$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa File: 3537691c-1a10-4699-a8a0-4cec50a35534.roa (raw, json) Hash identifier: 0M66EgBdHicwao7Oa0HgjDxQ6L/HcpvTLdp26FT6Yo8= Subject key identifier: 22:25:22:2A:47:F7:0E:BC:6C:1D:08:E3:75:D9:8F:3C:91:15:38:F7 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 473284FB36347B51782FD859163E87DF993B0057 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa Signing time: Mon 21 Apr 2025 17:00:11 +0000 ROA not before: Mon 21 Apr 2025 17:00:11 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 00:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:32:84:fb:36:34:7b:51:78:2f:d8:59:16:3e:87:df:99:3b:00:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 21 17:00:11 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=5cff1a375af89e00ddc8142abcb4d800f8ef0864295da72dd4d9218f601fbbbb, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:c2:52:2b:f0:4f:13:6a:ce:7c:4d:1a:41:e5: 29:33:77:4d:52:fd:c5:c8:50:a6:f4:65:9f:da:b5: 81:8c:1a:fa:f4:4e:91:44:09:18:21:0b:24:77:4f: a4:13:9e:b3:2c:72:50:18:7b:2e:27:62:57:c8:47: 51:4e:a2:5a:3d:d2:b8:de:6c:7f:22:1e:49:57:10: e6:ec:48:1b:b9:b2:49:93:f1:42:22:eb:0c:27:3d: 10:41:89:92:ef:30:e3:74:8a:69:89:db:ef:0e:ca: e1:56:5d:ac:f4:07:e3:c5:a6:25:63:46:be:2a:bc: 60:a4:bf:e7:ab:de:91:a6:0f:0e:c2:6e:89:7c:38: b8:37:1a:16:2e:c8:54:3a:c2:42:aa:bf:ec:8f:9b: 52:21:9c:f6:ab:41:45:9e:50:0e:e4:a8:cf:0f:c2: 8f:41:b7:4e:91:ce:e8:44:87:9d:95:c7:73:5a:52: 09:23:79:c3:54:e4:f5:d3:1e:78:0b:34:5a:5a:91: b8:4a:43:0c:e2:59:f5:69:e8:12:67:48:7f:a1:d4: a6:cc:11:2d:74:71:89:06:1c:80:e9:0e:a2:7b:4e: c5:2e:3b:db:ce:9e:bc:89:7c:bb:f5:5b:b7:d6:ef: f7:a7:7d:bd:80:dd:a1:46:a3:c2:ed:b4:4e:8d:0a: 1b:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:25:22:2A:47:F7:0E:BC:6C:1D:08:E3:75:D9:8F:3C:91:15:38:F7 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3537691c-1a10-4699-a8a0-4cec50a35534.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:8000::/40 Signature Algorithm: sha256WithRSAEncryption 18:c5:69:bb:a1:98:fe:87:fe:66:62:ac:01:1e:8d:eb:0d:c5: 6a:14:1f:d8:80:b4:80:f6:4b:55:d7:40:88:ff:8b:52:27:42: 29:2d:91:52:bc:62:8e:dc:5e:0d:e9:62:d9:b4:1a:b3:4d:8d: dd:62:9c:8c:eb:9b:8b:c0:c0:f3:b5:22:a5:65:d5:22:95:02: 21:4a:fd:b6:56:9d:7b:9d:97:7a:dd:75:9b:8a:3a:5a:31:51: 17:b2:e8:a3:19:ad:4e:0a:f3:86:71:59:c6:44:6b:3e:c4:a5: d1:39:3a:b8:4d:f2:48:0c:57:63:c2:19:ce:44:f2:4c:52:b7: 31:57:0e:9c:da:59:c1:f0:af:50:b2:da:db:89:8c:73:d1:a7: 00:dd:36:74:c7:7c:87:ec:07:62:a7:93:80:97:ea:b8:50:aa: 81:75:cd:cf:e8:a5:7d:81:1e:86:45:e2:ae:61:df:62:6e:80: ad:aa:17:fa:07:26:76:e9:fa:10:04:88:cc:1b:26:7e:00:d9: d7:e8:8b:e5:06:75:c1:f1:00:01:62:12:8f:8b:4e:c9:64:b1: 14:18:63:dc:1a:1f:72:95:ca:a4:c2:cf:c9:18:03:31:12:89: d1:e3:68:18:07:ad:88:01:e4:9d:6f:2c:86:a5:2d:ac:78:c1: 4b:8f:5f:15 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURzKE+zY0e1F4L9hZFj6H35k7AFcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyMTE3MDAxMVoX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNANWNmZjFhMzc1YWY4OWUwMGRkYzgx NDJhYmNiNGQ4MDBmOGVmMDg2NDI5NWRhNzJkZDRkOTIxOGY2MDFmYmJiYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncJSK/BPE2rOfE0aQeUpM3dNUv3F yFCm9GWf2rWBjBr69E6RRAkYIQskd0+kE56zLHJQGHsuJ2JXyEdRTqJaPdK43mx/ Ih5JVxDm7EgbubJJk/FCIusMJz0QQYmS7zDjdIppidvvDsrhVl2s9AfjxaYlY0a+ KrxgpL/nq96Rpg8Owm6JfDi4NxoWLshUOsJCqr/sj5tSIZz2q0FFnlAO5KjPD8KP QbdOkc7oRIedlcdzWlIJI3nDVOT10x54CzRaWpG4SkMM4ln1aegSZ0h/odSmzBEt dHGJBhyA6Q6ie07FLjvbzp68iXy79Vu31u/3p329gN2hRqPC7bROjQobmQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCIlIipH9w68bB0I43XZjzyRFTj3MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1Mzc2OTFjLTFhMTAtNDY5OS1hOGEwLTRjZWM1MGEzNTUzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+oAwDQYJKoZIhvcNAQELBQADggEBABjFabuhmP6H/mZirAEe jesNxWoUH9iAtID2S1XXQIj/i1InQiktkVK8Yo7cXg3pYtm0GrNNjd1inIzrm4vA wPO1IqVl1SKVAiFK/bZWnXudl3rddZuKOloxURey6KMZrU4K84ZxWcZEaz7EpdE5 OrhN8kgMV2PCGc5E8kxStzFXDpzaWcHwr1Cy2tuJjHPRpwDdNnTHfIfsB2Knk4CX 6rhQqoF1zc/opX2BHoZF4q5h32JugK2qF/oHJnbp+hAEiMwbJn4A2dfoi+UGdcHx AAFiEo+LTslksRQYY9waH3KVyqTCz8kYAzESidHjaBgHrYgB5J1vLIalLax4wUuP XxU= -----END CERTIFICATE-----Generated at Fri May 9 07:36:16 2025 by rpki-client