$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json) Hash identifier: EVyhILIVcTnbbz1cWVy3C1xLZ6Ez+AEKTYiwDn7FZDg= Subject key identifier: 9C:CF:37:6B:98:4C:2A:B5:0A:8C:1A:FF:C9:B3:D4:77:B8:04:B7:F4 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2AC13D566821A4AC1DB0644811A061F09DB4279C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa Signing time: Fri 25 Apr 2025 00:00:31 +0000 ROA not before: Fri 25 Apr 2025 00:00:31 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:c1:3d:56:68:21:a4:ac:1d:b0:64:48:11:a0:61:f0:9d:b4:27:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:31 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=be46671d6417c0b560c0d07c83f350770583ddcb5e75aadca8a0549040cfc02b, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ef:ba:36:00:af:69:80:64:09:61:75:b3:89: d7:ce:da:ac:f9:c3:90:a1:fd:99:45:ec:84:9d:dd: ec:fd:d2:92:bd:b1:f4:3e:26:d7:7f:c4:f8:07:b9: d1:7f:eb:df:bc:dd:db:b4:7b:31:40:fc:c3:c0:1d: c7:0d:50:4e:d5:a8:cc:99:18:94:00:96:06:ea:30: 62:d5:74:61:6a:fa:bc:0e:38:da:e1:ac:b0:9f:92: 1f:e2:5d:d7:db:59:f6:b3:9f:4e:3d:33:7d:7c:2b: 7a:55:7e:e2:50:80:45:da:82:25:50:ee:11:03:28: 3a:4c:e8:ad:e6:12:21:58:47:63:64:e0:3f:a4:7b: 6b:67:e3:f7:b8:21:24:2d:9c:5a:50:77:72:45:6e: 1f:15:17:ef:f4:7a:bb:5f:8f:26:61:2f:07:37:8a: 4a:64:46:03:90:91:04:98:d9:8a:38:53:15:50:f9: 55:dc:db:04:cd:00:ea:99:a2:25:0e:ac:08:08:21: 62:e9:0f:ed:e0:04:c0:3d:75:e1:8f:00:a8:11:9b: 02:9d:dc:db:93:cb:15:81:e3:77:41:a3:09:4b:86: 5c:b4:a7:14:2a:7a:da:23:71:27:63:1b:0b:3b:1f: 07:04:47:a7:ec:fb:76:47:fb:5a:57:b1:7c:06:32: 31:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:CF:37:6B:98:4C:2A:B5:0A:8C:1A:FF:C9:B3:D4:77:B8:04:B7:F4 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 6e:70:7c:d2:35:61:d3:48:a4:ad:3c:bc:ec:7d:55:72:a2:26: 6a:75:c0:bc:ce:a9:60:75:8d:55:f4:66:ec:6e:07:51:16:88: e2:18:90:22:39:49:a7:a3:83:c9:4e:36:d5:53:6f:ac:35:10: 64:71:b8:af:97:b2:74:b2:97:af:1c:2a:38:1c:ce:1c:e0:9e: 6a:59:46:9f:ce:f5:a9:04:f0:31:bb:bb:f6:0e:f1:e8:71:c5: ec:1b:60:3e:ea:7d:ca:84:87:5d:21:56:fd:84:60:fb:fe:e3: 81:9a:d3:61:6d:9e:07:39:ce:bf:ab:ef:67:ae:cf:83:07:b8: ea:fb:e6:ce:9f:11:7f:b9:34:d7:b0:d8:bd:98:4b:19:36:40: c7:31:80:16:8a:17:2c:ec:a1:5c:6b:12:64:e7:0a:6d:20:95: 77:14:20:ac:4b:4e:fb:af:cf:e8:48:fa:b2:68:10:8b:8c:ea: 74:a6:a5:fd:75:e2:8b:b3:94:6c:ac:f3:1b:39:64:ec:18:f6: 75:73:5a:7b:a5:e3:11:63:11:2f:cc:e4:2e:c5:70:f8:93:e2: 94:21:62:e2:29:8c:8b:65:63:6e:b3:cb:e0:5e:0c:46:34:97: 78:89:74:d7:25:87:f1:79:d3:d8:19:82:54:dd:69:a8:bf:b7: 56:70:cd:27 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKsE9VmghpKwdsGRIEaBh8J20J5wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDAzMVoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAYmU0NjY3MWQ2NDE3YzBiNTYwYzBk MDdjODNmMzUwNzcwNTgzZGRjYjVlNzVhYWRjYThhMDU0OTA0MGNmYzAyYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu+6NgCvaYBkCWF1s4nXztqs+cOQ of2ZReyEnd3s/dKSvbH0PibXf8T4B7nRf+vfvN3btHsxQPzDwB3HDVBO1ajMmRiU AJYG6jBi1XRhavq8Djja4aywn5If4l3X21n2s59OPTN9fCt6VX7iUIBF2oIlUO4R Ayg6TOit5hIhWEdjZOA/pHtrZ+P3uCEkLZxaUHdyRW4fFRfv9Hq7X48mYS8HN4pK ZEYDkJEEmNmKOFMVUPlV3NsEzQDqmaIlDqwICCFi6Q/t4ATAPXXhjwCoEZsCndzb k8sVgeN3QaMJS4ZctKcUKnraI3EnYxsLOx8HBEen7Pt2R/taV7F8BjIxVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJzPN2uYTCq1Cowa/8mz1He4BLf0MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQBucHzSNWHTSKStPLzs fVVyoiZqdcC8zqlgdY1V9GbsbgdRFojiGJAiOUmno4PJTjbVU2+sNRBkcbivl7J0 spevHCo4HM4c4J5qWUafzvWpBPAxu7v2DvHoccXsG2A+6n3KhIddIVb9hGD7/uOB mtNhbZ4HOc6/q+9nrs+DB7jq++bOnxF/uTTXsNi9mEsZNkDHMYAWihcs7KFcaxJk 5wptIJV3FCCsS077r8/oSPqyaBCLjOp0pqX9deKLs5RsrPMbOWTsGPZ1c1p7peMR YxEvzOQuxXD4k+KUIWLiKYyLZWNus8vgXgxGNJd4iXTXJYfxedPYGYJU3Wmov7dW cM0n -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:10 2025 by rpki-client