$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa File: 2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa (raw, json) Hash identifier: KychWaS6OpcDEoKPIr4Ww9rYepvwR1f7E07vN7kG3wo= Subject key identifier: 92:08:C0:F1:1B:0C:DF:9C:A5:51:5F:09:F9:90:E8:46:94:78:F6:2E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4403F8D0816248822343C7BB0F782568EFC3E01C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa Signing time: Fri 28 Feb 2025 20:20:05 +0000 ROA not before: Fri 28 Feb 2025 20:20:05 +0000 ROA not after: Fri 04 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 17 Mar 2025 00:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:03:f8:d0:81:62:48:82:23:43:c7:bb:0f:78:25:68:ef:c3:e0:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000 Validity Not Before: Feb 28 20:20:05 2025 GMT Not After : Apr 4 23:59:59 2025 GMT Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:5a:f5:7c:8e:66:4a:a3:b7:47:43:3c:6a:cd: 82:03:d9:19:39:ea:9c:49:0b:05:4b:fb:0b:d0:77: 54:d0:4e:f2:ce:b1:5c:49:9c:3b:08:db:ee:ee:94: 43:05:f2:bd:d9:49:e4:20:22:ba:7a:bb:f0:b8:2b: 40:be:ff:44:d1:dc:44:dc:21:6b:03:b4:d4:35:7d: 6b:57:c9:7d:81:07:1a:3c:f4:79:8d:47:d2:4a:16: 95:9e:79:28:0b:76:67:99:fe:c1:d3:d6:2a:e3:17: e4:60:28:6f:b4:29:f7:99:01:42:0f:ec:f3:c4:91: b2:6b:6d:c9:30:95:20:52:76:af:b2:da:8d:f4:11: d2:aa:e6:f1:35:c5:d1:ae:7f:df:12:55:06:cd:d4: b5:bd:2a:ac:33:21:7d:b2:4d:64:06:d8:95:9e:d9: 51:3b:f7:3f:ff:96:63:b9:c5:5c:cf:12:87:cc:59: 50:bd:9f:df:1e:98:20:f6:30:41:61:55:aa:d9:14: d6:cc:79:e3:a2:ba:32:e8:e2:b3:87:15:99:f4:ec: 66:4f:3f:a2:c5:b5:4f:6d:4d:63:9b:6d:93:cf:9d: a1:a4:43:8e:0a:87:37:9a:dc:c7:30:e7:61:0c:54: ee:25:55:8a:3b:02:5a:13:a7:29:19:a3:c1:fb:96: 7b:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:08:C0:F1:1B:0C:DF:9C:A5:51:5F:09:F9:90:E8:46:94:78:F6:2E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2c7dc99e-16c5-4312-b613-ac42e8b52f1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:4000::/40 Signature Algorithm: sha256WithRSAEncryption b8:47:ef:91:40:8f:87:ec:3c:5b:82:2c:80:47:72:ad:b1:ac: ac:3c:1e:bf:06:2c:fa:d5:e9:e2:d1:aa:d5:0b:dc:08:23:8c: 45:c3:c9:21:5d:e5:73:a1:98:7a:c7:14:f1:2d:49:80:e9:f2: b2:28:61:c3:fa:5d:f1:0e:6c:a4:52:fd:6a:a1:33:4f:15:6c: e4:63:d8:c9:9e:dc:82:6c:16:83:1f:15:9d:4d:aa:24:82:7b: 9b:5d:98:a3:ba:d3:fc:ad:b3:46:16:24:f7:07:a2:6b:30:8d: 9a:3b:32:7f:07:63:49:4e:1e:10:45:9a:88:46:a9:29:93:20: 5f:b8:2e:cd:c9:a8:e4:3c:96:38:c5:9c:0c:2e:6a:d4:fb:a0: 90:ca:ed:c2:cf:94:a1:04:77:c7:9b:8c:c6:5f:18:1c:61:a8: 79:08:46:9d:38:25:77:b0:16:71:82:37:c9:2d:b8:96:d0:7d: 40:91:12:f4:8b:63:da:f3:cd:25:b3:42:b5:0d:f3:f1:19:dc: 85:5d:85:17:67:f4:7c:fc:6d:91:ed:7b:f1:ef:a4:51:f5:77: 14:c3:c0:08:4a:ad:b7:c5:5f:41:35:37:e1:62:70:3a:81:b1: 14:a4:eb:f2:73:61:36:dd:71:25:44:b3:bb:1f:5a:2b:04:16: 53:19:76:d3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURAP40IFiSIIjQ8e7D3glaO/D4BwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDIyODIwMjAwNVoX DTI1MDQwNDIzNTk1OVowejFJMEcGA1UEBRNAN2RhMjU2Yjc5YjIyMGQyNjgxMjBm NDc1ZjM5NTNmMjliNGM5NGU3YzM4YWZiYTI4MGNlMmY4Y2RkYjBkZGVhYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVr1fI5mSqO3R0M8as2CA9kZOeqc SQsFS/sL0HdU0E7yzrFcSZw7CNvu7pRDBfK92UnkICK6ervwuCtAvv9E0dxE3CFr A7TUNX1rV8l9gQcaPPR5jUfSShaVnnkoC3Znmf7B09Yq4xfkYChvtCn3mQFCD+zz xJGya23JMJUgUnavstqN9BHSqubxNcXRrn/fElUGzdS1vSqsMyF9sk1kBtiVntlR O/c//5ZjucVczxKHzFlQvZ/fHpgg9jBBYVWq2RTWzHnjoroy6OKzhxWZ9OxmTz+i xbVPbU1jm22Tz52hpEOOCoc3mtzHMOdhDFTuJVWKOwJaE6cpGaPB+5Z72QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJIIwPEbDN+cpVFfCfmQ6EaUePYuMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzJjN2RjOTllLTE2YzUtNDMxMi1iNjEzLWFjNDJlOGI1MmYxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+EAwDQYJKoZIhvcNAQELBQADggEBALhH75FAj4fsPFuCLIBH cq2xrKw8Hr8GLPrV6eLRqtUL3AgjjEXDySFd5XOhmHrHFPEtSYDp8rIoYcP6XfEO bKRS/WqhM08VbORj2Mme3IJsFoMfFZ1NqiSCe5tdmKO60/yts0YWJPcHomswjZo7 Mn8HY0lOHhBFmohGqSmTIF+4Ls3JqOQ8ljjFnAwuatT7oJDK7cLPlKEEd8ebjMZf GBxhqHkIRp04JXewFnGCN8ktuJbQfUCREvSLY9rzzSWzQrUN8/EZ3IVdhRdn9Hz8 bZHte/HvpFH1dxTDwAhKrbfFX0E1N+FicDqBsRSk6/JzYTbdcSVEs7sfWisEFlMZ dtM= -----END CERTIFICATE-----Generated at Thu Mar 13 23:53:18 2025 by rpki-client