$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0feedd18-2b71-48d5-a2ee-07ca90b4d203.roa File: 0feedd18-2b71-48d5-a2ee-07ca90b4d203.roa (raw, json) Hash identifier: 3yuVVU+T7twHbwh1ZYvwymD1L+BME5bkAFuhBYd/ekA= Subject key identifier: 94:05:C9:F2:E6:9D:98:1D:87:71:99:FB:F9:00:DC:D5:07:11:F5:01 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 08F55519DA8F428EFA46C9E3CE02889B4049E46E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0feedd18-2b71-48d5-a2ee-07ca90b4d203.roa Signing time: Tue 20 May 2025 00:00:50 +0000 ROA not before: Tue 20 May 2025 00:00:50 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:f5:55:19:da:8f:42:8e:fa:46:c9:e3:ce:02:88:9b:40:49:e4:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:50 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=bcaaa2a0ab089c7c07cc28daad0b56b91adf9e4313219465011c16342a28860d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f8:58:0b:4f:08:d2:44:f3:b5:07:d0:69:63: 1e:6e:e0:d9:98:81:e3:91:93:58:04:52:d6:c3:31: 76:e4:da:40:5b:c3:aa:44:1f:9b:88:ca:18:1e:53: 8b:74:11:e3:e3:05:73:af:ad:4c:f3:de:26:70:1a: 32:88:36:c6:ac:3e:20:e7:4c:a0:5b:7b:5d:bd:cd: 01:1d:da:57:47:55:39:58:ba:67:3b:0b:ea:9a:66: c7:33:d6:54:4d:73:b9:77:ea:e2:86:f2:18:60:7f: b7:5b:38:1b:ce:62:a0:89:6d:41:22:d5:d3:10:64: b9:a6:98:fa:75:24:78:89:ba:02:da:02:b3:20:a9: 99:c4:45:c6:cc:c7:15:3f:d8:5d:85:77:79:79:76: f7:cd:a0:12:4a:50:99:91:8a:de:07:3d:05:70:87: ef:ae:36:da:23:cf:38:ab:59:99:12:2c:30:81:41: 3c:85:a0:f5:f1:45:a8:0d:e5:c3:18:64:86:64:7c: 80:5d:f0:46:9e:8a:3d:54:f4:57:5c:5a:99:b3:66: 47:d7:f6:34:69:b1:da:18:59:50:5a:4e:20:0b:76: 5e:cd:3a:ac:1d:0a:5c:0d:9c:6a:1a:d4:3d:1b:45: c8:9f:fb:12:ab:78:b9:b7:3d:c6:2a:48:64:7f:77: 62:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:05:C9:F2:E6:9D:98:1D:87:71:99:FB:F9:00:DC:D5:07:11:F5:01 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0feedd18-2b71-48d5-a2ee-07ca90b4d203.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:800::/38 Signature Algorithm: sha256WithRSAEncryption 30:72:7f:ea:7d:8c:b4:29:88:bd:47:a5:cd:27:02:08:c1:8a: 2f:0f:27:82:f9:41:60:93:2c:4a:ac:81:1b:db:a6:e6:06:89: c5:ee:ec:4b:76:a1:61:37:3c:a4:34:47:db:95:36:b8:63:ca: 81:cd:c8:08:16:96:2f:d0:e7:53:6e:b2:20:5d:97:ec:d3:2a: 35:14:ae:3a:e4:37:c0:81:07:92:3b:3b:27:ac:d3:5a:07:c7: 0b:ed:d4:42:82:fa:73:9f:31:7d:66:aa:4d:69:b9:d7:b5:57: 95:c8:d5:2b:2b:07:f0:34:6c:54:ac:e0:ab:d9:06:4d:a3:fc: 88:eb:1b:62:b5:43:0e:d4:22:6d:4a:d6:33:37:e7:3b:e3:fa: f7:d2:f6:fe:38:ac:09:06:2a:c7:6b:75:09:38:9b:5f:4b:a7: 93:86:4e:70:8e:b9:05:89:6d:a4:aa:2a:54:c5:b8:87:2a:56: 26:ac:23:81:b5:31:91:7d:ba:6e:ba:3e:f7:90:2e:08:8c:5d: 7e:f6:89:e7:e2:93:7e:24:54:85:2f:40:15:4f:0f:47:ec:8a: e4:b3:88:7a:8d:60:8f:76:92:40:00:32:b0:47:65:76:65:3b: cc:51:6e:d0:e9:4a:c5:c7:7c:28:11:fb:6b:d3:8a:e0:3f:75: f4:f9:ef:11 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCPVVGdqPQo76RsnjzgKIm0BJ5G4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDA1MFoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAYmNhYWEyYTBhYjA4OWM3YzA3Y2My OGRhYWQwYjU2YjkxYWRmOWU0MzEzMjE5NDY1MDExYzE2MzQyYTI4ODYwZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfhYC08I0kTztQfQaWMebuDZmIHj kZNYBFLWwzF25NpAW8OqRB+biMoYHlOLdBHj4wVzr61M894mcBoyiDbGrD4g50yg W3tdvc0BHdpXR1U5WLpnOwvqmmbHM9ZUTXO5d+rihvIYYH+3WzgbzmKgiW1BItXT EGS5ppj6dSR4iboC2gKzIKmZxEXGzMcVP9hdhXd5eXb3zaASSlCZkYreBz0FcIfv rjbaI884q1mZEiwwgUE8haD18UWoDeXDGGSGZHyAXfBGnoo9VPRXXFqZs2ZH1/Y0 abHaGFlQWk4gC3ZezTqsHQpcDZxqGtQ9G0XIn/sSq3i5tz3GKkhkf3diiwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJQFyfLmnZgdh3GZ+/kA3NUHEfUBMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBmZWVkZDE4LTJiNzEtNDhkNS1hMmVlLTA3Y2E5MGI0ZDIwMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAgwDQYJKoZIhvcNAQELBQADggEBADByf+p9jLQpiL1Hpc0n AgjBii8PJ4L5QWCTLEqsgRvbpuYGicXu7Et2oWE3PKQ0R9uVNrhjyoHNyAgWli/Q 51NusiBdl+zTKjUUrjrkN8CBB5I7Oyes01oHxwvt1EKC+nOfMX1mqk1pude1V5XI 1SsrB/A0bFSs4KvZBk2j/IjrG2K1Qw7UIm1K1jM35zvj+vfS9v44rAkGKsdrdQk4 m19Lp5OGTnCOuQWJbaSqKlTFuIcqViasI4G1MZF9um66PveQLgiMXX72iefik34k VIUvQBVPD0fsiuSziHqNYI92kkAAMrBHZXZlO8xRbtDpSsXHfCgR+2vTiuA/dfT5 7xE= -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:15 2025 by rpki-client