$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa File: f54cd21d-ebef-4509-8295-1f7547d0d717.roa (raw, json) Hash identifier: y1zR3+ySxGJTAYjdHBGJsEbqCnsQjoP0uIRhbCls8fM= Subject key identifier: 62:F4:5D:08:54:83:69:DD:76:5E:15:7B:BD:ED:A8:5C:EC:71:6F:B2 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4494822B3CD900E8C43D49B729E1313417D4E04D Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa Signing time: Sat 14 Jun 2025 00:00:17 +0000 ROA not before: Sat 14 Jun 2025 00:00:17 +0000 ROA not after: Sat 19 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:94:82:2b:3c:d9:00:e8:c4:3d:49:b7:29:e1:31:34:17:d4:e0:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Jun 14 00:00:17 2025 GMT Not After : Jul 19 23:59:59 2025 GMT Subject: serialNumber=d37b4885a9568f25b7cb376b9e8220b9c761c7aca9e0a04d5036c8e56382ae29, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:50:81:97:a7:07:9e:77:e6:c9:90:19:3b:0c: 62:d7:e3:f1:11:60:da:e1:d0:25:86:49:95:a8:3f: 80:ea:e2:80:11:56:c6:9c:36:be:7c:88:56:23:fd: 6f:ab:51:d6:3c:75:cc:87:44:95:7d:ab:0c:00:43: 72:fc:59:98:cc:06:d2:77:e7:fd:98:5b:a3:8e:44: 29:6e:fb:2e:43:da:dc:93:e2:ff:a7:16:c0:73:cf: d3:6c:4e:ea:ba:82:b4:db:4a:b6:16:b9:99:c4:29: 61:e5:d0:9c:41:1f:c4:b0:2f:66:a5:f8:a8:9a:6d: 37:a3:c0:f7:c4:03:c9:28:73:06:b1:44:b7:80:bc: 20:af:a5:c8:79:b1:fd:40:bc:59:53:c0:e9:4b:97: 2d:4f:ab:c8:6d:1c:b5:75:99:7e:f0:a4:17:87:68: 46:33:be:0f:a4:38:f1:9d:39:20:ce:8f:6c:a4:9c: 8b:2b:46:02:82:81:a1:7b:29:47:05:01:ad:2c:db: c6:e6:92:ba:53:51:35:f8:27:a6:ce:61:30:07:32: 68:ba:7e:f0:f7:cf:6f:19:0f:68:28:3a:8e:32:cd: 31:d5:f9:31:f6:99:2c:cc:e9:f2:c4:49:1d:22:d9: 13:a9:58:21:22:86:fe:35:d7:12:88:1f:25:d1:66: ea:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:F4:5D:08:54:83:69:DD:76:5E:15:7B:BD:ED:A8:5C:EC:71:6F:B2 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:400::/38 Signature Algorithm: sha256WithRSAEncryption 21:cc:b4:19:bc:31:d6:ac:56:1c:62:1d:f4:1f:f3:ee:53:bf: 2d:c4:1e:6a:bf:07:f1:b4:f1:47:cd:fe:22:71:03:67:5c:36: 0c:9a:22:b1:95:38:75:c9:d0:2b:91:92:d4:99:be:a9:68:cf: c3:33:96:ff:a6:86:b3:96:f9:3e:0c:6f:e2:fe:7c:3d:2b:a6: d4:3d:5b:74:21:0a:cc:4d:e6:d2:21:1f:da:1a:78:dc:2f:7f: 4b:e2:b7:60:ce:88:e9:43:42:9b:b0:7d:0f:1a:41:56:33:e0: 63:c3:2a:5d:a9:04:3b:99:48:c5:e3:a4:35:ba:0a:b2:3f:d9: ba:53:f5:6f:d7:91:e1:1e:9f:84:32:7d:2d:95:de:f5:09:b7: 40:32:80:7e:c3:60:06:ea:cd:33:ca:4d:74:b2:d4:c0:60:de: b1:4e:11:89:a5:0c:3f:94:03:f7:a4:3a:7b:f9:9f:e7:ce:04: 3c:8b:e2:f8:97:9b:b4:4c:5e:e6:27:ee:f0:d2:60:fd:bb:de: 44:24:83:77:f7:4f:06:7b:14:b2:0f:af:f0:e3:d0:65:81:c0: 6d:ad:b3:35:4d:0d:95:65:d6:0b:2d:45:e5:bb:84:31:f3:22: 6d:05:8d:92:94:fe:aa:2f:79:ad:3f:55:fe:49:ab:c1:da:3d: 37:59:43:86 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURJSCKzzZAOjEPUm3KeExNBfU4E0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDYxNDAwMDAxN1oX DTI1MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAZDM3YjQ4ODVhOTU2OGYyNWI3Y2Iz NzZiOWU4MjIwYjljNzYxYzdhY2E5ZTBhMDRkNTAzNmM4ZTU2MzgyYWUyOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1CBl6cHnnfmyZAZOwxi1+PxEWDa 4dAlhkmVqD+A6uKAEVbGnDa+fIhWI/1vq1HWPHXMh0SVfasMAENy/FmYzAbSd+f9 mFujjkQpbvsuQ9rck+L/pxbAc8/TbE7quoK020q2FrmZxClh5dCcQR/EsC9mpfio mm03o8D3xAPJKHMGsUS3gLwgr6XIebH9QLxZU8DpS5ctT6vIbRy1dZl+8KQXh2hG M74PpDjxnTkgzo9spJyLK0YCgoGheylHBQGtLNvG5pK6U1E1+CemzmEwBzJoun7w 989vGQ9oKDqOMs0x1fkx9pkszOnyxEkdItkTqVghIob+NdcSiB8l0WbqNQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGL0XQhUg2nddl4Ve73tqFzscW+yMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2Y1NGNkMjFkLWViZWYtNDUwOS04Mjk1LTFmNzU0N2QwZDcxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAQwDQYJKoZIhvcNAQELBQADggEBACHMtBm8MdasVhxiHfQf 8+5Tvy3EHmq/B/G08UfN/iJxA2dcNgyaIrGVOHXJ0CuRktSZvqloz8Mzlv+mhrOW +T4Mb+L+fD0rptQ9W3QhCsxN5tIhH9oaeNwvf0vit2DOiOlDQpuwfQ8aQVYz4GPD Kl2pBDuZSMXjpDW6CrI/2bpT9W/XkeEen4QyfS2V3vUJt0AygH7DYAbqzTPKTXSy 1MBg3rFOEYmlDD+UA/ekOnv5n+fOBDyL4viXm7RMXuYn7vDSYP273kQkg3f3TwZ7 FLIPr/Dj0GWBwG2tszVNDZVl1gstReW7hDHzIm0FjZKU/qovea0/Vf5Jq8HaPTdZ Q4Y= -----END CERTIFICATE-----Generated at Sat Jun 14 06:04:16 2025 by rpki-client