$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: sQHCxPbTYwBsLt4o3K/X1ZHE1GJ/1/HDFi5nR5IfaZY= Subject key identifier: 03:68:A6:EA:BD:50:67:A9:2B:31:73:65:C9:E5:74:30:5C:2A:CB:15 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 173CD1B15F4B9C6DA20B3D5465ACC51FB35B817B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Sat 17 May 2025 00:00:10 +0000 ROA not before: Sat 17 May 2025 00:00:10 +0000 ROA not after: Sat 21 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:3c:d1:b1:5f:4b:9c:6d:a2:0b:3d:54:65:ac:c5:1f:b3:5b:81:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 17 00:00:10 2025 GMT Not After : Jun 21 23:59:59 2025 GMT Subject: serialNumber=cc0279ed3d411e862a073bd91b001f0ed215bf50285843119215ab36f17503f2, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:8c:b6:85:70:aa:b1:f8:31:a4:1b:07:0f:7d: 8b:a4:29:22:64:a2:5c:d0:89:49:ff:c8:da:ed:54: 51:67:e3:3e:30:5b:be:b2:82:6c:5e:43:d7:11:75: 03:55:2d:a3:3f:69:e1:62:a7:df:0c:8d:0c:c2:c3: 03:c2:68:9d:a8:b3:f9:54:1a:d6:54:1c:d2:85:b7: 16:86:dd:62:22:46:5d:80:4f:79:5d:0b:f4:00:22: 7a:e8:4e:b0:0f:04:fd:c0:32:17:f4:ec:e2:63:6a: 2f:21:f3:b6:b8:ea:4b:1a:fd:56:98:21:24:6d:34: 35:6f:97:ca:fe:ef:0d:4b:25:aa:9f:fe:2b:c1:4c: c7:76:24:ab:07:56:88:8f:81:c3:99:57:09:06:ec: e1:df:a8:8b:6c:7a:ae:12:91:3f:d0:97:a4:30:f4: f3:c1:72:81:38:ac:67:31:cb:5f:9e:69:8f:b9:be: 91:d2:b0:dd:e7:f9:d5:45:b3:47:47:8a:f0:bc:8c: 6b:22:b9:28:04:2c:ba:e3:fe:dd:00:3e:fc:97:b5: 6a:24:64:c1:b9:b2:36:ce:03:af:34:2b:a8:2f:8d: be:37:9c:9b:9a:5c:4b:75:e8:3a:3e:66:45:72:05: de:3c:96:d5:b2:7e:18:e1:ff:22:74:91:d8:ef:c4: f7:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:68:A6:EA:BD:50:67:A9:2B:31:73:65:C9:E5:74:30:5C:2A:CB:15 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 32:7f:16:6a:48:3d:76:17:e5:e1:67:6c:1a:89:11:a5:a6:2c: db:0f:3b:cf:b3:34:d9:b9:91:81:dc:ca:cd:06:70:c7:e3:75: 21:87:d6:07:c7:bc:2a:d2:2a:f0:65:d2:0e:0e:95:b1:50:ff: 4d:01:3e:a0:b4:56:df:74:5b:d4:ab:81:b7:32:61:0a:f6:6e: bc:38:28:4f:aa:be:20:62:20:d8:ef:ce:b0:19:75:1b:a4:20: 07:53:5e:36:9f:44:fb:39:89:a6:67:15:b4:f7:86:7d:f4:5a: 1b:ae:b6:f9:a8:d1:a0:31:d6:81:cc:b6:45:38:3d:95:20:72: fe:11:90:2f:b2:fb:54:0b:1e:d2:ac:57:09:83:52:6f:22:74: 98:fa:82:2f:66:bc:99:40:fb:32:06:3e:43:77:85:c2:77:b5: 81:ab:86:4c:0e:f7:27:ce:cf:54:86:70:62:c8:47:fd:5c:55: 84:8e:5d:fa:b2:e5:3d:e8:76:90:62:bc:16:14:48:73:87:93: 30:e4:2e:ff:cc:ac:e3:3f:a6:ff:eb:6c:33:6b:10:2d:92:58: 0d:f8:5b:75:13:48:44:1a:94:ab:8f:d7:f2:7b:83:4f:4b:15: 40:65:89:c2:91:10:b2:fe:55:a3:b7:be:d8:f4:b9:a7:21:f9: 8f:1f:29:0d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFzzRsV9LnG2iCz1UZazFH7NbgXswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUxNzAwMDAxMFoX DTI1MDYyMTIzNTk1OVowejFJMEcGA1UEBRNAY2MwMjc5ZWQzZDQxMWU4NjJhMDcz YmQ5MWIwMDFmMGVkMjE1YmY1MDI4NTg0MzExOTIxNWFiMzZmMTc1MDNmMjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4y2hXCqsfgxpBsHD32LpCkiZKJc 0IlJ/8ja7VRRZ+M+MFu+soJsXkPXEXUDVS2jP2nhYqffDI0MwsMDwmidqLP5VBrW VBzShbcWht1iIkZdgE95XQv0ACJ66E6wDwT9wDIX9OziY2ovIfO2uOpLGv1WmCEk bTQ1b5fK/u8NSyWqn/4rwUzHdiSrB1aIj4HDmVcJBuzh36iLbHquEpE/0JekMPTz wXKBOKxnMctfnmmPub6R0rDd5/nVRbNHR4rwvIxrIrkoBCy64/7dAD78l7VqJGTB ubI2zgOvNCuoL42+N5ybmlxLdeg6PmZFcgXePJbVsn4Y4f8idJHY78T3GQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFANopuq9UGepKzFzZcnldDBcKssVMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBADJ/FmpIPXYX5eFnbBqJ EaWmLNsPO8+zNNm5kYHcys0GcMfjdSGH1gfHvCrSKvBl0g4OlbFQ/00BPqC0Vt90 W9SrgbcyYQr2brw4KE+qviBiINjvzrAZdRukIAdTXjafRPs5iaZnFbT3hn30Whuu tvmo0aAx1oHMtkU4PZUgcv4RkC+y+1QLHtKsVwmDUm8idJj6gi9mvJlA+zIGPkN3 hcJ3tYGrhkwO9yfOz1SGcGLIR/1cVYSOXfqy5T3odpBivBYUSHOHkzDkLv/MrOM/ pv/rbDNrEC2SWA34W3UTSEQalKuP1/J7g09LFUBlicKRELL+VaO3vtj0uach+Y8f KQ0= -----END CERTIFICATE-----Generated at Mon Jun 2 04:42:55 2025 by rpki-client