$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json) Hash identifier: DP/iniB8Jm/oBpDproteCO5LdrWIKUiupl4z9hWxmNY= Subject key identifier: 02:E7:81:7E:A2:3F:66:11:2B:CD:B4:FE:82:05:2E:60:E7:72:EF:F8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0244768F1C8A4314DF7CEFA214B59414C9CEB4EF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa Signing time: Mon 31 Mar 2025 15:01:07 +0000 ROA not before: Mon 31 Mar 2025 15:01:07 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:44:76:8f:1c:8a:43:14:df:7c:ef:a2:14:b5:94:14:c9:ce:b4:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Mar 31 15:01:07 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5e:c6:ec:38:ee:e0:1c:2b:5d:69:42:82:39: be:54:53:fb:2d:07:72:43:57:ea:28:05:75:93:0f: fb:b6:0b:cc:be:8f:a4:ac:c0:9e:d1:13:44:9d:97: 81:f9:4a:b1:7b:64:87:1b:57:15:44:4f:3d:45:d2: 7a:c8:1c:d9:fd:31:81:3a:94:47:ae:dd:ec:3d:ab: b4:33:a7:26:53:2d:50:d6:ac:39:50:40:f7:25:ff: b4:f8:88:fe:29:cf:71:63:19:b9:7d:09:02:65:13: 14:ff:35:fc:09:c0:c0:f7:a7:88:dc:59:b2:2e:b0: da:ee:e9:5d:9e:22:67:d1:d9:02:2c:16:85:10:1d: 9a:1a:7f:e9:0f:55:ae:3a:94:31:bc:bc:5e:b4:67: 65:13:03:ed:93:ac:00:7e:cb:9d:5a:1f:9b:a8:f9: 21:0f:80:2f:d0:17:dc:b3:33:d5:b4:19:76:65:80: 31:50:ca:c5:a6:4a:ba:b5:50:c2:2b:3c:a6:8f:af: 5d:4d:d4:33:e5:e9:af:3f:8e:7c:29:99:86:79:ed: e4:fd:11:ea:ee:93:81:a9:19:05:d5:d4:f0:56:43: b9:2f:64:31:a4:f6:f3:85:ac:f1:d7:00:fa:12:a4: f7:eb:3a:4c:24:73:29:49:4f:50:d4:96:60:8a:f7: d4:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:E7:81:7E:A2:3F:66:11:2B:CD:B4:FE:82:05:2E:60:E7:72:EF:F8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 84:60:59:ac:19:d3:41:f7:69:e6:12:8a:8b:aa:15:83:70:46: ae:fa:f0:31:9c:d2:01:10:a2:3e:66:48:27:77:a3:a8:b9:1e: 47:ac:3f:d1:6d:d4:1a:8b:d6:67:98:c7:91:20:7e:b5:05:e1: d9:7e:6d:6b:4c:79:f1:e9:24:29:c0:ae:44:b9:94:22:a7:a4: 04:46:5a:0e:2b:76:2e:7a:b6:ab:b8:d8:ba:e4:dc:f5:29:b8: b3:98:ee:fd:0c:25:79:98:22:1f:c3:39:03:53:de:3d:31:b8: cf:c1:cc:13:ed:3c:9d:3e:79:b9:3d:18:17:2f:df:6a:9b:b9: dd:c5:36:b9:56:37:38:b7:f7:aa:9c:f1:d4:a9:ba:41:56:21: f1:cf:f0:6a:2c:d0:be:52:92:99:2f:c9:ea:78:e0:85:a1:36: 4c:5e:67:cc:eb:f1:94:16:bf:dc:c5:88:70:9e:0c:90:4c:b5: 27:d8:ad:d9:4a:ed:0a:2d:4d:c2:84:f8:fc:bf:b9:1e:13:8c: e6:12:37:c0:60:ca:39:22:84:ad:f9:81:65:05:87:08:c7:93: a9:4b:72:64:89:0c:f6:79:5d:1b:7d:b5:18:0c:de:63:ad:f6: d8:44:73:78:f5:c0:a9:13:10:9b:02:ed:16:e2:bb:1d:e9:ab: 21:60:f7:f2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAkR2jxyKQxTffO+iFLWUFMnOtO8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMzMTE1MDEwN1oX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAN2FkMzE1NjYyNDZkMzRiYzgzMGZj MTY0MWI4MDYyMzg3Y2M4ODZmOTg0NGEwYTVjYTFlZmFlNTJiZDY3Mzg2ODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV7G7Dju4BwrXWlCgjm+VFP7LQdy Q1fqKAV1kw/7tgvMvo+krMCe0RNEnZeB+Uqxe2SHG1cVRE89RdJ6yBzZ/TGBOpRH rt3sPau0M6cmUy1Q1qw5UED3Jf+0+Ij+Kc9xYxm5fQkCZRMU/zX8CcDA96eI3Fmy LrDa7uldniJn0dkCLBaFEB2aGn/pD1WuOpQxvLxetGdlEwPtk6wAfsudWh+bqPkh D4Av0BfcszPVtBl2ZYAxUMrFpkq6tVDCKzymj69dTdQz5emvP458KZmGee3k/RHq 7pOBqRkF1dTwVkO5L2QxpPbzhazx1wD6EqT36zpMJHMpSU9Q1JZgivfUUwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFALngX6iP2YRK820/oIFLmDncu/4MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBAIRgWawZ00H3aeYSiouq FYNwRq768DGc0gEQoj5mSCd3o6i5HkesP9Ft1BqL1meYx5EgfrUF4dl+bWtMefHp JCnArkS5lCKnpARGWg4rdi56tqu42Lrk3PUpuLOY7v0MJXmYIh/DOQNT3j0xuM/B zBPtPJ0+ebk9GBcv32qbud3FNrlWNzi396qc8dSpukFWIfHP8Gos0L5Skpkvyep4 4IWhNkxeZ8zr8ZQWv9zFiHCeDJBMtSfYrdlK7QotTcKE+Py/uR4TjOYSN8Bgyjki hK35gWUFhwjHk6lLcmSJDPZ5XRt9tRgM3mOt9thEc3j1wKkTEJsC7Rbiux3pqyFg 9/I= -----END CERTIFICATE-----Generated at Fri Apr 4 23:26:49 2025 by rpki-client