$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa File: f54cd21d-ebef-4509-8295-1f7547d0d717.roa (raw, json) Hash identifier: uK5rIIJVfKXy8BxldyOo5jlt1QT+Kisuc6QGAPs27qg= Subject key identifier: D4:95:A3:83:CC:A3:3E:91:8C:E2:80:3F:B0:72:18:D2:F1:91:F3:D9 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2BFABA5B8407280AB67FA0ED7DF92A406E3BE807 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa Signing time: Mon 31 Mar 2025 15:01:26 +0000 ROA not before: Mon 31 Mar 2025 15:01:26 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:fa:ba:5b:84:07:28:0a:b6:7f:a0:ed:7d:f9:2a:40:6e:3b:e8:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Mar 31 15:01:26 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:f6:a3:4f:01:78:2d:38:fd:62:1d:1a:f6:c9: 6f:3d:cc:59:2e:44:14:f0:49:e1:c9:66:24:69:11: a3:b0:34:ab:bb:ed:0b:a2:ea:02:00:95:3a:af:09: 16:be:6c:44:6f:aa:91:ad:7d:57:c5:44:7f:a8:bb: 66:62:14:dd:7d:2e:37:09:9e:d6:a3:55:fa:cd:f0: 50:fb:34:94:88:b8:72:b7:44:b3:f7:d1:37:90:08: 76:1a:2e:07:7b:e5:d7:ed:8d:ab:b9:bb:12:87:09: 98:0d:d4:52:11:5d:34:d2:20:55:56:1f:9c:c9:09: 73:dc:13:ab:84:65:b0:27:58:d2:a9:d3:4f:40:97: 52:83:32:b2:53:2d:49:0b:6a:39:df:bc:c5:b5:a2: 22:b0:61:3a:39:4f:c2:a7:70:d2:f9:40:01:9c:e9: 28:0d:5f:d2:7d:76:b6:61:db:06:9a:d3:5f:31:c2: ea:8e:de:35:87:0b:93:38:20:ab:34:b6:5d:b5:7b: 32:1d:67:8f:3a:69:2f:2e:44:3d:8d:51:f4:14:ab: d4:29:ff:60:f7:9f:e4:14:d5:4e:07:63:68:27:b9: 8e:ad:e7:a8:aa:db:b4:31:15:37:02:33:b3:d3:65: 94:49:fa:63:4c:cb:80:8b:1d:48:51:16:d4:1b:b0: 39:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:95:A3:83:CC:A3:3E:91:8C:E2:80:3F:B0:72:18:D2:F1:91:F3:D9 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:400::/38 Signature Algorithm: sha256WithRSAEncryption 7d:15:2b:84:6c:50:b0:3c:bc:06:ae:8c:e7:bf:ba:77:fd:77: ac:c7:3f:b0:42:4e:2f:6e:ef:a3:d1:f9:c2:dd:31:9d:c8:4b: 30:0c:78:b4:7a:2e:46:b5:3d:7f:73:48:07:ad:a6:75:75:52: 6c:db:ef:37:16:fb:fe:35:64:08:d1:22:73:67:d4:94:ae:50: 29:aa:40:e7:82:90:d4:91:77:e2:6d:31:de:f5:72:75:13:f2: ad:22:d0:d0:40:8a:89:3f:fa:fb:57:70:ec:46:ec:a2:e7:63: 31:75:a4:9f:ce:31:37:a7:37:fc:79:6b:03:83:7f:e8:e3:b4: 87:8a:0f:b5:53:fe:68:fb:4f:8a:34:6d:d2:5e:e3:e7:0b:b2: 15:12:74:86:00:26:6a:cb:4c:ea:28:dd:64:39:b7:dd:12:e3: 6b:1c:1f:d6:82:f6:8e:68:47:db:04:cc:94:09:40:9f:4b:0c: 21:d5:2f:7a:fb:cd:6d:78:ca:9d:23:83:12:61:c0:82:5d:16: 43:f3:26:e0:89:81:8a:c3:0e:87:f1:a7:a7:a1:2a:2a:ec:b8: ff:ca:0b:50:a9:ed:35:62:be:4a:da:f8:91:40:d3:7a:a4:75: 7f:61:c5:c6:66:50:d4:87:3d:cb:f0:1e:99:68:13:c5:65:6d: 03:e0:be:6f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUK/q6W4QHKAq2f6DtffkqQG476AcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMzMTE1MDEyNloX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAMzZjMWM5ODI4YWQ2ODcyYWI3MjQ1 ZDg3NjMzYjdiMjdmZTk0MWRjODAxYTZiYThjNDFmNDg4NjdiNmJmZjFhNzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofajTwF4LTj9Yh0a9slvPcxZLkQU 8EnhyWYkaRGjsDSru+0LouoCAJU6rwkWvmxEb6qRrX1XxUR/qLtmYhTdfS43CZ7W o1X6zfBQ+zSUiLhyt0Sz99E3kAh2Gi4He+XX7Y2rubsShwmYDdRSEV000iBVVh+c yQlz3BOrhGWwJ1jSqdNPQJdSgzKyUy1JC2o537zFtaIisGE6OU/Cp3DS+UABnOko DV/SfXa2YdsGmtNfMcLqjt41hwuTOCCrNLZdtXsyHWePOmkvLkQ9jVH0FKvUKf9g 95/kFNVOB2NoJ7mOreeoqtu0MRU3AjOz02WUSfpjTMuAix1IURbUG7A5jwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNSVo4PMoz6RjOKAP7ByGNLxkfPZMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2Y1NGNkMjFkLWViZWYtNDUwOS04Mjk1LTFmNzU0N2QwZDcxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAQwDQYJKoZIhvcNAQELBQADggEBAH0VK4RsULA8vAaujOe/ unf9d6zHP7BCTi9u76PR+cLdMZ3ISzAMeLR6Lka1PX9zSAetpnV1Umzb7zcW+/41 ZAjRInNn1JSuUCmqQOeCkNSRd+JtMd71cnUT8q0i0NBAiok/+vtXcOxG7KLnYzF1 pJ/OMTenN/x5awODf+jjtIeKD7VT/mj7T4o0bdJe4+cLshUSdIYAJmrLTOoo3WQ5 t90S42scH9aC9o5oR9sEzJQJQJ9LDCHVL3r7zW14yp0jgxJhwIJdFkPzJuCJgYrD Dofxp6ehKirsuP/KC1Cp7TVivkra+JFA03qkdX9hxcZmUNSHPcvwHploE8VlbQPg vm8= -----END CERTIFICATE-----Generated at Fri Apr 4 23:29:05 2025 by rpki-client