$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa File: c7b491e4-76ae-4305-8132-a670b41c66fd.roa (raw, json) Hash identifier: nq0qGGfl/V/5PwU7o1ldRBfwgges3TWlUUOwHzME6MI= Subject key identifier: F4:47:C8:CC:BD:FB:37:11:06:C2:0C:9E:9A:AE:4B:92:42:8B:0A:8C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0993E8F2B8485490700736A96FFA19B1DBE26A3B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa Signing time: Mon 31 Mar 2025 15:01:10 +0000 ROA not before: Mon 31 Mar 2025 15:01:10 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:93:e8:f2:b8:48:54:90:70:07:36:a9:6f:fa:19:b1:db:e2:6a:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Mar 31 15:01:10 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:14:45:50:c2:be:b0:63:b1:df:48:54:bb:1d: e6:87:91:72:cd:73:de:10:8c:9e:00:3c:c1:93:5b: b0:3f:71:65:d3:6f:43:c5:2d:3f:58:3d:6e:d0:ae: f6:0d:51:93:4e:a0:ba:b1:f2:0b:24:5d:1a:db:0a: 00:3e:00:46:bd:57:5a:b0:7d:91:b5:e3:1a:42:ff: 44:2c:ed:4d:6c:0e:6d:7d:e8:4a:d4:01:a5:9a:27: ec:69:a2:f8:aa:27:04:29:6f:21:19:c0:33:73:35: 75:b3:6a:96:ef:e2:08:3a:88:13:56:22:0b:10:36: c9:24:24:80:80:31:97:2c:0f:f6:3c:3b:a0:e4:55: a0:00:f3:fb:1d:b0:28:e4:af:3f:6f:ec:4e:c3:0a: 1a:16:cd:d0:cb:26:6c:cc:bd:2e:d2:4c:08:1e:5a: c5:b7:e3:eb:10:d4:c2:51:53:96:a8:14:b2:23:47: 34:20:38:8a:68:4e:07:cb:ab:32:3b:e3:11:12:b4: ee:d8:c0:34:3a:09:2f:39:92:2c:64:20:f9:44:30: a8:2e:3f:aa:6a:d8:80:ec:7b:25:4c:48:8a:6b:4d: 32:50:59:24:37:c3:e2:62:f7:e8:6c:b5:8a:65:a2: d5:e0:5d:f9:32:bd:26:90:64:9b:f8:90:10:b3:35: 65:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:47:C8:CC:BD:FB:37:11:06:C2:0C:9E:9A:AE:4B:92:42:8B:0A:8C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4000::/40 Signature Algorithm: sha256WithRSAEncryption 32:14:34:99:01:67:9d:33:eb:5c:b3:e0:ae:c1:89:c4:6b:16: 06:c7:25:75:46:1a:d8:c3:91:7e:15:f7:a8:9f:56:56:1f:0f: 7e:61:8d:45:eb:70:25:bb:b6:c9:b0:02:58:8e:24:3b:05:d7: b6:24:56:16:64:3b:6a:35:e1:e7:19:33:e3:98:16:ee:cf:fe: 8e:a0:96:72:92:a7:fb:12:3c:79:eb:c2:24:f9:ab:dc:65:ff: 39:3f:7e:53:90:ca:f8:88:67:35:eb:88:48:fc:19:65:53:d4: 5a:ef:f6:74:cf:4c:45:4d:e6:e3:d4:7e:03:7f:60:5b:3d:35: 17:76:37:c7:fe:7f:3e:ae:a8:26:e4:bd:fb:da:f7:4c:a0:d3: 74:23:ff:18:c6:8b:a5:15:b4:8e:da:53:a7:f4:f9:b9:64:28: b4:9a:fe:e1:61:4c:a9:c8:5a:d0:a4:87:68:52:96:19:d0:e6: 44:22:f5:a1:fe:fa:d4:d9:7e:e1:ed:6d:1f:d6:ed:b8:5d:4d: ba:78:1b:7a:b5:49:b8:74:d4:cf:03:d4:25:cf:5d:ed:62:be: d5:76:ff:96:92:4c:93:f1:6c:56:3b:ca:3b:a4:36:5a:c9:01: 63:5b:20:3f:86:69:c6:e9:01:8c:90:a9:0d:7a:23:90:bc:8e: 41:3c:c5:e7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCZPo8rhIVJBwBzapb/oZsdviajswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMzMTE1MDExMFoX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAMjBmMTAzNzUxMzdkNDdiYzFhMGM2 ZjAxZTA0OWM5YzBlMzNkNTI1MDM2MDI3MDA5Y2QyMmNiNjI0ZWUxOTFhNjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohRFUMK+sGOx30hUux3mh5FyzXPe EIyeADzBk1uwP3Fl029DxS0/WD1u0K72DVGTTqC6sfILJF0a2woAPgBGvVdasH2R teMaQv9ELO1NbA5tfehK1AGlmifsaaL4qicEKW8hGcAzczV1s2qW7+IIOogTViIL EDbJJCSAgDGXLA/2PDug5FWgAPP7HbAo5K8/b+xOwwoaFs3QyyZszL0u0kwIHlrF t+PrENTCUVOWqBSyI0c0IDiKaE4Hy6syO+MRErTu2MA0OgkvOZIsZCD5RDCoLj+q atiA7HslTEiKa00yUFkkN8PiYvfobLWKZaLV4F35Mr0mkGSb+JAQszVl0QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPRHyMy9+zcRBsIMnpquS5JCiwqMMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3YjQ5MWU0LTc2YWUtNDMwNS04MTMyLWE2NzBiNDFjNjZmZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBADIUNJkBZ50z61yz4K7B icRrFgbHJXVGGtjDkX4V96ifVlYfD35hjUXrcCW7tsmwAliOJDsF17YkVhZkO2o1 4ecZM+OYFu7P/o6glnKSp/sSPHnrwiT5q9xl/zk/flOQyviIZzXriEj8GWVT1Frv 9nTPTEVN5uPUfgN/YFs9NRd2N8f+fz6uqCbkvfva90yg03Qj/xjGi6UVtI7aU6f0 +blkKLSa/uFhTKnIWtCkh2hSlhnQ5kQi9aH++tTZfuHtbR/W7bhdTbp4G3q1Sbh0 1M8D1CXPXe1ivtV2/5aSTJPxbFY7yjukNlrJAWNbID+GacbpAYyQqQ16I5C8jkE8 xec= -----END CERTIFICATE-----Generated at Fri Apr 4 23:31:26 2025 by rpki-client