$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: X7IAfya/D/l3Kq60y6kz6peAC1VXLT3ayrznOa4UxDI= Subject key identifier: 47:05:00:78:BF:94:B2:7D:FC:A0:16:12:A8:32:00:69:E9:A6:7B:CB Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0539AAD0BD1E2BF959A088567F938165C6E3618E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Tue 20 May 2025 00:00:14 +0000 ROA not before: Tue 20 May 2025 00:00:14 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:39:aa:d0:bd:1e:2b:f9:59:a0:88:56:7f:93:81:65:c6:e3:61:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:14 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=6a378238d325b53ae37d8cf703cf2b0ba845654e651e4aecab3ac9f67973ef7f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a1:cc:26:c1:97:13:6a:c6:85:eb:66:cd:71: 17:f6:be:16:6b:a2:16:4d:0f:58:41:25:ea:54:35: 07:33:29:71:d2:d9:25:e5:37:f6:b3:05:64:4b:ac: f2:f4:b8:8d:f6:f6:66:b6:fb:d0:7e:ae:05:0d:71: 34:d6:c2:1b:aa:49:69:9c:06:52:a4:9a:74:45:71: 98:73:d5:d8:84:7b:20:20:c5:f4:28:f5:4b:9b:58: a9:4a:c6:00:a9:6a:b8:be:0d:6b:d0:0b:2e:04:ca: f5:26:9b:5f:e0:26:5d:58:e5:d4:7d:63:f4:0f:f5: c6:22:8b:57:2d:64:c3:84:5c:62:08:a9:8e:22:19: d1:4b:72:1d:47:0f:be:7b:5d:a2:ac:27:38:bb:c6: 46:44:23:55:90:68:68:48:af:72:02:5f:48:ac:1c: 23:70:53:bf:de:ee:4d:eb:39:6a:58:7a:97:ec:ee: 80:28:10:1a:9e:97:15:e5:13:ee:0a:0b:98:37:9e: c0:ae:dc:e5:63:c0:2a:40:86:da:6f:fc:92:db:22: de:f3:28:0b:ee:f9:29:c7:ea:4c:cc:ed:ec:79:87: f5:a2:7c:cf:bb:21:bd:89:ed:38:bc:ee:84:38:f2: ce:ac:47:d8:13:3b:dd:d2:36:7d:e2:ac:39:ae:b2: 3b:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:05:00:78:BF:94:B2:7D:FC:A0:16:12:A8:32:00:69:E9:A6:7B:CB X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption 0f:c4:24:ca:d6:1c:d9:fc:17:1f:6d:b0:bd:04:fe:8f:75:ee: af:21:2b:5e:c7:d8:f8:04:ee:1d:ca:01:11:73:45:89:37:51: 80:35:3c:35:46:06:7e:f6:5b:ef:8a:61:c8:c1:6a:47:c5:b2: 5f:73:35:09:29:b6:0e:54:2e:db:69:90:87:8c:54:fe:72:2e: 2d:dd:b7:08:ad:1b:d3:8c:aa:52:35:63:0f:ed:87:cc:d2:00: 8c:0f:cf:1a:d9:1d:a0:5c:78:dc:e2:00:f0:31:26:42:f4:e3: de:13:b0:0c:ef:0e:f6:55:39:02:f2:35:bd:e7:dd:c4:15:8e: 3e:69:f6:d7:a4:9b:0c:d1:d5:91:5a:ba:fa:c0:09:2c:74:32: 2f:42:5a:fb:8b:30:da:33:fe:85:3d:9a:f9:02:8d:d4:0c:58: 5e:4b:47:61:e6:85:72:49:12:bd:ae:49:a8:91:ba:1c:bd:87: 8f:29:d3:a8:1c:34:91:97:6d:a0:9f:66:8a:41:f7:83:47:5b: f4:2e:fe:83:67:f7:6e:4a:03:36:5e:35:78:af:e6:af:b1:a7: 97:0c:87:4f:48:8f:68:a8:e9:c9:8c:a4:08:74:d3:a0:c9:fe: c8:2d:a8:93:20:8d:c4:1b:a9:9e:8d:61:95:15:8e:03:5d:af: c8:c8:28:8e -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUBTmq0L0eK/lZoIhWf5OBZcbjYY4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDAxNFoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNANmEzNzgyMzhkMzI1YjUzYWUzN2Q4 Y2Y3MDNjZjJiMGJhODQ1NjU0ZTY1MWU0YWVjYWIzYWM5ZjY3OTczZWY3ZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKHMJsGXE2rGhetmzXEX9r4Wa6IW TQ9YQSXqVDUHMylx0tkl5Tf2swVkS6zy9LiN9vZmtvvQfq4FDXE01sIbqklpnAZS pJp0RXGYc9XYhHsgIMX0KPVLm1ipSsYAqWq4vg1r0AsuBMr1Jptf4CZdWOXUfWP0 D/XGIotXLWTDhFxiCKmOIhnRS3IdRw++e12irCc4u8ZGRCNVkGhoSK9yAl9IrBwj cFO/3u5N6zlqWHqX7O6AKBAanpcV5RPuCguYN57ArtzlY8AqQIbab/yS2yLe8ygL 7vkpx+pMzO3seYf1onzPuyG9ie04vO6EOPLOrEfYEzvd0jZ94qw5rrI7NQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFEcFAHi/lLJ9/KAWEqgyAGnppnvLMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAD8QkytYc2fwXH22wvQT+ j3XuryErXsfY+ATuHcoBEXNFiTdRgDU8NUYGfvZb74phyMFqR8WyX3M1CSm2DlQu 22mQh4xU/nIuLd23CK0b04yqUjVjD+2HzNIAjA/PGtkdoFx43OIA8DEmQvTj3hOw DO8O9lU5AvI1vefdxBWOPmn216SbDNHVkVq6+sAJLHQyL0Ja+4sw2jP+hT2a+QKN 1AxYXktHYeaFckkSva5JqJG6HL2HjynTqBw0kZdtoJ9mikH3g0db9C7+g2f3bkoD Nl41eK/mr7GnlwyHT0iPaKjpyYykCHTToMn+yC2okyCNxBupno1hlRWOA12vyMgo jg== -----END CERTIFICATE-----Generated at Mon Jun 2 04:47:48 2025 by rpki-client