$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa File: c7b491e4-76ae-4305-8132-a670b41c66fd.roa (raw, json) Hash identifier: DMBobPcdPWWgfTSAxElkrgtyeTXWzBshP0YigAL0EVc= Subject key identifier: 09:A4:4A:59:B2:65:1F:89:91:C7:EE:23:3F:61:A8:7F:70:6E:B9:25 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2CBCD7C2BB4946A982056492AE7CBDA337CA1FD9 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa Signing time: Fri 25 Apr 2025 00:00:32 +0000 ROA not before: Fri 25 Apr 2025 00:00:32 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:bc:d7:c2:bb:49:46:a9:82:05:64:92:ae:7c:bd:a3:37:ca:1f:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:32 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=22fd4f25c213c34c972697ff803be9ab1af1f6ae1b8c0ee0387478b5c9767be0, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:69:df:67:98:2b:a9:13:a0:db:8a:1a:de:0b: f1:7a:3e:4b:cb:80:9d:6b:14:97:c9:1b:53:cd:4e: c7:af:5f:1a:10:89:09:ba:d5:86:21:7d:64:63:dd: 02:68:32:5e:fb:f8:25:d0:c1:66:1b:98:c9:92:67: 88:fd:a7:b8:f4:db:26:cc:40:29:10:79:3d:7c:43: 48:98:c5:82:49:50:f7:0b:bd:a3:e2:23:f0:e5:58: 83:52:79:a6:c8:f8:68:f1:f1:8b:e1:76:5e:cf:ad: 48:de:1b:cc:b8:34:77:b3:07:a9:46:ba:ef:07:49: a8:f7:a0:0e:1b:08:fb:6c:76:4c:16:0f:79:1d:6a: 03:32:f4:5b:fc:70:f6:5c:f5:d1:d7:5f:e8:2e:2f: 1a:ab:71:2e:2d:3a:6d:9e:66:4f:41:98:26:5d:d6: ca:4f:cb:36:d0:e4:61:7c:33:47:49:b7:21:75:a2: b1:d6:c0:8f:cf:f7:04:29:b5:32:6d:45:01:b3:75: dc:44:be:4a:7c:eb:8a:c3:88:f2:28:89:45:fc:1f: e6:21:5e:20:b9:ce:c8:02:b8:fd:27:18:bd:64:ab: c5:af:ec:ca:fd:a1:3c:af:4d:0a:1e:e5:70:b1:ea: c8:bb:0a:3a:99:68:66:ba:9d:ba:e4:b2:11:f3:43: 9d:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:A4:4A:59:B2:65:1F:89:91:C7:EE:23:3F:61:A8:7F:70:6E:B9:25 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4000::/40 Signature Algorithm: sha256WithRSAEncryption 8e:f1:86:c2:32:5e:4e:14:c4:72:4f:b2:db:68:f3:d7:7c:3d: ea:f8:90:54:8c:35:ad:6d:e6:23:40:cc:4e:52:48:8e:6c:be: c8:01:a9:99:bc:09:31:5c:e0:0a:3d:b6:8a:73:8b:f5:c0:c9: 00:46:25:1a:ba:1b:85:5b:69:07:0d:8a:6f:d1:e4:4f:ac:18: e3:84:42:74:6a:79:e6:14:70:36:06:67:c7:32:31:ff:f5:a9: c8:a8:82:52:f6:d9:68:31:ac:f4:90:44:73:4b:4e:ca:90:1b: c7:8c:f5:00:bf:7c:04:bd:67:3a:b0:e2:41:43:b1:7d:64:46: a2:cd:d1:8d:ed:0e:f5:ca:a0:dd:b3:ca:04:86:f3:95:30:b9: ea:9b:f6:5c:d5:8b:b2:96:02:ec:87:4e:29:5f:05:47:29:cf: 1c:28:3f:9a:d3:70:59:3a:05:de:39:6b:33:4c:ba:d3:bf:8b: a1:ff:4a:59:5f:9f:0e:dd:7f:eb:d9:4c:29:e4:3e:57:46:30: c5:92:7e:2a:76:11:c0:ce:ff:d5:50:d3:9f:87:09:4b:53:4d: a6:88:03:02:95:8f:da:59:07:59:9c:a1:c4:e0:9d:e2:7a:d7: 4a:91:c5:8c:6a:1c:8f:59:8d:36:13:7d:68:23:7c:55:e8:18: ce:dc:24:5e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULLzXwrtJRqmCBWSSrny9ozfKH9kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAzMloX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMjJmZDRmMjVjMjEzYzM0Yzk3MjY5 N2ZmODAzYmU5YWIxYWYxZjZhZTFiOGMwZWUwMzg3NDc4YjVjOTc2N2JlMDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGnfZ5grqROg24oa3gvxej5Ly4Cd axSXyRtTzU7Hr18aEIkJutWGIX1kY90CaDJe+/gl0MFmG5jJkmeI/ae49NsmzEAp EHk9fENImMWCSVD3C72j4iPw5ViDUnmmyPho8fGL4XZez61I3hvMuDR3swepRrrv B0mo96AOGwj7bHZMFg95HWoDMvRb/HD2XPXR11/oLi8aq3EuLTptnmZPQZgmXdbK T8s20ORhfDNHSbchdaKx1sCPz/cEKbUybUUBs3XcRL5KfOuKw4jyKIlF/B/mIV4g uc7IArj9Jxi9ZKvFr+zK/aE8r00KHuVwserIuwo6mWhmup265LIR80OdYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAmkSlmyZR+JkcfuIz9hqH9wbrklMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3YjQ5MWU0LTc2YWUtNDMwNS04MTMyLWE2NzBiNDFjNjZmZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBAI7xhsIyXk4UxHJPstto 89d8Per4kFSMNa1t5iNAzE5SSI5svsgBqZm8CTFc4Ao9topzi/XAyQBGJRq6G4Vb aQcNim/R5E+sGOOEQnRqeeYUcDYGZ8cyMf/1qcioglL22WgxrPSQRHNLTsqQG8eM 9QC/fAS9Zzqw4kFDsX1kRqLN0Y3tDvXKoN2zygSG85Uwueqb9lzVi7KWAuyHTilf BUcpzxwoP5rTcFk6Bd45azNMutO/i6H/Sllfnw7df+vZTCnkPldGMMWSfip2EcDO /9VQ05+HCUtTTaaIAwKVj9pZB1mcocTgneJ610qRxYxqHI9ZjTYTfWgjfFXoGM7c JF4= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:00 2025 by rpki-client