$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa File: 2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa (raw, json) Hash identifier: Tn/JUCxrF//j7KRTP0wSo0DuIVbkBus6ty3iV/Yq3bw= Subject key identifier: A1:E7:11:26:AE:AE:7B:0E:DE:1D:FB:77:37:94:42:86:A1:99:D8:E8 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 02C94FB951995F221F6491A3305059B61991B20A Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa Signing time: Mon 21 Apr 2025 17:00:07 +0000 ROA not before: Mon 21 Apr 2025 17:00:07 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 00:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:c9:4f:b9:51:99:5f:22:1f:64:91:a3:30:50:59:b6:19:91:b2:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 21 17:00:07 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=124f48bc997cf592eeabe76a12ad9bce2c4143bbcf2b0861c58604fd43aa22a6, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:71:39:63:0d:ad:fc:fd:57:c4:10:0f:84:19: 7d:f3:66:b7:69:46:9a:d3:69:ed:ce:bb:a8:6c:3f: 95:1e:72:5a:06:de:32:57:ea:c6:a7:c2:4c:ba:a8: 56:64:8a:5e:e8:53:20:92:c9:f3:1d:de:f9:71:81: 8a:0a:c0:4f:5c:ab:51:85:75:6d:26:e3:cf:9f:2b: c7:86:a9:05:0e:33:83:36:b0:ff:16:2f:04:e0:f9: 44:dc:97:35:bc:a7:c0:c1:d6:b5:f2:6c:16:69:60: 5b:78:30:8b:a9:50:de:06:e4:51:3d:e4:f3:ef:c1: 27:69:70:c1:1d:e4:8f:2d:b3:87:32:08:16:08:4b: d9:51:3e:5d:d9:75:5c:a2:f0:d7:e6:24:4e:b8:c7: 75:1e:de:20:28:cb:4a:83:1b:92:52:e5:4a:fc:1e: d6:ff:c1:00:6e:fa:63:62:4b:c3:d4:2b:7b:9f:b9: e3:c3:70:f5:66:db:51:5f:a1:ea:99:16:c5:29:18: 8c:6d:5f:7e:cd:60:a6:d0:a2:9e:43:53:13:c8:82: 4d:98:18:13:c9:b0:e4:34:43:95:36:f1:93:72:5f: da:ba:a6:f5:ea:9d:98:b0:1f:9a:7e:b9:78:d4:cd: 01:55:ec:a5:a8:5f:5e:50:15:b7:2b:c4:be:5f:15: f3:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:E7:11:26:AE:AE:7B:0E:DE:1D:FB:77:37:94:42:86:A1:99:D8:E8 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:4000::/40 Signature Algorithm: sha256WithRSAEncryption 7d:75:fe:b9:2e:1e:ab:e0:a3:b7:f3:36:f5:1c:9b:42:35:69: 93:8c:d8:fb:57:ec:5e:c7:9d:1d:f0:e8:3d:de:dc:e6:8f:85: ae:80:aa:3e:0d:83:34:ca:a0:6e:2f:52:45:35:1e:6b:9c:9c: 2b:fc:e3:f1:80:b4:96:ca:90:a9:a9:71:da:bf:ac:6a:f3:7d: 2a:dd:d5:85:26:d4:5e:7a:75:4e:c2:4f:80:ef:f0:97:98:a8: 3a:d3:31:92:da:d4:fb:a6:bd:0c:42:52:eb:10:b5:c8:08:f8: 18:31:7e:5d:94:5a:ef:dc:a3:82:98:7a:b6:e5:55:a2:75:3b: 07:af:28:2d:82:e9:0e:28:79:65:9a:2d:01:65:9a:6f:f8:4d: dd:53:74:8a:a6:8e:01:71:a2:fc:20:97:cc:c7:bb:2f:2e:06: 3a:c4:8e:82:a9:74:d7:d0:60:70:92:98:26:62:22:b7:22:d7: 1a:e7:23:50:b9:33:3e:c9:82:89:70:e3:09:3b:59:1f:e8:b2: 0c:84:29:b0:71:db:a1:23:bc:a5:ec:9e:c4:0d:07:68:a0:0b: fe:e7:d6:39:5f:8b:bc:62:04:cd:78:4b:55:42:a3:2c:ae:27: 1c:42:96:ab:f6:ea:ad:8b:18:9f:82:70:8e:aa:44:ec:d4:f1: 37:d8:8e:e7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAslPuVGZXyIfZJGjMFBZthmRsgowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyMTE3MDAwN1oX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMTI0ZjQ4YmM5OTdjZjU5MmVlYWJl NzZhMTJhZDliY2UyYzQxNDNiYmNmMmIwODYxYzU4NjA0ZmQ0M2FhMjJhNjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93E5Yw2t/P1XxBAPhBl982a3aUaa 02ntzruobD+VHnJaBt4yV+rGp8JMuqhWZIpe6FMgksnzHd75cYGKCsBPXKtRhXVt JuPPnyvHhqkFDjODNrD/Fi8E4PlE3Jc1vKfAwda18mwWaWBbeDCLqVDeBuRRPeTz 78EnaXDBHeSPLbOHMggWCEvZUT5d2XVcovDX5iROuMd1Ht4gKMtKgxuSUuVK/B7W /8EAbvpjYkvD1Ct7n7njw3D1ZttRX6HqmRbFKRiMbV9+zWCm0KKeQ1MTyIJNmBgT ybDkNEOVNvGTcl/auqb16p2YsB+afrl41M0BVeylqF9eUBW3K8S+XxXzyQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKHnESaurnsO3h37dzeUQoahmdjoMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzJjN2RjOTllLTE2YzUtNDMxMi1iNjEzLWFjNDJlOGI1MmYxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+EAwDQYJKoZIhvcNAQELBQADggEBAH11/rkuHqvgo7fzNvUc m0I1aZOM2PtX7F7HnR3w6D3e3OaPha6Aqj4NgzTKoG4vUkU1HmucnCv84/GAtJbK kKmpcdq/rGrzfSrd1YUm1F56dU7CT4Dv8JeYqDrTMZLa1PumvQxCUusQtcgI+Bgx fl2UWu/co4KYerblVaJ1OwevKC2C6Q4oeWWaLQFlmm/4Td1TdIqmjgFxovwgl8zH uy8uBjrEjoKpdNfQYHCSmCZiIrci1xrnI1C5Mz7Jgolw4wk7WR/osgyEKbBx26Ej vKXsnsQNB2igC/7n1jlfi7xiBM14S1VCoyyuJxxClqv26q2LGJ+CcI6qROzU8TfY juc= -----END CERTIFICATE-----Generated at Fri May 9 12:36:26 2025 by rpki-client