$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: m9U/2x9j9r5bcA0bSop4JS7BC0edtIZoyajUGOVeNKA= Subject key identifier: 11:96:F4:05:A4:1E:72:B8:ED:73:96:37:E0:7A:8E:B8:5A:DF:F5:87 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0924A79C6A793919BD05796F83E23277A4DCBD6A Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Mon 31 Mar 2025 15:00:51 +0000 ROA not before: Mon 31 Mar 2025 15:00:51 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:24:a7:9c:6a:79:39:19:bd:05:79:6f:83:e2:32:77:a4:dc:bd:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Mar 31 15:00:51 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:03:2e:df:1f:85:8b:b5:4f:95:eb:15:d8:89: d8:43:2d:2c:67:56:dc:6d:41:2a:4a:c3:c7:95:ff: 65:bf:82:70:22:13:23:00:ca:5a:17:d9:e7:b0:b1: 71:a5:f9:09:1f:d9:86:6d:4d:7d:12:5c:63:ec:50: b5:eb:d0:d6:78:4d:04:b1:9e:44:11:6e:bd:e9:9c: 4c:3b:e1:78:ed:c4:48:c2:a5:f3:ab:e4:75:44:0b: 24:ee:56:da:eb:3d:fb:58:5b:88:b4:d4:45:22:0b: c7:6e:3e:8f:dd:9f:21:51:4f:b4:2f:a5:f0:b8:e2: ce:22:22:39:9e:29:92:14:14:4b:6e:22:ee:5f:35: d3:27:07:3b:4a:bf:56:fd:9c:09:63:4a:14:13:4f: 74:60:eb:d5:13:84:e2:21:18:a7:18:4d:b1:22:fd: f1:a7:3c:ff:cb:5a:40:a8:b6:b9:6f:be:5c:ac:d9: 42:3e:ac:9b:6a:a2:a2:1d:6f:9e:86:9c:27:45:a1: 5a:9d:f7:e9:41:4a:90:a5:7b:fa:c7:cb:b6:10:0e: ac:17:ad:9f:d8:1a:b4:40:a0:53:db:94:98:45:5c: 7a:34:41:ac:e8:5a:7a:7c:16:a7:11:05:eb:bf:0c: f6:0f:5b:49:33:72:f0:fd:42:cb:85:3b:14:87:39: 7e:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:96:F4:05:A4:1E:72:B8:ED:73:96:37:E0:7A:8E:B8:5A:DF:F5:87 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption 31:8d:7c:a7:cc:2c:c6:47:3c:28:39:e3:c7:4b:07:2b:4c:00: 24:3a:0e:df:22:c0:f0:ca:e0:a2:f5:d2:26:9f:ae:c4:c4:60: 67:8a:57:a1:8b:f7:af:a1:4b:d7:56:c9:23:ce:2d:fa:29:59: 56:c6:a9:db:52:8c:67:6e:62:b2:08:a1:a3:0e:d2:71:66:cb: b1:7e:fd:dd:48:1c:46:6b:bf:87:9d:aa:d0:c9:b5:8f:1a:33: 12:0d:8c:2f:bb:57:fc:03:30:09:e7:dd:1f:e5:00:ca:77:78: 3b:57:46:2e:8c:7f:bf:6b:66:5a:f7:bb:9a:50:ca:00:65:4a: 94:13:9a:59:e9:b5:6b:6a:78:97:01:d5:32:d6:3b:bc:11:fb: 8d:a4:86:59:20:ee:e3:d9:81:b3:76:86:a4:0b:0e:c2:dd:fa: 9e:e8:c8:3f:42:02:f0:8e:7f:3d:6e:bd:9a:71:43:6e:43:d4: 88:6b:45:ff:88:9f:99:cf:5e:d4:9e:20:18:cd:e7:f5:ea:0a: 8e:1a:a7:70:02:1c:4b:7f:73:63:6f:64:50:79:ac:d4:0f:60: 1d:d0:9a:b8:fe:55:16:09:9d:e0:64:7a:b1:14:67:ea:cb:19: d8:48:91:20:67:a4:34:45:a6:7f:02:67:6e:ea:9f:6d:47:6e: 30:56:0e:a1 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUCSSnnGp5ORm9BXlvg+Iyd6TcvWowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMzMTE1MDA1MVoX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNANDY4YTNiNWY2YzMzMjk5YjY0ZDA3 ZmY2NTM5MzNjODYyNjI2M2JmYWQ3ZDMyYTU2NzE2Y2ZlYTU1YmI1Y2E1MzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwMu3x+Fi7VPlesV2InYQy0sZ1bc bUEqSsPHlf9lv4JwIhMjAMpaF9nnsLFxpfkJH9mGbU19Elxj7FC169DWeE0EsZ5E EW696ZxMO+F47cRIwqXzq+R1RAsk7lba6z37WFuItNRFIgvHbj6P3Z8hUU+0L6Xw uOLOIiI5nimSFBRLbiLuXzXTJwc7Sr9W/ZwJY0oUE090YOvVE4TiIRinGE2xIv3x pzz/y1pAqLa5b75crNlCPqybaqKiHW+ehpwnRaFanffpQUqQpXv6x8u2EA6sF62f 2Bq0QKBT25SYRVx6NEGs6Fp6fBanEQXrvwz2D1tJM3Lw/ULLhTsUhzl+DQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFBGW9AWkHnK47XOWN+B6jrha3/WHMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAMY18p8wsxkc8KDnjx0sH K0wAJDoO3yLA8MrgovXSJp+uxMRgZ4pXoYv3r6FL11bJI84t+ilZVsap21KMZ25i sgihow7ScWbLsX793UgcRmu/h52q0Mm1jxozEg2ML7tX/AMwCefdH+UAynd4O1dG Lox/v2tmWve7mlDKAGVKlBOaWem1a2p4lwHVMtY7vBH7jaSGWSDu49mBs3aGpAsO wt36nujIP0IC8I5/PW69mnFDbkPUiGtF/4ifmc9e1J4gGM3n9eoKjhqncAIcS39z Y29kUHms1A9gHdCauP5VFgmd4GR6sRRn6ssZ2EiRIGekNEWmfwJnbuqfbUduMFYO oQ== -----END CERTIFICATE-----Generated at Fri Apr 4 23:36:03 2025 by rpki-client