$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa File: 2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa (raw, json) Hash identifier: q7PZWNQWAvVyW2S2ISlRTbVc6w18kxI1on6b2c55x4I= Subject key identifier: 68:F7:ED:57:3D:D6:CF:0A:BA:C7:FD:0C:98:DD:35:E8:5D:34:2C:0E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 551F7E70BAA5A81950DA6277CB0B1151A7A3EEBE Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa Signing time: Fri 16 May 2025 16:00:07 +0000 ROA not before: Fri 16 May 2025 16:00:07 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:1f:7e:70:ba:a5:a8:19:50:da:62:77:cb:0b:11:51:a7:a3:ee:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 16 16:00:07 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=f0cc6d431c1e4d2f68613932eee3eb633bb8683e44fb1b063f3751dee4a9fae8, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b4:2d:ee:8d:ab:16:58:2b:56:37:33:87:6b: 87:86:87:6c:7f:08:9c:06:20:a1:95:e5:93:de:7e: 89:98:22:81:f9:60:ab:a7:04:7e:59:f7:1e:10:7d: c1:06:67:df:8d:96:75:f0:15:fd:26:e5:6e:79:b5: 38:eb:72:5b:25:27:b2:74:d6:af:bf:0f:2e:0d:82: c4:40:8c:6e:aa:91:6f:07:8b:06:13:60:67:64:78: 7a:e7:cc:e4:97:55:b8:b0:37:0d:fe:ac:a8:b5:02: ba:92:bb:32:52:13:89:b4:4b:be:8a:c3:8e:04:6f: 63:49:6d:76:61:27:22:df:d4:e4:5f:0f:46:08:2d: c3:b8:b6:e4:7b:29:53:8c:f8:4c:ec:9b:5c:bc:a0: 5a:28:52:76:06:63:60:84:08:1c:03:7c:5b:7c:f8: 6d:3b:de:42:eb:eb:d2:34:05:a1:ca:e4:22:2e:c9: b0:6e:72:e7:a4:c9:af:94:44:89:33:68:86:21:49: 8f:3d:c7:9b:84:10:bf:a8:94:e0:5f:b9:d3:91:7c: bc:52:66:c6:68:c2:57:8a:58:0d:d1:40:06:d2:1e: 14:af:81:0a:d7:ae:92:ce:70:7d:b1:4b:72:5e:2f: 55:27:cf:80:af:68:be:48:59:d4:f5:04:5a:8d:1e: 7e:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:F7:ED:57:3D:D6:CF:0A:BA:C7:FD:0C:98:DD:35:E8:5D:34:2C:0E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:8000::/40 Signature Algorithm: sha256WithRSAEncryption 7e:a3:39:4d:2d:f5:33:bc:52:71:a4:62:44:77:1e:19:9e:36: 28:bd:01:ea:fb:5d:91:b0:90:4e:3e:88:12:8c:5c:ef:7f:89: bb:1b:46:ff:46:bf:1e:de:23:73:81:67:9e:55:46:a8:aa:8b: 56:f2:ff:a6:11:6c:b0:8d:8f:29:a8:f6:b6:38:96:f1:d8:a4: d5:6d:03:8b:62:c7:08:49:01:87:6f:35:2d:b7:64:fe:79:59: 46:6d:ff:2e:12:c4:a9:6c:58:f4:99:51:eb:c1:57:bc:21:89: 8e:72:4d:76:a7:bf:28:38:33:64:c3:7a:32:1e:05:30:e9:4a: ab:09:ae:f7:ca:91:55:dc:27:9c:57:91:0d:3e:9a:fe:72:e4: 63:d9:80:49:95:75:5a:6b:9c:eb:f6:d6:b1:26:e5:22:6e:7f: 3c:ac:70:f5:8f:27:41:77:b0:ab:b1:16:2f:54:50:03:16:36: b9:47:14:0a:36:f5:93:44:90:c5:0f:f4:d1:24:82:bf:b4:49: 13:38:83:8c:3e:22:27:b2:45:80:31:db:52:f6:2b:63:b7:54: 11:94:cc:ba:3f:76:eb:07:58:da:92:17:e8:7d:ca:a3:45:fd: 10:30:60:80:79:3e:74:d6:f7:a5:9a:14:92:92:e7:14:f8:02: f7:ef:9c:5e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVR9+cLqlqBlQ2mJ3ywsRUaej7r4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUxNjE2MDAwN1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZjBjYzZkNDMxYzFlNGQyZjY4NjEz OTMyZWVlM2ViNjMzYmI4NjgzZTQ0ZmIxYjA2M2YzNzUxZGVlNGE5ZmFlODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bQt7o2rFlgrVjczh2uHhodsfwic BiChleWT3n6JmCKB+WCrpwR+WfceEH3BBmffjZZ18BX9JuVuebU463JbJSeydNav vw8uDYLEQIxuqpFvB4sGE2BnZHh658zkl1W4sDcN/qyotQK6krsyUhOJtEu+isOO BG9jSW12YSci39TkXw9GCC3DuLbkeylTjPhM7JtcvKBaKFJ2BmNghAgcA3xbfPht O95C6+vSNAWhyuQiLsmwbnLnpMmvlESJM2iGIUmPPcebhBC/qJTgX7nTkXy8UmbG aMJXilgN0UAG0h4Ur4EK166SznB9sUtyXi9VJ8+Ar2i+SFnU9QRajR5+5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGj37Vc91s8Kusf9DJjdNehdNCwOMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIyNDdmMzRmLWU1YjEtNDIzYy1hYzBmLTcxNDJhZDg2YmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+YAwDQYJKoZIhvcNAQELBQADggEBAH6jOU0t9TO8UnGkYkR3 HhmeNii9Aer7XZGwkE4+iBKMXO9/ibsbRv9Gvx7eI3OBZ55VRqiqi1by/6YRbLCN jymo9rY4lvHYpNVtA4tixwhJAYdvNS23ZP55WUZt/y4SxKlsWPSZUevBV7whiY5y TXanvyg4M2TDejIeBTDpSqsJrvfKkVXcJ5xXkQ0+mv5y5GPZgEmVdVprnOv21rEm 5SJufzyscPWPJ0F3sKuxFi9UUAMWNrlHFAo29ZNEkMUP9NEkgr+0SRM4g4w+Iiey RYAx21L2K2O3VBGUzLo/dusHWNqSF+h9yqNF/RAwYIB5PnTW96WaFJKS5xT4Avfv nF4= -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:15 2025 by rpki-client