$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa File: f54cd21d-ebef-4509-8295-1f7547d0d717.roa (raw, json) Hash identifier: aC6XTrzsvbsZdGepRW0SvYisDEX+L7SBcaMpP6tJPx4= Subject key identifier: DE:F9:D5:C9:41:7B:64:E5:89:9E:07:5F:11:B6:40:55:01:13:D5:23 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 74A59121F1ACB0143E23DA920D66A00AABC8C8D3 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa Signing time: Fri 25 Apr 2025 00:00:41 +0000 ROA not before: Fri 25 Apr 2025 00:00:41 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:a5:91:21:f1:ac:b0:14:3e:23:da:92:0d:66:a0:0a:ab:c8:c8:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:41 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=8e90c7e06494ddc0b4b7d855529cc34188d81317e0fdc8f53c421d572848d7ea, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:f2:21:58:39:6e:4b:da:c6:ce:8a:63:77:ec: 39:e1:f5:a4:fa:8d:cb:95:a1:88:33:3f:1a:97:be: 23:53:f6:2b:c1:cb:50:c9:eb:07:f8:47:e3:dd:e7: 13:44:d6:a9:b7:8e:e1:75:e9:f0:1c:46:11:0e:39: 5e:0b:b4:21:85:c3:f5:7f:f6:d7:fe:b6:2c:ac:c5: a4:5d:9b:cd:fe:1b:98:b3:9d:56:96:b9:83:8f:c2: 35:d0:a6:ec:6c:12:59:b8:3b:54:aa:cd:44:f9:76: cb:26:8e:6f:69:9f:ee:e1:80:35:e7:2a:42:1f:1b: 0d:9f:10:a6:c5:69:69:1d:57:5d:17:86:46:aa:bd: ec:db:3f:8d:3d:7c:b2:67:eb:88:1b:9c:66:10:f3: f7:37:10:ef:7e:7d:71:ab:95:99:7b:26:1b:ab:8c: 05:b4:88:ad:11:93:0c:b4:34:47:89:16:b8:71:9b: 15:f0:d9:d3:df:2d:50:0d:15:ab:da:16:33:9c:20: 28:f5:a9:f0:75:19:60:8b:56:c7:af:09:1a:f1:6a: 8e:5e:ce:88:80:4d:84:8c:b7:11:d6:3a:21:6c:2e: 27:28:d0:b5:d4:63:51:1e:b8:ee:f0:10:89:a3:a4: 61:61:c9:da:44:77:6e:95:c9:a3:45:e2:86:88:e7: 02:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:F9:D5:C9:41:7B:64:E5:89:9E:07:5F:11:B6:40:55:01:13:D5:23 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:400::/38 Signature Algorithm: sha256WithRSAEncryption 72:70:dd:85:4b:80:5e:32:ce:c1:9b:f3:fe:09:7c:c4:c2:a4: c2:6c:9b:17:f2:e1:99:5d:8e:1d:f4:73:26:0d:db:e7:21:c1: 5d:bd:ec:5a:42:0d:f3:15:f5:fd:e0:18:ca:34:ea:84:9d:8b: d6:de:77:99:9e:34:c0:5e:6a:4f:af:0d:c3:d1:f1:a3:21:b9: 44:ce:c1:37:bc:1c:4a:46:c0:a5:87:ac:74:1b:95:97:74:af: bc:9d:da:76:7e:fc:22:9f:bd:ac:c6:82:1a:ab:d6:5e:4b:04: 43:f3:96:48:1b:8b:30:1a:3f:c1:b9:ef:4f:b9:20:02:61:c7: a2:61:f5:c6:7c:58:bd:5b:12:48:68:c7:1f:d6:40:21:9d:de: e3:bc:ed:f6:99:30:c4:a1:f6:1d:9c:ff:0b:a3:c0:3d:c4:a3: 55:cd:65:f3:84:e1:35:eb:82:64:be:3c:df:00:44:62:03:80: fb:ed:d1:30:1e:4c:17:93:e0:b0:af:c7:91:df:2c:00:0e:dd: c6:2b:a8:0f:3b:ae:5a:53:0d:6f:d5:1a:30:f5:ae:a3:60:ec: b7:9b:b7:b9:4d:f1:02:7f:70:c7:2c:45:c1:0b:e6:f3:10:0b: e4:a8:28:32:ef:12:2f:a2:83:8d:11:f9:19:24:9c:e3:0c:0e: c1:a9:10:65 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdKWRIfGssBQ+I9qSDWagCqvIyNMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA0MVoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAOGU5MGM3ZTA2NDk0ZGRjMGI0Yjdk ODU1NTI5Y2MzNDE4OGQ4MTMxN2UwZmRjOGY1M2M0MjFkNTcyODQ4ZDdlYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPIhWDluS9rGzopjd+w54fWk+o3L laGIMz8al74jU/YrwctQyesH+Efj3ecTRNapt47hdenwHEYRDjleC7QhhcP1f/bX /rYsrMWkXZvN/huYs51WlrmDj8I10KbsbBJZuDtUqs1E+XbLJo5vaZ/u4YA15ypC HxsNnxCmxWlpHVddF4ZGqr3s2z+NPXyyZ+uIG5xmEPP3NxDvfn1xq5WZeyYbq4wF tIitEZMMtDRHiRa4cZsV8NnT3y1QDRWr2hYznCAo9anwdRlgi1bHrwka8WqOXs6I gE2EjLcR1johbC4nKNC11GNRHrju8BCJo6RhYcnaRHdulcmjReKGiOcCVQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN751clBe2TliZ4HXxG2QFUBE9UjMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2Y1NGNkMjFkLWViZWYtNDUwOS04Mjk1LTFmNzU0N2QwZDcxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAQwDQYJKoZIhvcNAQELBQADggEBAHJw3YVLgF4yzsGb8/4J fMTCpMJsmxfy4Zldjh30cyYN2+chwV297FpCDfMV9f3gGMo06oSdi9bed5meNMBe ak+vDcPR8aMhuUTOwTe8HEpGwKWHrHQblZd0r7yd2nZ+/CKfvazGghqr1l5LBEPz lkgbizAaP8G570+5IAJhx6Jh9cZ8WL1bEkhoxx/WQCGd3uO87faZMMSh9h2c/wuj wD3Eo1XNZfOE4TXrgmS+PN8ARGIDgPvt0TAeTBeT4LCvx5HfLAAO3cYrqA87rlpT DW/VGjD1rqNg7Lebt7lN8QJ/cMcsRcEL5vMQC+SoKDLvEi+ig40R+RkknOMMDsGp EGU= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:03 2025 by rpki-client