$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa File: 29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa (raw, json) Hash identifier: 2G7r3r4yDfMa9M7zCW9vqd61JHTnTE0H2PPzkuXP/B8= Subject key identifier: 6B:CF:DF:51:E4:F7:3B:76:1C:9C:E5:4A:BC:37:68:8D:99:CF:35:FA Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2C7E1A7D99D9407E784B444C4C0BDC1D7E593972 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa Signing time: Tue 20 May 2025 00:00:42 +0000 ROA not before: Tue 20 May 2025 00:00:42 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:7e:1a:7d:99:d9:40:7e:78:4b:44:4c:4c:0b:dc:1d:7e:59:39:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:42 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=a3d21abf3d3d34c64b055b7c2d3c92fd150a6aab1a438d945b82b0129e42af39, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:e1:04:49:fd:40:b5:8c:8f:c4:40:11:f3:bb: b8:dc:a2:8c:05:06:7c:7a:de:a3:e5:10:c4:91:a9: e4:5e:48:12:55:f9:64:30:08:e6:d2:a1:fa:80:70: e7:66:f6:ff:3b:a5:38:49:5d:3a:9b:72:1b:9f:e4: 0e:21:5f:04:50:d1:5e:0f:44:7b:35:9b:34:52:a5: 19:24:e5:15:e1:e9:65:5b:2e:b3:64:e7:f1:aa:11: 90:1b:1a:74:58:e4:18:a0:73:70:64:f3:f7:b8:7d: d1:cf:fa:cd:19:79:6a:a8:e4:37:6e:24:7c:5d:ee: b5:b1:b6:f8:92:c3:fe:97:32:d3:d4:24:02:18:3d: c7:b0:de:d3:39:4c:1d:8f:55:27:34:8f:24:92:4f: a2:12:fe:36:a8:8d:99:e4:ed:cf:d4:dc:54:e0:ea: 32:05:9c:83:01:e8:ae:7e:f7:22:4c:b2:5e:e8:e0: 2f:6c:6a:41:bd:b9:ee:be:51:ce:f5:46:13:50:7e: 8a:7b:61:17:5c:73:8d:de:db:86:50:5e:75:dd:41: 2d:37:82:52:c0:5c:75:8a:15:e8:e5:cb:92:03:98: 41:88:29:17:ea:4c:6c:87:5f:40:a7:f2:c1:5f:1e: 80:67:73:0f:d4:43:15:73:db:04:3a:0d:c1:a5:b0: 50:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:CF:DF:51:E4:F7:3B:76:1C:9C:E5:4A:BC:37:68:8D:99:CF:35:FA X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:c00::/38 Signature Algorithm: sha256WithRSAEncryption 4f:d6:cc:bf:06:ff:73:9f:3a:e0:9c:30:c6:3e:70:d2:7b:09: fe:fa:0d:97:52:bd:53:59:b4:5a:15:af:13:62:b7:4d:14:6c: db:2a:47:e4:b3:d4:62:5d:d2:3a:be:6a:61:a9:f3:09:5d:24: 10:c2:59:d8:de:85:45:84:5f:99:15:c2:59:27:fa:de:40:67: f2:87:66:70:e1:66:94:9a:c5:ed:fb:60:fd:76:44:f9:c9:db: 3d:d6:37:2f:ca:0a:03:f6:6d:6b:07:12:9d:dd:44:ee:bc:d2: f7:47:25:a3:7f:9b:b9:d3:38:a3:81:6c:e8:79:04:4b:9f:09: 1c:85:8d:70:c3:f2:65:57:47:cd:b3:6f:46:5b:7e:f0:db:6f: 64:ea:37:c1:0b:8b:bf:92:ce:f8:b0:43:5b:d7:3c:69:8f:16: 93:e4:f2:5a:5f:1c:90:90:55:a8:9c:8e:3b:06:e1:80:28:9c: 83:7f:53:32:c0:5b:85:9d:fe:97:54:52:47:4d:f6:6c:25:ac: da:81:97:4d:7b:0a:e7:c5:cc:f1:c9:25:d2:d6:fd:7d:bf:c5: 1e:3b:1c:c9:c2:a9:34:3d:ab:a6:53:f2:f7:4a:39:49:39:d9: a3:d3:89:33:80:cb:7f:f3:a7:11:bf:da:69:4d:63:00:69:a6: 16:9d:c7:6e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULH4afZnZQH54S0RMTAvcHX5ZOXIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDA0MloX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAYTNkMjFhYmYzZDNkMzRjNjRiMDU1 YjdjMmQzYzkyZmQxNTBhNmFhYjFhNDM4ZDk0NWI4MmIwMTI5ZTQyYWYzOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+EESf1AtYyPxEAR87u43KKMBQZ8 et6j5RDEkankXkgSVflkMAjm0qH6gHDnZvb/O6U4SV06m3Ibn+QOIV8EUNFeD0R7 NZs0UqUZJOUV4ellWy6zZOfxqhGQGxp0WOQYoHNwZPP3uH3Rz/rNGXlqqOQ3biR8 Xe61sbb4ksP+lzLT1CQCGD3HsN7TOUwdj1UnNI8kkk+iEv42qI2Z5O3P1NxU4Ooy BZyDAeiufvciTLJe6OAvbGpBvbnuvlHO9UYTUH6Ke2EXXHON3tuGUF513UEtN4JS wFx1ihXo5cuSA5hBiCkX6kxsh19Ap/LBXx6AZ3MP1EMVc9sEOg3BpbBQQwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGvP31Hk9zt2HJzlSrw3aI2ZzzX6MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI5ZmU0NDU0LWY3YTgtNDJmZC04YzM1LTc3YTZkNmY4ZTYwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAwwDQYJKoZIhvcNAQELBQADggEBAE/WzL8G/3OfOuCcMMY+ cNJ7Cf76DZdSvVNZtFoVrxNit00UbNsqR+Sz1GJd0jq+amGp8wldJBDCWdjehUWE X5kVwlkn+t5AZ/KHZnDhZpSaxe37YP12RPnJ2z3WNy/KCgP2bWsHEp3dRO680vdH JaN/m7nTOKOBbOh5BEufCRyFjXDD8mVXR82zb0ZbfvDbb2TqN8ELi7+SzviwQ1vX PGmPFpPk8lpfHJCQVaicjjsG4YAonIN/UzLAW4Wd/pdUUkdN9mwlrNqBl017CufF zPHJJdLW/X2/xR47HMnCqTQ9q6ZT8vdKOUk52aPTiTOAy3/zpxG/2mlNYwBpphad x24= -----END CERTIFICATE-----Generated at Mon Jun 2 04:42:53 2025 by rpki-client