$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa File: 0ae05889-eb6d-414c-88e9-bc293171f532.roa (raw, json) Hash identifier: jvm4oCNZfhHYPm68QTtbVycRqBEh5hBFE5OLi8eQUeU= Subject key identifier: 1C:23:07:39:2A:62:A1:2A:A1:33:34:17:28:F3:45:FB:76:2C:AE:81 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6930150ECF949C430F9831D222D4F0DC7B1F3C88 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa Signing time: Mon 21 Apr 2025 17:00:12 +0000 ROA not before: Mon 21 Apr 2025 17:00:12 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 00:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:30:15:0e:cf:94:9c:43:0f:98:31:d2:22:d4:f0:dc:7b:1f:3c:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 21 17:00:12 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=4b5899978228bd720c017e61fa8bd842456db632994bf1fdf84046fb6bb085f0, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:17:b2:4b:36:c7:5c:b6:d2:39:10:a8:39:a4: 65:8a:6c:50:07:b0:e1:c6:25:9f:d4:5f:66:b0:8a: 25:02:25:bb:fd:e8:81:f1:17:4c:fe:e6:b9:0a:66: b4:38:49:20:c3:0a:05:1b:5c:56:f4:cf:1d:17:35: ba:25:b5:0e:25:46:81:b5:53:c6:59:ac:58:6b:6f: a0:39:24:a4:63:39:ff:4e:82:51:b2:8b:8e:71:77: f3:42:f2:2a:4e:a1:88:d4:0c:26:e3:41:cd:7a:d5: 88:53:99:ac:f7:43:ed:f9:e7:7d:eb:8a:c9:5f:b6: 60:5a:7a:d2:43:ea:54:11:9b:27:7a:20:49:6b:9b: 11:b5:21:14:8a:8e:57:91:3a:a0:c0:b8:66:4f:00: ae:cc:32:91:54:9d:30:cb:3c:c9:77:00:c5:1d:83: 8e:d8:0e:dc:2c:04:9d:e3:50:0d:64:ea:fd:db:cf: d6:3b:4d:69:73:3f:9a:1f:1e:d4:33:cf:bc:cb:0c: e8:15:3c:97:c2:8d:2d:8e:73:f8:f8:f4:b2:bc:43: 3c:23:68:38:c7:16:df:39:54:8b:73:4e:1e:e5:90: 9b:c0:32:3a:d3:e1:99:55:d3:54:1e:7d:05:e6:94: 8c:94:cf:ae:aa:c6:59:0d:4c:a6:3e:c9:87:7d:28: 4f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:23:07:39:2A:62:A1:2A:A1:33:34:17:28:F3:45:FB:76:2C:AE:81 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0ae05889-eb6d-414c-88e9-bc293171f532.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:4000::/40 Signature Algorithm: sha256WithRSAEncryption 46:f9:51:f9:4e:1e:82:23:62:ac:06:2e:5f:1f:65:34:72:68: 3c:58:bd:5e:23:ec:90:2a:a2:ba:b4:c2:55:9a:ca:5d:12:72: 2d:b3:fb:e2:6a:d8:9a:e4:ed:2b:1e:3a:e4:21:f2:f0:81:1f: bc:01:7d:bb:1d:4d:38:a9:96:44:a7:da:aa:4f:51:9c:12:6b: a0:b2:38:b0:3c:76:86:d0:1a:1d:8d:b2:71:a4:07:04:50:35: 0b:c4:fa:2c:1b:16:c8:9f:42:26:2e:26:67:26:3c:cd:53:cb: 98:be:cf:4d:4e:bb:63:43:6b:d4:46:48:e1:e1:ea:44:dd:0e: 5f:17:06:1b:19:57:c4:77:db:2d:20:81:2c:a8:7f:18:5b:c0: ca:dc:46:c0:c4:d6:b0:71:7a:81:7c:30:a7:10:5b:ee:01:32: b3:9f:24:f6:46:1b:3c:1d:f2:b0:6b:67:57:8c:b7:52:12:0b: c5:90:77:f1:05:a3:72:f8:85:65:86:4b:4b:42:dd:28:0c:e6: 89:33:1d:a3:4e:e1:24:5a:fe:dd:24:35:2f:3b:b1:19:f6:ed: bb:5c:0a:4b:ca:84:b6:68:22:f6:f9:3d:43:d6:47:3f:b7:dd: 00:3c:ec:0e:25:02:59:be:7a:f5:42:99:a9:17:57:90:64:1b: 48:9b:b5:95 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaTAVDs+UnEMPmDHSItTw3HsfPIgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyMTE3MDAxMloX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNANGI1ODk5OTc4MjI4YmQ3MjBjMDE3 ZTYxZmE4YmQ4NDI0NTZkYjYzMjk5NGJmMWZkZjg0MDQ2ZmI2YmIwODVmMDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwheySzbHXLbSORCoOaRlimxQB7Dh xiWf1F9msIolAiW7/eiB8RdM/ua5Cma0OEkgwwoFG1xW9M8dFzW6JbUOJUaBtVPG WaxYa2+gOSSkYzn/ToJRsouOcXfzQvIqTqGI1Awm40HNetWIU5ms90Pt+ed964rJ X7ZgWnrSQ+pUEZsneiBJa5sRtSEUio5XkTqgwLhmTwCuzDKRVJ0wyzzJdwDFHYOO 2A7cLASd41ANZOr928/WO01pcz+aHx7UM8+8ywzoFTyXwo0tjnP4+PSyvEM8I2g4 xxbfOVSLc04e5ZCbwDI60+GZVdNUHn0F5pSMlM+uqsZZDUymPsmHfShP+QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBwjBzkqYqEqoTM0FyjzRft2LK6BMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBhZTA1ODg5LWViNmQtNDE0Yy04OGU5LWJjMjkzMTcxZjUzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+UAwDQYJKoZIhvcNAQELBQADggEBAEb5UflOHoIjYqwGLl8f ZTRyaDxYvV4j7JAqorq0wlWayl0Sci2z++Jq2Jrk7SseOuQh8vCBH7wBfbsdTTip lkSn2qpPUZwSa6CyOLA8dobQGh2NsnGkBwRQNQvE+iwbFsifQiYuJmcmPM1Ty5i+ z01Ou2NDa9RGSOHh6kTdDl8XBhsZV8R32y0ggSyofxhbwMrcRsDE1rBxeoF8MKcQ W+4BMrOfJPZGGzwd8rBrZ1eMt1ISC8WQd/EFo3L4hWWGS0tC3SgM5okzHaNO4SRa /t0kNS87sRn27btcCkvKhLZoIvb5PUPWRz+33QA87A4lAlm+evVCmakXV5BkG0ib tZU= -----END CERTIFICATE-----Generated at Fri May 9 10:12:09 2025 by rpki-client