$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa File: baa1273d-7883-4b5d-8e1c-23ebac490846.roa (raw, json) Hash identifier: MSs9h7pmJ55WCdEms+gukO83jMMLuoSATmPdHRq3wy4= Subject key identifier: 60:F0:BB:2B:96:C2:12:AC:3E:7E:AB:35:71:18:95:7A:30:99:BB:97 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 337B5EEE41B42E66A82CFE4996823E95C3A49F02 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa Signing time: Mon 31 Mar 2025 15:01:13 +0000 ROA not before: Mon 31 Mar 2025 15:01:13 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:7b:5e:ee:41:b4:2e:66:a8:2c:fe:49:96:82:3e:95:c3:a4:9f:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Mar 31 15:01:13 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:5a:89:33:3e:cc:e6:d4:a8:e8:a4:61:94:ac: 9f:c0:73:30:75:00:25:85:c7:f7:27:4b:bd:67:3c: 25:9a:21:d2:c5:88:9a:96:ec:fb:61:15:db:2d:a5: 9a:08:fb:58:b4:ab:54:fc:e3:aa:06:2f:54:76:8b: eb:f0:49:9b:e7:98:7e:6e:b8:64:a3:96:1e:51:ca: c4:03:ac:4a:7d:95:ec:ca:8a:0c:e0:18:90:a9:97: ea:c7:f2:4e:85:9e:49:3d:22:58:34:c8:41:fb:57: 20:d2:11:d3:f7:0f:58:9c:ae:27:ab:aa:72:aa:36: 9c:23:eb:be:8e:19:08:9b:1a:23:ae:52:d3:84:a9: 7b:40:69:87:af:65:86:6b:69:a0:ec:3b:e1:fb:2a: 74:ec:b0:de:a1:dd:d5:d3:59:73:46:36:93:bd:12: 4c:d4:82:31:8f:ee:da:1e:2b:2f:6a:8c:8d:03:8e: 3f:28:54:2c:0f:7b:b4:37:e2:96:fa:7f:1a:a7:90: 77:f3:e8:78:3c:a9:52:2f:1f:be:2d:4d:e2:90:97: d1:10:c5:4d:b9:57:2e:b2:b1:e8:10:e7:51:13:83: 72:46:b7:63:68:98:72:82:7a:75:b3:d0:78:fb:eb: 6f:ca:64:33:30:cf:68:67:8e:06:b1:f6:59:a0:00: 14:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:F0:BB:2B:96:C2:12:AC:3E:7E:AB:35:71:18:95:7A:30:99:BB:97 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4040::/48 Signature Algorithm: sha256WithRSAEncryption 4e:a6:3a:45:5e:6e:62:18:74:a8:b3:1b:d9:7c:c9:5c:cc:f9: 0b:d9:18:38:1a:e5:37:11:d2:e4:87:a7:8f:16:91:b6:da:ba: 75:1d:80:13:68:51:b5:ac:0f:bb:19:ae:8b:d4:36:ef:e3:c8: ee:6b:2a:6d:3a:b1:88:83:8a:e8:1d:08:a6:a6:3d:f4:a2:3a: 88:fd:a0:65:f9:2a:63:af:aa:6d:a1:d6:2a:33:ec:de:1f:33: ec:c5:63:3a:39:7e:f5:a6:4e:98:6b:66:c0:30:c5:61:79:31: d6:a7:5f:c9:64:ca:f0:04:03:33:92:96:ad:85:82:1b:ca:a8: df:04:c1:13:88:a0:92:88:12:8c:7f:31:b8:fc:7f:1c:c9:d0: 1a:e7:8c:77:7a:e3:3a:04:e1:81:a8:bb:ca:20:1e:6e:79:e4: 4a:0c:ef:e8:dd:69:7f:0b:30:68:98:21:8a:d5:e9:a3:36:ce: 47:35:71:db:06:cc:a2:93:28:2d:a3:b1:a8:a6:ba:9a:5d:87: 3c:04:6f:e3:75:f4:4c:f6:67:16:72:0f:1e:27:2e:bd:64:51: 35:93:cd:db:79:77:36:1c:64:9c:04:05:a3:aa:42:c2:4e:cd: 3f:aa:0e:b5:e0:2b:c8:49:29:40:27:75:c5:cb:3f:4e:94:1b: 8a:b0:77:ae -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUM3te7kG0LmaoLP5JloI+lcOknwIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMzMTE1MDExM1oX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAN2FiMWY4MWI4OTViYjk4NDU0MmU4 ZjliZTAwMjk2ZWQ2OWNiNTgzODljYmI3ZjZjYmMxMmEwZGJmYzk5NjcyZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlqJMz7M5tSo6KRhlKyfwHMwdQAl hcf3J0u9ZzwlmiHSxYialuz7YRXbLaWaCPtYtKtU/OOqBi9Udovr8Emb55h+brhk o5YeUcrEA6xKfZXsyooM4BiQqZfqx/JOhZ5JPSJYNMhB+1cg0hHT9w9YnK4nq6py qjacI+u+jhkImxojrlLThKl7QGmHr2WGa2mg7Dvh+yp07LDeod3V01lzRjaTvRJM 1IIxj+7aHisvaoyNA44/KFQsD3u0N+KW+n8ap5B38+h4PKlSLx++LU3ikJfREMVN uVcusrHoEOdRE4NyRrdjaJhygnp1s9B4++tvymQzMM9oZ44GsfZZoAAUQwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGDwuyuWwhKsPn6rNXEYlXowmbuXMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2JhYTEyNzNkLTc4ODMtNGI1ZC04ZTFjLTIzZWJhYzQ5MDg0Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0BAMA0GCSqGSIb3DQEBCwUAA4IBAQBOpjpFXm5iGHSosxvZ fMlczPkL2Rg4GuU3EdLkh6ePFpG22rp1HYATaFG1rA+7Ga6L1Dbv48juayptOrGI g4roHQimpj30ojqI/aBl+Spjr6ptodYqM+zeHzPsxWM6OX71pk6Ya2bAMMVheTHW p1/JZMrwBAMzkpathYIbyqjfBMETiKCSiBKMfzG4/H8cydAa54x3euM6BOGBqLvK IB5ueeRKDO/o3Wl/CzBomCGK1emjNs5HNXHbBsyikygto7GoprqaXYc8BG/jdfRM 9mcWcg8eJy69ZFE1k83beXc2HGScBAWjqkLCTs0/qg614CvISSlAJ3XFyz9OlBuK sHeu -----END CERTIFICATE-----Generated at Fri Apr 4 23:29:05 2025 by rpki-client