$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa File: fcc4293c-b24f-4fac-9395-546f748b3b13.roa (raw, json) Hash identifier: a0UAijZ+8EHGKdSyz1lwjraINvjgJwtJ4GR2d4LV3vI= Subject key identifier: 31:98:0B:9F:AE:5B:9C:83:30:F7:E0:B0:E9:D6:08:2D:90:4E:79:69 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 187A8629D82DEFD5BDCEEC3EE7259469AAD0A4BF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa Signing time: Fri 25 Apr 2025 00:00:45 +0000 ROA not before: Fri 25 Apr 2025 00:00:45 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:7a:86:29:d8:2d:ef:d5:bd:ce:ec:3e:e7:25:94:69:aa:d0:a4:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 25 00:00:45 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=34f065a19950acfeef0f503814d07271c3cc967fd2b00bb9bd2019e3797b9a18, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:34:f7:99:c7:1b:45:0d:c7:ba:6c:1d:19:7e: b9:d9:ab:95:4a:4d:af:27:9e:e1:b9:5c:63:51:ab: c3:af:d4:01:3d:ef:b8:5f:57:8f:c2:19:4e:0c:4f: 10:ca:2c:a3:cf:a5:9d:ef:ef:5e:e3:2a:02:6b:05: 68:09:ef:cc:54:e2:e9:f3:8e:50:5c:a4:f9:05:9a: ff:c4:be:1e:29:aa:69:9b:ba:cf:31:e1:59:2b:30: 4b:2b:15:cd:1b:c2:0d:df:ac:82:2d:55:ec:72:7d: e3:86:6d:e7:95:13:a5:f1:72:d6:b5:2b:bf:ef:80: 39:72:e0:9e:5a:0f:65:c3:d1:f4:39:f0:cb:2c:cd: a3:7c:f8:da:4d:7f:67:13:0b:20:22:f8:7e:20:8e: 63:03:81:82:2c:ab:d9:07:eb:27:30:62:b3:0e:13: dd:5f:bb:86:12:97:11:21:d6:0d:1d:81:30:e7:85: 61:1c:f8:3c:b3:4c:cb:99:65:85:88:ee:94:d1:f4: 02:c2:85:88:c1:89:3a:ab:a5:ba:8a:a2:0d:e6:1e: 3c:fe:ee:db:3f:d6:b3:27:61:2d:5d:bb:9c:f0:90: 38:b3:3a:c4:ba:a5:32:c8:02:54:7b:3d:76:4d:4a: d6:b1:9c:57:8b:8b:80:34:6e:8f:27:64:35:0e:e3: b7:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:98:0B:9F:AE:5B:9C:83:30:F7:E0:B0:E9:D6:08:2D:90:4E:79:69 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/38 Signature Algorithm: sha256WithRSAEncryption 89:cb:c0:25:d1:69:f8:7a:c1:67:b1:84:68:8b:ab:3d:67:ba: 97:5a:4f:25:7f:dd:1e:ca:b2:46:74:08:ae:9c:5a:51:cb:98: 43:3f:90:f7:02:9e:c4:df:06:57:9f:e2:3d:0d:3c:69:3f:27: 02:cf:2a:1f:62:0d:78:52:80:57:37:ed:46:03:f3:74:72:f8: 5d:2d:88:be:c5:6f:55:8c:4b:09:6a:77:98:e2:4d:12:87:ee: 7d:e3:4e:40:5e:c8:95:99:27:f8:a4:ef:a0:7a:0d:3a:a3:0c: 67:d5:56:60:7a:4c:8f:7c:75:79:ff:20:8d:a0:5d:a1:db:4a: 25:91:5c:30:ef:b2:55:71:67:ef:76:db:65:10:a2:dd:bf:57: af:53:f7:3a:bc:fb:a5:30:4e:60:78:7b:70:c5:95:cf:f7:d9: d3:b8:97:23:5e:e6:c3:0f:0b:6f:6a:92:b4:62:64:25:ae:3d: 00:ab:8e:4f:7f:a4:53:27:0c:e6:36:75:4a:29:35:9a:a6:9c: d7:19:ea:ea:98:0b:b0:bd:58:15:5f:66:58:9b:b1:d2:cc:53: 50:6c:69:13:66:ac:43:43:b8:a3:2f:06:b5:c7:8b:d7:94:0a: b0:ec:f2:47:a5:c3:b3:7a:ef:8c:27:f1:4b:fe:11:66:21:45: 45:bb:fe:38 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGHqGKdgt79W9zuw+5yWUaarQpL8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyNTAwMDA0NVoX DTI1MDUzMDIzNTk1OVowejFJMEcGA1UEBRNAMzRmMDY1YTE5OTUwYWNmZWVmMGY1 MDM4MTRkMDcyNzFjM2NjOTY3ZmQyYjAwYmI5YmQyMDE5ZTM3OTdiOWExODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzT3mccbRQ3HumwdGX652auVSk2v J57huVxjUavDr9QBPe+4X1ePwhlODE8Qyiyjz6Wd7+9e4yoCawVoCe/MVOLp845Q XKT5BZr/xL4eKappm7rPMeFZKzBLKxXNG8IN36yCLVXscn3jhm3nlROl8XLWtSu/ 74A5cuCeWg9lw9H0OfDLLM2jfPjaTX9nEwsgIvh+II5jA4GCLKvZB+snMGKzDhPd X7uGEpcRIdYNHYEw54VhHPg8s0zLmWWFiO6U0fQCwoWIwYk6q6W6iqIN5h48/u7b P9azJ2EtXbuc8JA4szrEuqUyyAJUez12TUrWsZxXi4uANG6PJ2Q1DuO3gQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDGYC5+uW5yDMPfgsOnWCC2QTnlpMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2ZjYzQyOTNjLWIyNGYtNGZhYy05Mzk1LTU0NmY3NDhiM2IxMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAInLwCXRafh6wWexhGiL qz1nupdaTyV/3R7KskZ0CK6cWlHLmEM/kPcCnsTfBlef4j0NPGk/JwLPKh9iDXhS gFc37UYD83Ry+F0tiL7Fb1WMSwlqd5jiTRKH7n3jTkBeyJWZJ/ik76B6DTqjDGfV VmB6TI98dXn/II2gXaHbSiWRXDDvslVxZ+9222UQot2/V69T9zq8+6UwTmB4e3DF lc/32dO4lyNe5sMPC29qkrRiZCWuPQCrjk9/pFMnDOY2dUopNZqmnNcZ6uqYC7C9 WBVfZlibsdLMU1BsaRNmrENDuKMvBrXHi9eUCrDs8kelw7N674wn8Uv+EWYhRUW7 /jg= -----END CERTIFICATE-----Generated at Sat Apr 26 08:25:06 2025 by rpki-client