$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: Hr59+nmlFp+HpikNCPRSz5RkqFuBbvTV8y/kV60ePMw= Subject key identifier: 40:C6:FC:47:48:51:BA:63:7B:A0:98:7F:2F:3F:13:08:7D:79:AF:E5 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 420F70117C106EA7D7331CB33916C37AF317D123 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Tue 25 Mar 2025 16:50:02 +0000 ROA not before: Tue 25 Mar 2025 16:50:02 +0000 ROA not after: Tue 29 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:0f:70:11:7c:10:6e:a7:d7:33:1c:b3:39:16:c3:7a:f3:17:d1:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Mar 25 16:50:02 2025 GMT Not After : Apr 29 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e1:9a:ce:f4:0b:31:45:a3:08:a0:4b:28:75: cc:06:04:35:ed:65:48:9f:74:af:31:87:e3:7d:27: 0d:03:23:0a:8c:0d:a2:42:0f:54:8c:80:a4:26:09: c6:89:d2:ff:23:59:27:2b:3e:50:6b:ac:8f:65:37: da:ba:0b:43:13:28:b4:dd:37:37:da:b6:c7:99:60: d7:ce:2a:3f:3d:b0:d9:d7:24:df:47:d2:1d:29:1c: c8:9f:cd:4d:65:ad:a6:68:66:97:da:28:39:af:93: 19:9f:c4:4e:48:81:3c:9a:19:2d:af:a6:e3:57:9f: 0c:3b:c8:84:26:ed:d5:c0:6f:32:88:29:7c:16:54: d8:16:e6:a7:d5:c3:18:c7:e5:f3:ac:0f:99:8b:6a: 36:aa:ad:9c:52:37:66:36:6c:38:37:f5:c9:1b:be: cf:2f:e8:81:b6:51:f1:8e:1a:60:25:e7:b2:ee:b6: 63:aa:e9:37:85:43:08:01:30:3f:91:e7:65:10:b9: 2e:ba:5f:7d:19:85:d4:0e:0e:2d:1c:17:e8:cb:8c: d6:75:d5:9c:de:9f:3a:5a:8c:ac:8e:f7:a5:7f:ad: fb:00:b2:2e:47:df:fb:7d:ee:c3:fd:49:d7:e9:02: 52:88:cf:88:20:4e:a6:60:0c:a7:12:5c:ff:c9:7c: f5:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:C6:FC:47:48:51:BA:63:7B:A0:98:7F:2F:3F:13:08:7D:79:AF:E5 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 95:40:90:dd:21:d2:0f:13:2b:69:30:13:e9:47:1a:c1:ac:d9: 59:f4:df:af:0a:bb:7a:4d:8a:4f:ec:b4:ae:b4:a2:57:1b:fc: 9c:d2:0b:40:ef:d8:76:f1:7d:3f:58:54:77:56:13:d7:79:25: 52:94:39:b9:91:9a:85:97:57:61:bc:4f:10:96:67:f5:09:b9: d5:32:bd:b7:f1:70:c9:7f:60:82:76:fc:ef:92:01:d2:19:b3: 0b:cf:88:48:c7:5e:f2:6c:49:eb:19:db:f0:5e:e8:43:2a:55: 9d:4e:7a:44:03:d4:26:db:12:a0:6a:38:34:69:7c:51:57:f9: 0e:53:72:c7:36:9b:1d:33:ba:37:30:5a:17:00:58:72:a4:98: 27:b2:35:a2:0a:48:43:07:8d:b5:a1:69:83:b5:bf:13:a7:db: 8d:d2:7b:a8:73:13:a7:15:fe:73:e8:ad:55:94:5e:9e:f6:b3: 29:36:d5:a7:47:ea:d3:1d:35:34:75:e7:a3:ed:21:48:8a:d5: 47:5a:43:93:7e:61:cd:34:1c:c8:fe:58:5e:52:57:c7:8e:e3: 82:8e:10:b9:be:1c:14:06:37:bf:a3:f4:f8:c5:25:26:e1:8d: 51:76:d5:dc:42:b3:6d:58:6c:16:9f:fb:7f:ac:1b:e2:e8:6a: 7e:82:06:7f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQg9wEXwQbqfXMxyzORbDevMX0SMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMyNTE2NTAwMloX DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANzY1M2E4YzhkNDAzODA1M2YwMDg4 MjI3ZjliNWMxNTBkNjFmYTFjZWE3MzM0ZGJmZTJkNjYxYTBmZjI1YzA0NTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOGazvQLMUWjCKBLKHXMBgQ17WVI n3SvMYfjfScNAyMKjA2iQg9UjICkJgnGidL/I1knKz5Qa6yPZTfaugtDEyi03Tc3 2rbHmWDXzio/PbDZ1yTfR9IdKRzIn81NZa2maGaX2ig5r5MZn8ROSIE8mhktr6bj V58MO8iEJu3VwG8yiCl8FlTYFuan1cMYx+XzrA+Zi2o2qq2cUjdmNmw4N/XJG77P L+iBtlHxjhpgJeey7rZjquk3hUMIATA/kedlELkuul99GYXUDg4tHBfoy4zWddWc 3p86Woysjvelf637ALIuR9/7fe7D/UnX6QJSiM+IIE6mYAynElz/yXz1fQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEDG/EdIUbpje6CYfy8/Ewh9ea/lMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBAJVAkN0h0g8TK2kwE+lH GsGs2Vn0368Ku3pNik/stK60olcb/JzSC0Dv2HbxfT9YVHdWE9d5JVKUObmRmoWX V2G8TxCWZ/UJudUyvbfxcMl/YIJ2/O+SAdIZswvPiEjHXvJsSesZ2/Be6EMqVZ1O ekQD1CbbEqBqODRpfFFX+Q5Tcsc2mx0zujcwWhcAWHKkmCeyNaIKSEMHjbWhaYO1 vxOn243Se6hzE6cV/nPorVWUXp72syk21adH6tMdNTR156PtIUiK1UdaQ5N+Yc00 HMj+WF5SV8eO44KOELm+HBQGN7+j9PjFJSbhjVF21dxCs21YbBaf+3+sG+Loan6C Bn8= -----END CERTIFICATE-----Generated at Fri Apr 4 23:25:48 2025 by rpki-client