$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa File: 2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa (raw, json) Hash identifier: C016QT1rjtcguFESCb80WvX+rW7SHkYRzHzEHrkYtLg= Subject key identifier: 64:63:7B:EC:99:DF:23:72:47:B5:D6:DF:52:A5:97:66:C7:D9:B9:46 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 26877D9AD53819359A7BE1639F0A3502B03EB131 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Feb 2025 00:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:87:7d:9a:d5:38:19:35:9a:7b:e1:63:9f:0a:35:02:b0:3e:b1:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:cf:b2:62:bf:e0:04:f0:d5:af:bf:55:95:b5: ec:26:dc:d8:82:2b:6b:93:81:ea:c5:b3:31:ae:7a: e1:74:13:4e:8d:ea:64:c5:e1:54:36:43:7b:fd:9e: fe:1c:c0:db:4a:98:7e:ff:5f:c7:a0:95:d9:9f:21: ac:54:c3:c2:55:c0:ca:ca:16:39:2a:4c:5d:8c:af: 92:e7:d9:0a:e6:b7:be:53:ba:93:5f:aa:ef:35:25: 37:29:3f:4a:77:35:b7:0c:03:76:26:66:14:6d:a8: ca:1a:c3:41:c1:de:35:3a:30:63:a1:f5:fe:b8:ed: 5d:1d:1c:5a:1e:4c:32:c7:fd:71:d9:d2:dc:46:a0: 91:8c:18:e8:b5:78:c3:97:6c:5a:81:33:a5:ba:08: 31:26:cf:03:82:3f:c8:b8:5e:67:f8:3a:c2:74:e8: e7:54:ce:62:4b:f0:58:72:93:7a:28:59:85:4d:b4: e9:7c:68:af:20:0b:f9:92:bf:96:70:c1:3b:5c:46: 60:97:b8:70:84:d4:a5:0d:2f:d8:c9:00:18:a6:47: 93:f3:8d:dd:71:11:0d:31:16:4e:5c:e7:9d:6f:5b: 97:f7:34:4e:9b:56:b1:0b:18:b9:f0:bb:a3:2a:8e: e5:af:a1:4e:f0:d4:51:d2:47:57:38:1b:5f:da:e6: 41:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:63:7B:EC:99:DF:23:72:47:B5:D6:DF:52:A5:97:66:C7:D9:B9:46 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:4000::/40 Signature Algorithm: sha256WithRSAEncryption 5c:9b:d3:8b:24:79:ad:24:4a:5b:cb:52:2c:4e:d8:ec:85:a3: 79:1a:1f:fa:68:c3:bd:34:9a:54:77:2b:f3:23:db:91:52:fb: 15:76:9e:de:44:ba:df:9d:fe:61:c5:db:7a:86:ee:80:89:8f: e2:b8:de:47:75:72:1e:9b:a7:c7:df:a4:80:56:1a:95:32:7e: 05:e8:34:99:4c:32:a7:69:75:e2:cc:d2:01:ee:83:cf:be:d9: e9:06:66:eb:f0:70:03:15:81:d0:4a:2d:dd:53:b2:9b:52:d8: 1b:3e:50:05:1b:2d:17:fd:c7:8e:3d:f6:75:c6:e1:44:00:42: 0c:14:c9:46:9f:dc:83:73:c4:28:0b:f7:5f:07:34:d6:0f:87: aa:b3:15:9a:89:86:7b:b0:73:ff:51:bb:d9:a2:d7:69:67:3a: 99:cc:39:4f:4e:ae:1a:76:51:53:84:56:84:90:db:8e:66:8c: 99:26:89:15:73:ab:48:59:47:b2:5c:ee:02:87:9b:34:e7:a9: 3d:64:3b:79:d5:55:1f:5e:6f:6b:a7:47:58:a8:f9:cc:f9:0f: 1f:13:f4:3b:ac:07:fb:8d:5e:cc:42:3f:24:22:68:3f:f4:39: fc:5e:95:77:17:52:1e:f8:a5:98:f1:68:32:25:dd:95:70:74: c9:c1:aa:88 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJod9mtU4GTWae+Fjnwo1ArA+sTEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZDJiN2UwOGNkMTE3YzA4NjBiNGYx NTk0NjM5NGJmNzlhN2Y2NmU1ZTlmNmUwMjdmZTgxOWZlZTg0OWVkZTc1MjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs+yYr/gBPDVr79VlbXsJtzYgitr k4HqxbMxrnrhdBNOjepkxeFUNkN7/Z7+HMDbSph+/1/HoJXZnyGsVMPCVcDKyhY5 KkxdjK+S59kK5re+U7qTX6rvNSU3KT9KdzW3DAN2JmYUbajKGsNBwd41OjBjofX+ uO1dHRxaHkwyx/1x2dLcRqCRjBjotXjDl2xagTOluggxJs8Dgj/IuF5n+DrCdOjn VM5iS/BYcpN6KFmFTbTpfGivIAv5kr+WcME7XEZgl7hwhNSlDS/YyQAYpkeT843d cRENMRZOXOedb1uX9zROm1axCxi58LujKo7lr6FO8NRR0kdXOBtf2uZBJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGRje+yZ3yNyR7XW31Kll2bH2blGMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzJjN2RjOTllLTE2YzUtNDMxMi1iNjEzLWFjNDJlOGI1MmYxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+EAwDQYJKoZIhvcNAQELBQADggEBAFyb04skea0kSlvLUixO 2OyFo3kaH/pow700mlR3K/Mj25FS+xV2nt5Eut+d/mHF23qG7oCJj+K43kd1ch6b p8ffpIBWGpUyfgXoNJlMMqdpdeLM0gHug8++2ekGZuvwcAMVgdBKLd1TsptS2Bs+ UAUbLRf9x4499nXG4UQAQgwUyUaf3INzxCgL918HNNYPh6qzFZqJhnuwc/9Ru9mi 12lnOpnMOU9Orhp2UVOEVoSQ245mjJkmiRVzq0hZR7Jc7gKHmzTnqT1kO3nVVR9e b2unR1io+cz5Dx8T9DusB/uNXsxCPyQiaD/0OfxelXcXUh74pZjxaDIl3ZVwdMnB qog= -----END CERTIFICATE-----Generated at Sun Feb 16 15:33:51 2025 by rpki-client