:C2:A7 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ab4ad185-2bfb-4281-9e23-00a2ab4b6e8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8020::/48 Signature Algorithm: sha256WithRSAEncryption 01:43:9b:d3:d5:78:10:d3:7a:8c:c6:15:13:19:7e:30:1e:6c: 80:e3:42:d7:f1:6e:80:af:62:fc:f6:00:1d:af:0e:9f:52:07: 4e:5c:08:52:92:30:94:2f:1a:7a:3e:e9:a4:8a:e5:3f:dd:b2: dd:f2:13:10:f2:42:2f:52:cb:93:df:52:5c:02:86:5b:94:66: 78:bf:9a:fa:cd:97:df:81:75:eb:42:84:f5:c1:df:24:cc:27: 50:3e:12:9d:ba:d3:49:48:4d:43:11:d2:a4:80:65:6b:1b:37: 0a:1b:d8:e0:ed:fa:6a:58:d1:6e:c0:31:1a:d2:42:1e:d0:e0: 28:87:da:ea:52:b0:b0:b7:08:86:a9:4f:f9:5a:07:de:96:b0: c5:89:f8:0c:1f:3b:c8:15:a3:7f:a4:a2:49:aa:05:53:41:c6: 2e:92:b5:4f:ee:0d:a3:ae:6c:29:d3:38:6a:e3:eb:f8:32:d2: 55:b1:a3:b3:cc:f7:24:50:65:39:42:3e:ed:97:d2:6e:03:5d: cf:ea:d6:8e:e4:e4:21:0b:dd:f0:64:29:75:8e:d3:60:19:e8: a3:70:00:fa:ff:37:d6:b5:b6:96:07:e6:a1:4d:c6:96:4b:15: 32:4f:c3:9b:b6:1c:5b:d9:0d:76:1f:7a:35:c7:d1:87:ed:8d: 9b:10:74:c3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURvUEnvV8nPv7fYsxeWlAtHmmzSUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAzMFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAYmJhMWQ2OTk5MjFhNzUxZWNlOTlj YWM2NDc1NmY3ZTgyY2Q1M2RmZDA1MGZmYWRiMWMxN2VhNjE2NmU0YTMwNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTxenjlVroPtnX/PfoP88dQQA9RB vlBntjz0syQ4cDfuAHtHxKv4nXNRX2U/4CCsvgK/DEjZJPQlxqp9NHrwR9ETF5Q6 7OvTJ6Kx+F5enHY7oQ8Hryy66YYOr7QdNRyQhfNDL+9rP+IYJIOuHKeNMeF4sG8K rXPec6JV7xd4s68RILFbRBQg/68p/SXs9KEPWI0JUxjXqyidp9mux1jAcMdaR5QY dRY9bD1tKPVmPVUZ6AZpbbAF+1hqVcOrHCzLtfEr4NKzReDwdP3+WNQWzPDgX7CR xOleU+zvtDO+PuH28Ql/y++6FRwWzIikOFuy80GysTd3T6cb8SgqJLvgDQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKv0K/6Zvd/TDHnZskZw5nZHLcKnMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2FiNGFkMTg1LTJiZmItNDI4MS05ZTIzLTAwYTJhYjRiNmU4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4AgMA0GCSqGSIb3DQEBCwUAA4IBAQABQ5vT1XgQ03qMxhUT GX4wHmyA40LX8W6Ar2L89gAdrw6fUgdOXAhSkjCULxp6PumkiuU/3bLd8hMQ8kIv UsuT31JcAoZblGZ4v5r6zZffgXXrQoT1wd8kzCdQPhKdutNJSE1DEdKkgGVrGzcK G9jg7fpqWNFuwDEa0kIe0OAoh9rqUrCwtwiGqU/5WgfelrDFifgMHzvIFaN/pKJJ qgVTQcYukrVP7g2jrmwp0zhq4+v4MtJVsaOzzPckUGU5Qj7tl9JuA13P6taO5OQh C93wZCl1jtNgGeijcAD6/zfWtbaWB+ahTcaWSxUyT8Obthxb2Q12H3o1x9GH7Y2b EHTD -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:08 2025 by rpki-client