$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: Vm7QfjHgAlb0UPcOnTyqKW32B6tcAoSX7QGWNxOXr68= Subject key identifier: 5D:B2:AE:03:38:26:58:EB:DB:96:E4:C1:F8:C6:9C:50:D6:87:8B:C3 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 175BD023E328AE96DB01FEC110BAA2A87360882E Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Sat 05 Apr 2025 00:00:03 +0000 ROA not before: Sat 05 Apr 2025 00:00:03 +0000 ROA not after: Sat 10 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 00:02:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:5b:d0:23:e3:28:ae:96:db:01:fe:c1:10:ba:a2:a8:73:60:88:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 5 00:00:03 2025 GMT Not After : May 10 23:59:59 2025 GMT Subject: serialNumber=b04049f0304c68e46977890632c2c9c098f865df802fffed9881882b96645f16, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:2e:17:9d:eb:cf:90:eb:5d:16:82:1b:ac:fa: 37:cc:60:e6:d9:2b:ba:f1:f5:7d:2b:83:e7:c0:95: ad:68:7a:b5:83:79:a0:09:cc:12:0c:5c:0b:ba:db: f3:ec:8a:8b:ea:49:a1:e2:3c:ad:34:d0:9c:09:6b: aa:86:a7:c1:1c:eb:09:21:e6:67:c6:b8:c9:01:b4: 46:9a:b1:7b:a7:de:3a:ff:5d:f1:59:ef:c8:52:0b: 6c:e6:4b:d2:f2:ea:08:73:d8:a1:05:95:c4:96:a0: 55:0e:b1:29:4a:54:37:44:8c:f0:0f:7a:a5:0d:8d: c4:b8:91:2b:cb:a8:a1:69:98:54:3d:3c:17:4e:c1: 30:cf:a2:0c:73:a1:02:ca:05:43:16:fe:9f:0b:4b: 31:10:3b:35:98:e2:c3:80:76:04:42:dd:cd:61:ad: 08:49:1a:33:ea:7e:be:9a:86:fe:f4:da:59:fa:d0: b2:09:cc:be:7a:67:ff:74:3e:93:6d:1c:3b:b7:fb: 7d:92:c3:7b:b9:f9:5b:e5:74:fa:b0:d0:30:3c:a3: 67:1a:af:18:f6:68:94:e0:72:be:12:56:72:9c:ca: 90:7f:51:3e:1b:6e:36:5f:2b:fd:15:2e:04:1c:5f: bf:28:82:be:c3:09:59:5f:8d:2d:82:29:7a:4b:a3: 9c:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:B2:AE:03:38:26:58:EB:DB:96:E4:C1:F8:C6:9C:50:D6:87:8B:C3 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 07:4a:99:34:62:f6:7e:5b:02:2c:7d:35:e0:e0:8f:8d:1d:fc: 59:3b:fa:b0:42:cf:8c:08:f0:30:84:a3:c8:d7:1c:d5:75:5d: fb:5f:24:78:58:fd:62:ac:f3:7c:28:c7:9e:58:0d:d3:04:48: 0e:4c:de:70:19:6c:2b:93:51:ee:aa:be:4e:19:8d:f6:aa:d0: 08:c2:34:1d:d6:76:02:ba:28:7c:7b:50:f3:77:5b:16:4d:a8: e8:38:c5:e2:47:b0:4e:9b:30:58:2d:05:38:76:58:dd:aa:01: d9:fe:dd:df:a7:cf:6e:77:a4:d9:16:5f:1b:c1:79:41:23:08: 3a:ec:4d:ff:75:90:d5:ba:7f:73:82:49:1a:97:c6:3a:b8:e1: b1:74:b6:c4:ef:b8:7e:2c:26:6c:e6:f9:36:a1:0e:87:a3:90: f7:78:c9:3a:38:2d:d5:7d:7d:b1:ab:6f:e4:97:10:76:51:2e: bb:ba:ea:64:64:4f:7f:80:b1:66:d3:d4:84:68:bc:26:07:ac: 1a:80:2f:76:f7:f2:ad:29:f3:e4:76:ad:f3:6c:67:3f:e6:3a: a2:08:25:d9:60:a2:cd:e1:fc:8e:7b:0b:a5:4b:a5:57:25:2d: e7:f3:ac:01:5e:32:d6:56:ef:d6:f0:e8:20:db:f2:1b:48:1f: 6a:5b:ea:df -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUF1vQI+MorpbbAf7BELqiqHNgiC4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDQwNTAwMDAwM1oX DTI1MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAYjA0MDQ5ZjAzMDRjNjhlNDY5Nzc4 OTA2MzJjMmM5YzA5OGY4NjVkZjgwMmZmZmVkOTg4MTg4MmI5NjY0NWYxNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7y4XnevPkOtdFoIbrPo3zGDm2Su6 8fV9K4PnwJWtaHq1g3mgCcwSDFwLutvz7IqL6kmh4jytNNCcCWuqhqfBHOsJIeZn xrjJAbRGmrF7p946/13xWe/IUgts5kvS8uoIc9ihBZXElqBVDrEpSlQ3RIzwD3ql DY3EuJEry6ihaZhUPTwXTsEwz6IMc6ECygVDFv6fC0sxEDs1mOLDgHYEQt3NYa0I SRoz6n6+mob+9NpZ+tCyCcy+emf/dD6TbRw7t/t9ksN7uflb5XT6sNAwPKNnGq8Y 9miU4HK+ElZynMqQf1E+G242Xyv9FS4EHF+/KIK+wwlZX40tgil6S6OcBQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF2yrgM4Jljr25bkwfjGnFDWh4vDMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAHSpk0YvZ+WwIsfTXg 4I+NHfxZO/qwQs+MCPAwhKPI1xzVdV37XyR4WP1irPN8KMeeWA3TBEgOTN5wGWwr k1Huqr5OGY32qtAIwjQd1nYCuih8e1Dzd1sWTajoOMXiR7BOmzBYLQU4dljdqgHZ /t3fp89ud6TZFl8bwXlBIwg67E3/dZDVun9zgkkal8Y6uOGxdLbE77h+LCZs5vk2 oQ6Ho5D3eMk6OC3VfX2xq2/klxB2US67uupkZE9/gLFm09SEaLwmB6wagC929/Kt KfPkdq3zbGc/5jqiCCXZYKLN4fyOewulS6VXJS3n86wBXjLWVu/W8Ogg2/IbSB9q W+rf -----END CERTIFICATE-----Generated at Thu Apr 17 22:43:27 2025 by rpki-client