$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa File: 018dea0d-42eb-4d58-8914-636d25ca3b3c.roa (raw, json) Hash identifier: riOOyNDEYuwj8Ad/B7r80kgzDd7bRDg3I9wRX0Ab5eE= Subject key identifier: 51:C2:90:72:57:C9:B7:CC:12:49:D9:FC:D5:F7:F0:C1:71:1D:5E:72 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4E136B2B5F23A2B7593AC459E07750D830F6F8EC Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa Signing time: Tue 20 May 2025 00:00:44 +0000 ROA not before: Tue 20 May 2025 00:00:44 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:13:6b:2b:5f:23:a2:b7:59:3a:c4:59:e0:77:50:d8:30:f6:f8:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:44 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=3193d80f4b463e88b5e4d985d782a6051bf02f14d616b452098e3891d8659731, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0d:43:c0:b1:1c:81:cd:51:6c:75:4a:5b:3a: 24:08:4d:0c:a3:e6:9b:0f:c0:7b:25:cb:52:35:b2: 45:7d:79:ae:9c:9c:2b:43:f6:c6:bf:19:27:91:25: 7c:5e:87:a9:b4:c1:88:1b:fa:e6:07:7f:10:29:52: 86:51:a1:54:74:7d:cd:40:9c:5a:cd:0e:78:a9:e9: bc:c3:c1:27:02:00:58:ab:2a:9b:50:5f:df:ae:78: 8b:81:0e:05:0f:2c:c9:88:78:03:b9:43:eb:30:b6: 16:1d:25:92:a7:66:b1:5b:e6:ae:40:d0:f3:85:10: fc:58:a6:31:e5:ff:47:10:0a:41:19:74:1c:de:eb: 02:94:52:80:e4:d8:1a:35:52:77:66:50:ee:94:b1: e4:70:69:42:e8:47:9f:39:bd:ea:8c:fb:a5:f4:83: 46:0d:28:37:3a:29:ac:bb:1b:5d:7c:f7:49:76:5c: ee:0a:62:21:8c:a1:22:fc:7e:77:f5:d6:26:11:b6: f0:d7:31:3c:e2:58:92:3c:bc:f4:4d:85:68:20:da: 37:01:13:34:73:2a:0f:57:79:28:a5:50:e0:57:5a: 27:78:1e:98:01:ad:eb:7d:cf:85:96:37:36:ed:af: 8e:7c:ba:54:74:2a:2c:c0:a5:8c:c9:48:bd:60:43: f6:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:C2:90:72:57:C9:B7:CC:12:49:D9:FC:D5:F7:F0:C1:71:1D:5E:72 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:800::/38 Signature Algorithm: sha256WithRSAEncryption b2:df:dd:b3:1e:73:88:d9:7d:7b:b5:66:f3:3f:3c:f6:d3:a4: 40:8b:14:a3:18:3b:77:1d:35:77:e7:67:05:12:a6:d6:76:34: 24:b0:2b:62:aa:18:14:f8:cb:5b:28:a4:6a:ac:5e:ab:51:24: 85:d0:e1:a7:84:c7:bf:a6:e1:fa:0f:81:b4:ff:91:eb:ff:ab: 46:39:c9:cf:12:61:f6:47:d0:04:1e:fc:c3:cc:50:06:cd:a7: 5a:16:22:b3:48:cd:c5:00:da:27:ae:bf:b5:2e:8a:5c:c4:6a: 97:17:4a:bf:85:9f:95:26:c6:df:5b:55:be:26:ce:df:d6:b0: 9b:87:65:86:b7:d7:52:bb:7f:6a:4f:f3:82:e0:d8:f7:dc:8f: 74:b4:4c:4d:27:39:8e:19:63:67:35:3b:32:27:01:79:b6:3d: e1:a3:39:b6:78:a3:35:6f:60:78:83:cf:78:4f:94:2d:ca:7c: a9:9b:3f:6f:3f:f8:4a:ad:13:b3:f2:23:82:1a:17:9a:a2:6f: 15:13:ee:86:95:7c:bb:7a:64:e6:1b:8c:a8:50:6b:9b:32:e4: b5:14:20:29:19:fe:91:a2:0b:74:f9:aa:73:b3:ac:ce:82:e6: 9d:ad:01:b4:c7:af:d3:57:82:89:1e:81:48:a0:5a:a0:f0:07: 64:9b:ee:5b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUThNrK18jordZOsRZ4HdQ2DD2+OwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDA0NFoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAMzE5M2Q4MGY0YjQ2M2U4OGI1ZTRk OTg1ZDc4MmE2MDUxYmYwMmYxNGQ2MTZiNDUyMDk4ZTM4OTFkODY1OTczMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ1DwLEcgc1RbHVKWzokCE0Mo+ab D8B7JctSNbJFfXmunJwrQ/bGvxknkSV8XoeptMGIG/rmB38QKVKGUaFUdH3NQJxa zQ54qem8w8EnAgBYqyqbUF/frniLgQ4FDyzJiHgDuUPrMLYWHSWSp2axW+auQNDz hRD8WKYx5f9HEApBGXQc3usClFKA5NgaNVJ3ZlDulLHkcGlC6EefOb3qjPul9ING DSg3OimsuxtdfPdJdlzuCmIhjKEi/H539dYmEbbw1zE84liSPLz0TYVoINo3ARM0 cyoPV3kopVDgV1oneB6YAa3rfc+Fljc27a+OfLpUdCoswKWMyUi9YEP2yQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFHCkHJXybfMEknZ/NX38MFxHV5yMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzAxOGRlYTBkLTQyZWItNGQ1OC04OTE0LTYzNmQyNWNhM2IzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAgwDQYJKoZIhvcNAQELBQADggEBALLf3bMec4jZfXu1ZvM/ PPbTpECLFKMYO3cdNXfnZwUSptZ2NCSwK2KqGBT4y1sopGqsXqtRJIXQ4aeEx7+m 4foPgbT/kev/q0Y5yc8SYfZH0AQe/MPMUAbNp1oWIrNIzcUA2ieuv7UuilzEapcX Sr+Fn5Umxt9bVb4mzt/WsJuHZYa311K7f2pP84Lg2Pfcj3S0TE0nOY4ZY2c1OzIn AXm2PeGjObZ4ozVvYHiDz3hPlC3KfKmbP28/+EqtE7PyI4IaF5qibxUT7oaVfLt6 ZOYbjKhQa5sy5LUUICkZ/pGiC3T5qnOzrM6C5p2tAbTHr9NXgokegUigWqDwB2Sb 7ls= -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:13 2025 by rpki-client