$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa File: 5484d331-446c-4042-9500-dd3002e6a910.roa (raw, json) Hash identifier: LcaQggsitwpEAHIjvv/HrT3JSMxjxlWy5wN+I/4CJtc= Subject key identifier: 7E:FD:BF:70:C3:81:E2:4E:A7:F6:0E:C0:76:9F:05:CF:B8:BE:18:B0 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 33CA2EC090AE5D43A93ADC9212C0A93265B3F8FD Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa Signing time: Tue 20 May 2025 00:00:46 +0000 ROA not before: Tue 20 May 2025 00:00:46 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:ca:2e:c0:90:ae:5d:43:a9:3a:dc:92:12:c0:a9:32:65:b3:f8:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:46 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=89c7f2312aba9e5c74a4d8e5e3cca66a6bd9e432ff60b25c5ff0a4c8f6f58211, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:7b:1d:a3:14:bd:b5:56:61:e0:88:ed:83:74: 9f:d8:ff:ae:e1:1f:54:84:c6:8b:1b:57:a5:46:d9: 15:fb:bb:34:08:e8:ff:ee:40:f5:3c:64:de:42:0c: a7:19:04:3c:58:da:9a:cf:37:1a:0a:7e:60:f5:59: 95:87:9d:e4:22:d8:96:4e:e7:7f:7d:c6:02:a1:9b: 22:4d:b3:98:b1:59:30:34:75:ec:ef:c6:13:e1:4e: 19:4d:83:b6:e1:36:f7:42:1d:3b:a0:e3:fb:78:31: cd:3a:0c:b7:c9:65:d2:bf:e4:79:56:33:eb:14:26: 41:85:8e:9a:c1:97:d2:6a:0f:f5:f0:0b:5f:25:13: f7:60:d4:14:59:3c:9e:ee:b7:2d:65:98:3c:df:2b: 7a:04:cd:9a:74:e8:00:8a:9a:2f:6c:dd:9d:1c:ea: 02:57:d0:2b:9f:26:1a:e7:7d:97:17:0a:c8:91:46: 67:11:b1:c4:b9:82:27:85:97:e0:7f:af:bd:45:9e: 5c:9f:ff:25:85:7b:3d:c1:66:f4:ce:5d:7b:83:55: b6:66:c7:f9:fa:f6:ea:9e:ce:91:e3:c6:d0:d3:fe: 95:fe:4f:cf:fd:44:fa:fb:ee:02:ff:d9:08:05:0c: 58:a2:69:24:67:6e:46:25:9e:0a:6e:0d:dc:ca:18: 3a:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:FD:BF:70:C3:81:E2:4E:A7:F6:0E:C0:76:9F:05:CF:B8:BE:18:B0 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:c00::/38 Signature Algorithm: sha256WithRSAEncryption 6b:9a:58:b5:ab:da:48:fd:ce:42:cc:37:a2:d9:f6:61:b6:86: ba:36:41:ef:fd:fc:b8:27:82:d7:52:2d:3a:8c:a6:80:a0:b0: 41:a3:dc:34:be:df:b6:93:88:5c:fa:26:09:7b:27:f4:0e:c7: c1:cd:0b:3e:58:6f:23:49:ff:c8:3f:c1:16:ea:80:0f:48:f8: f9:68:29:1b:f8:49:c3:f6:37:aa:66:ee:80:3e:d6:29:4c:13: 3f:64:bd:73:6c:2f:ab:a9:80:29:07:6a:4b:c0:73:28:98:5f: f1:54:ce:82:4f:f0:f6:a7:92:8b:07:b0:f6:e9:52:9a:d6:7e: bb:be:3f:cc:f6:58:8a:2f:73:6a:a5:01:6f:33:2f:bf:72:94: ad:df:08:a9:54:b9:90:55:96:78:dc:3f:ce:48:19:86:30:f9: a2:c0:89:bc:1e:2b:2c:16:47:0c:95:9b:c2:cb:6e:7b:9b:5a: 90:ad:e8:e2:45:70:c2:ca:ed:da:5f:40:8d:a9:21:95:51:c6: a6:b4:1b:a6:7b:15:6c:e7:fc:1a:7e:d5:35:83:3f:b8:9a:91: 60:aa:48:ba:a2:da:55:e9:75:0a:71:b3:f5:11:d5:f8:1a:fe: 74:ed:a9:8e:11:55:b4:cb:aa:5b:15:ee:fd:04:da:a5:02:5f: 6b:40:05:81 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM8ouwJCuXUOpOtySEsCpMmWz+P0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDA0NloX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAODljN2YyMzEyYWJhOWU1Yzc0YTRk OGU1ZTNjY2E2NmE2YmQ5ZTQzMmZmNjBiMjVjNWZmMGE0YzhmNmY1ODIxMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXsdoxS9tVZh4Ijtg3Sf2P+u4R9U hMaLG1elRtkV+7s0COj/7kD1PGTeQgynGQQ8WNqazzcaCn5g9VmVh53kItiWTud/ fcYCoZsiTbOYsVkwNHXs78YT4U4ZTYO24Tb3Qh07oOP7eDHNOgy3yWXSv+R5VjPr FCZBhY6awZfSag/18AtfJRP3YNQUWTye7rctZZg83yt6BM2adOgAipovbN2dHOoC V9ArnyYa532XFwrIkUZnEbHEuYInhZfgf6+9RZ5cn/8lhXs9wWb0zl17g1W2Zsf5 +vbqns6R48bQ0/6V/k/P/UT6++4C/9kIBQxYomkkZ25GJZ4Kbg3cyhg6FwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH79v3DDgeJOp/YOwHafBc+4vhiwMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU0ODRkMzMxLTQ0NmMtNDA0Mi05NTAwLWRkMzAwMmU2YTkxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAwwDQYJKoZIhvcNAQELBQADggEBAGuaWLWr2kj9zkLMN6LZ 9mG2hro2Qe/9/LgngtdSLTqMpoCgsEGj3DS+37aTiFz6Jgl7J/QOx8HNCz5YbyNJ /8g/wRbqgA9I+PloKRv4ScP2N6pm7oA+1ilMEz9kvXNsL6upgCkHakvAcyiYX/FU zoJP8PankosHsPbpUprWfru+P8z2WIovc2qlAW8zL79ylK3fCKlUuZBVlnjcP85I GYYw+aLAibweKywWRwyVm8LLbnubWpCt6OJFcMLK7dpfQI2pIZVRxqa0G6Z7FWzn /Bp+1TWDP7iakWCqSLqi2lXpdQpxs/UR1fga/nTtqY4RVbTLqlsV7v0E2qUCX2tA BYE= -----END CERTIFICATE-----Generated at Mon Jun 2 04:47:48 2025 by rpki-client