$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa File: 453c01e0-c333-4283-987c-be2c8b71798c.roa (raw, json) Hash identifier: uhURZ3h0m3cX+bbjjWqGjxNgj0SCkUU3HCYhPDKFNcI= Subject key identifier: 3E:EC:12:21:8D:AC:23:3C:C3:32:A1:73:41:83:B0:7F:9D:D0:84:5A Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 584CDC3440531C79D0D9EA44FD52D15F762F155A Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa Signing time: Mon 31 Mar 2025 15:01:05 +0000 ROA not before: Mon 31 Mar 2025 15:01:05 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:4c:dc:34:40:53:1c:79:d0:d9:ea:44:fd:52:d1:5f:76:2f:15:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Mar 31 15:01:05 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:c7:7d:46:d1:57:ad:58:a8:6c:fc:4f:56:40: 94:f0:6f:30:c8:af:61:6b:53:f8:c1:b7:0a:90:12: c3:f7:f6:2d:f9:c0:52:19:e4:14:89:ea:b6:7b:9e: 6e:23:00:7c:06:0a:a9:6a:b5:25:c2:c8:fd:44:7c: 6a:32:4b:6a:9e:44:04:a0:93:c9:b3:28:af:1c:48: 59:86:f4:9d:4d:4a:c3:1c:0c:9a:b4:93:35:24:89: 2f:a5:48:87:b9:a5:d8:10:c3:d1:71:7e:c8:c7:2f: b6:d8:a1:be:db:e8:bd:eb:da:7d:a5:85:5f:2f:ba: 89:ee:40:ba:78:46:0d:3c:a2:0b:18:db:c8:75:9e: 56:71:4a:bd:a4:32:b7:b6:01:53:f8:b5:93:ac:b7: c2:36:b4:ae:1f:3a:71:f8:2f:1e:27:39:31:74:42: 63:1e:1a:45:1b:03:e2:3b:0c:79:6a:9b:06:1d:ad: 1e:3e:d4:41:4e:7c:02:d3:20:9b:da:6b:12:d6:fa: 87:c0:51:57:2d:ef:39:17:44:1e:5e:2d:83:f6:ba: 80:af:48:3c:83:aa:be:24:c7:de:c6:83:12:c0:d8: 47:e0:d9:5c:b8:07:e2:1b:4d:0a:2a:fa:64:50:e6: d2:79:d7:28:de:f9:49:09:5e:b4:6d:97:db:8c:90: c9:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:EC:12:21:8D:AC:23:3C:C3:32:A1:73:41:83:B0:7F:9D:D0:84:5A X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/453c01e0-c333-4283-987c-be2c8b71798c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:80c0::/48 Signature Algorithm: sha256WithRSAEncryption ac:fe:13:c2:c2:3a:17:47:80:3b:ff:d2:05:38:8c:d7:c9:67: a4:5c:3b:fb:51:ff:a6:08:bf:2a:4e:6e:5d:aa:59:c6:ae:6f: b1:92:08:ec:f1:e6:ef:0b:02:8a:05:af:b5:e0:73:22:e1:9d: 5b:b9:22:7d:2f:f1:1a:b5:6f:71:0d:0d:9c:dc:f9:e8:f7:15: ba:40:0b:ca:b8:f8:ae:d0:6a:0c:60:52:8d:cf:75:0e:14:ed: 9a:cf:13:d9:1c:13:60:d9:f6:69:a0:63:12:fa:47:c0:6e:b9: 4a:84:66:f7:09:39:fc:31:ca:a8:7a:c7:06:09:1a:e0:90:01: 89:90:e9:1c:e8:29:04:73:a3:bc:9d:e8:19:88:33:d9:1e:e4: da:24:17:85:e3:d1:cb:c1:a9:5c:30:0d:16:dc:86:41:41:e7: 8f:bb:b2:f8:85:b5:41:a8:72:b2:42:9a:1f:68:ee:ab:5f:23: 60:7c:b2:9b:f8:4d:20:64:5f:cd:9a:3f:52:45:06:df:6d:51: b9:8f:e6:04:e9:8f:dc:1e:7b:06:23:a7:e8:ca:0c:2b:cf:a3: 28:cb:84:8f:bd:3c:a3:7f:5b:c6:01:b0:ab:9d:4c:31:e7:04: 67:e4:33:32:10:4e:ee:84:47:90:16:52:9c:d8:7a:05:70:f3: 76:b0:c6:b5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWEzcNEBTHHnQ2epE/VLRX3YvFVowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMzMTE1MDEwNVoX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAZmQ1YTcyOTIxYmNlNmM1ZWNmZGUw MmJkYWNiMzA1YWMzM2E1ZDZkYzg3MDQzOWVjZjVkOGMzM2M3OTg2MjM2NjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucd9RtFXrViobPxPVkCU8G8wyK9h a1P4wbcKkBLD9/Yt+cBSGeQUieq2e55uIwB8BgqparUlwsj9RHxqMktqnkQEoJPJ syivHEhZhvSdTUrDHAyatJM1JIkvpUiHuaXYEMPRcX7Ixy+22KG+2+i969p9pYVf L7qJ7kC6eEYNPKILGNvIdZ5WcUq9pDK3tgFT+LWTrLfCNrSuHzpx+C8eJzkxdEJj HhpFGwPiOwx5apsGHa0ePtRBTnwC0yCb2msS1vqHwFFXLe85F0QeXi2D9rqAr0g8 g6q+JMfexoMSwNhH4NlcuAfiG00KKvpkUObSedco3vlJCV60bZfbjJDJFQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFD7sEiGNrCM8wzKhc0GDsH+d0IRaMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzQ1M2MwMWUwLWMzMzMtNDI4My05ODdjLWJlMmM4YjcxNzk4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/4DAMA0GCSqGSIb3DQEBCwUAA4IBAQCs/hPCwjoXR4A7/9IF OIzXyWekXDv7Uf+mCL8qTm5dqlnGrm+xkgjs8ebvCwKKBa+14HMi4Z1buSJ9L/Ea tW9xDQ2c3Pno9xW6QAvKuPiu0GoMYFKNz3UOFO2azxPZHBNg2fZpoGMS+kfAbrlK hGb3CTn8McqoescGCRrgkAGJkOkc6CkEc6O8negZiDPZHuTaJBeF49HLwalcMA0W 3IZBQeePu7L4hbVBqHKyQpofaO6rXyNgfLKb+E0gZF/Nmj9SRQbfbVG5j+YE6Y/c HnsGI6foygwrz6Moy4SPvTyjf1vGAbCrnUwx5wRn5DMyEE7uhEeQFlKc2HoFcPN2 sMa1 -----END CERTIFICATE-----Generated at Fri Apr 4 23:25:47 2025 by rpki-client