$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa File: baa1273d-7883-4b5d-8e1c-23ebac490846.roa (raw, json) Hash identifier: 8TiEcXcRWrISVjeCdGdYJ2vIgbAzzXOANY4PAm6Gx0s= Subject key identifier: 3C:55:86:76:CE:58:9B:D8:18:D3:45:21:1C:FB:CD:0D:84:C7:61:B2 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 459038C9FAAF7BD9D5FFFFD3989839DE200910AF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa Signing time: Fri 25 Apr 2025 00:00:34 +0000 ROA not before: Fri 25 Apr 2025 00:00:34 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:90:38:c9:fa:af:7b:d9:d5:ff:ff:d3:98:98:39:de:20:09:10:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:34 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=36b0bb1a30c32610d0df8a568ec9173ae038c6e00e6a30b819efd3e7e1d05764, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f1:a2:de:1e:db:c5:d2:ae:04:83:fc:5e:28: 8e:01:1e:98:67:85:be:d5:51:87:c6:eb:ba:42:dc: f8:78:d2:a4:b6:67:a1:07:54:53:2b:0d:78:5b:65: 8f:b2:a5:dd:9d:a4:d2:c7:03:dd:a7:35:60:cf:d4: d7:19:0e:cb:1f:55:1d:4d:fc:44:32:4b:ca:6c:06: 55:ff:ee:05:80:f6:72:f5:80:ba:b2:a9:d2:76:72: c3:38:7f:27:ac:38:44:98:08:a7:4b:d7:6f:e2:75: 2a:e6:5f:58:11:c6:6f:20:47:f8:99:65:8c:4e:dd: aa:78:e8:3b:45:b1:6d:da:34:21:59:5d:ce:c3:39: 57:d8:b3:c7:f4:63:13:cd:b3:f4:f6:36:f0:25:38: 39:cf:5f:70:bb:cd:fe:1a:2b:5c:e2:cc:b1:9c:69: 8d:ee:b1:6d:8b:df:cd:e7:ab:0b:20:d8:3b:15:2e: 1f:8a:a6:05:77:3b:8b:5f:ed:e1:87:e3:90:12:f0: 8e:b7:e6:c8:08:7e:95:ad:fd:4b:9b:a8:95:91:5a: e0:2b:ce:c1:d8:2a:8a:e5:04:a3:21:e6:34:e0:1c: 26:4b:34:06:04:7d:78:1a:58:c7:11:da:f3:2c:a1: 62:32:46:40:77:26:43:44:17:05:6c:ef:e9:8a:0c: f4:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:55:86:76:CE:58:9B:D8:18:D3:45:21:1C:FB:CD:0D:84:C7:61:B2 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4040::/48 Signature Algorithm: sha256WithRSAEncryption 71:c3:11:8a:19:52:ed:ca:2e:20:c7:b1:8a:cd:03:e8:1b:dc: 94:3a:8a:d1:7b:35:8c:bc:7b:73:76:10:c9:8c:8b:9b:1d:a3: 75:99:25:91:58:9a:fc:86:35:63:ab:80:da:10:3c:23:c4:68: 07:88:7f:80:04:48:95:c2:7a:b4:3f:3c:2e:31:49:6b:8e:17: 2a:4e:e6:44:3e:4c:7b:bf:a1:84:e9:2d:37:93:d0:b0:d3:8c: c4:28:c4:bb:80:b7:34:fb:63:20:2b:b6:cd:e2:42:ad:1c:8d: 24:5e:d0:3f:a1:c3:58:96:99:91:b1:f2:75:5e:aa:ad:fc:63: ca:b4:25:0d:22:d2:52:ea:39:0b:4e:16:4f:9b:12:e4:33:8d: 95:b5:8f:2a:50:84:1f:51:53:82:e6:cb:14:d2:b5:61:58:58: e4:e2:58:64:ab:a2:95:0b:dd:24:19:96:9a:1d:70:25:6a:73: 51:6c:18:66:cd:e0:93:5f:c3:1f:44:28:27:6b:8b:7c:55:3b: c7:d6:7d:17:e8:82:8c:07:8c:de:39:73:85:0f:5a:8c:f2:0c: b0:16:fe:4d:a0:aa:f2:ed:f5:9f:38:30:3a:d8:66:25:fa:0a: 3c:82:e3:a4:d9:6a:ca:00:0a:fa:5f:bb:53:85:63:40:e8:65: 70:85:9d:8a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURZA4yfqve9nV///TmJg53iAJEK8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAzNFoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMzZiMGJiMWEzMGMzMjYxMGQwZGY4 YTU2OGVjOTE3M2FlMDM4YzZlMDBlNmEzMGI4MTllZmQzZTdlMWQwNTc2NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvGi3h7bxdKuBIP8XiiOAR6YZ4W+ 1VGHxuu6Qtz4eNKktmehB1RTKw14W2WPsqXdnaTSxwPdpzVgz9TXGQ7LH1UdTfxE MkvKbAZV/+4FgPZy9YC6sqnSdnLDOH8nrDhEmAinS9dv4nUq5l9YEcZvIEf4mWWM Tt2qeOg7RbFt2jQhWV3OwzlX2LPH9GMTzbP09jbwJTg5z19wu83+Gitc4syxnGmN 7rFti9/N56sLINg7FS4fiqYFdzuLX+3hh+OQEvCOt+bICH6Vrf1Lm6iVkVrgK87B 2CqK5QSjIeY04BwmSzQGBH14GljHEdrzLKFiMkZAdyZDRBcFbO/pigz0FQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDxVhnbOWJvYGNNFIRz7zQ2Ex2GyMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2JhYTEyNzNkLTc4ODMtNGI1ZC04ZTFjLTIzZWJhYzQ5MDg0Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0BAMA0GCSqGSIb3DQEBCwUAA4IBAQBxwxGKGVLtyi4gx7GK zQPoG9yUOorRezWMvHtzdhDJjIubHaN1mSWRWJr8hjVjq4DaEDwjxGgHiH+ABEiV wnq0PzwuMUlrjhcqTuZEPkx7v6GE6S03k9Cw04zEKMS7gLc0+2MgK7bN4kKtHI0k XtA/ocNYlpmRsfJ1Xqqt/GPKtCUNItJS6jkLThZPmxLkM42VtY8qUIQfUVOC5ssU 0rVhWFjk4lhkq6KVC90kGZaaHXAlanNRbBhmzeCTX8MfRCgna4t8VTvH1n0X6IKM B4zeOXOFD1qM8gywFv5NoKry7fWfODA62GYl+go8guOk2WrKAAr6X7tThWNA6GVw hZ2K -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:03 2025 by rpki-client