$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa File: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (raw, json) Hash identifier: BRiPcx7wO5ukN0xx46asTl4mb/vQsItP1T6r8efT7PY= Subject key identifier: 93:18:B6:A4:D7:4B:2D:1C:B2:47:BE:82:63:65:6C:A4:20:E5:27:CB Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3DE11D25BF5D83E03F0DFB4D694F8EFA965E119C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa Signing time: Fri 16 May 2025 16:00:11 +0000 ROA not before: Fri 16 May 2025 16:00:11 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:e1:1d:25:bf:5d:83:e0:3f:0d:fb:4d:69:4f:8e:fa:96:5e:11:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 16 16:00:11 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=6c299f758a15c84ff37d310e6a6a58b6858a9e9cdbca380337339f11aa7b7c54, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c7:54:4f:b3:ed:b6:4e:26:ea:5c:62:de:58: 61:c6:da:7f:ee:76:dc:2a:77:09:65:e5:4a:0a:9f: fd:10:9d:a6:d7:40:a9:d6:52:52:c2:89:28:74:5c: bb:df:45:ee:37:ba:29:69:e7:15:be:09:3c:02:ab: ff:d1:9a:59:1d:65:c6:a9:94:21:3e:a9:19:8b:d0: 5e:90:3a:94:02:c3:89:ed:d4:4e:7f:24:ff:c3:99: 3a:1b:dc:ed:3e:c9:26:60:bb:cb:ff:c9:a0:3a:8e: c3:08:a5:8c:c0:37:b7:68:a7:ae:4c:ea:a3:40:b8: 8a:52:30:40:58:ee:33:bd:53:4d:31:48:fc:11:dd: 5d:ce:ac:1a:2c:10:da:a4:a9:44:59:c9:af:94:5f: 8e:9d:8c:36:d3:b0:10:45:58:f5:0d:b4:cf:b0:31: 80:5d:79:4f:cd:ca:8d:c6:f7:05:ed:69:68:f4:86: de:84:4d:63:e4:68:52:72:df:9e:56:0b:03:66:8f: b3:eb:12:bb:84:9e:57:6b:a1:64:a0:b0:2e:05:83: 93:58:82:37:58:a3:b4:65:62:d4:55:28:3a:74:d0: 4d:cc:91:d0:2a:ee:13:16:d5:60:27:3d:bb:33:7e: 26:64:1c:1d:ba:93:a6:93:98:27:d8:0b:ac:8c:ba: 24:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:18:B6:A4:D7:4B:2D:1C:B2:47:BE:82:63:65:6C:A4:20:E5:27:CB X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:8000::/40 Signature Algorithm: sha256WithRSAEncryption 7c:5a:7d:3f:c0:ef:76:12:89:3f:7e:fd:d7:c0:a4:c4:8e:ee: 98:8f:cd:dc:46:a6:6f:e9:c5:96:5c:6e:96:5a:c5:f5:4d:26: 0f:0f:b3:08:11:df:6f:a4:cd:e8:d7:0e:43:e4:26:d8:79:96: a6:7b:7b:dc:de:52:f3:1d:5e:d5:08:c0:cc:b4:41:a1:da:9b: 97:7f:53:e7:8f:94:0c:81:0d:0a:db:0a:3b:53:ef:e4:c0:08: 52:0e:37:7f:52:d8:1d:92:97:72:1f:1f:6e:39:21:ed:2d:5c: 73:e7:32:ae:3b:fd:95:ff:00:59:9b:02:e2:65:6e:7d:c7:68: 58:c2:87:82:2d:06:02:bd:46:b4:6d:81:f2:6f:0d:df:b8:a7: c8:8e:13:d4:86:42:5a:3f:61:12:0e:2c:ba:11:32:61:95:1f: b1:90:3c:92:ef:82:c4:93:14:0c:24:f4:16:93:ef:7f:f0:7b: d6:5f:bd:19:93:dd:46:45:78:27:d0:17:25:66:9a:72:86:24: 73:38:e4:c5:b9:d2:42:17:77:6f:3c:b1:ae:78:2a:b5:ff:de: 87:dc:e4:8d:72:ff:2f:6e:46:7c:8d:d5:4b:da:41:7f:67:fe: ac:27:93:aa:42:82:51:33:97:29:11:c1:bc:99:03:79:de:05: 84:7b:45:cc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPeEdJb9dg+A/DftNaU+O+pZeEZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUxNjE2MDAxMVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANmMyOTlmNzU4YTE1Yzg0ZmYzN2Qz MTBlNmE2YTU4YjY4NThhOWU5Y2RiY2EzODAzMzczMzlmMTFhYTdiN2M1NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMdUT7Pttk4m6lxi3lhhxtp/7nbc KncJZeVKCp/9EJ2m10Cp1lJSwokodFy730XuN7opaecVvgk8Aqv/0ZpZHWXGqZQh PqkZi9BekDqUAsOJ7dROfyT/w5k6G9ztPskmYLvL/8mgOo7DCKWMwDe3aKeuTOqj QLiKUjBAWO4zvVNNMUj8Ed1dzqwaLBDapKlEWcmvlF+OnYw207AQRVj1DbTPsDGA XXlPzcqNxvcF7Wlo9IbehE1j5GhSct+eVgsDZo+z6xK7hJ5Xa6FkoLAuBYOTWII3 WKO0ZWLUVSg6dNBNzJHQKu4TFtVgJz27M34mZBwdupOmk5gn2AusjLokEwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJMYtqTXSy0cske+gmNlbKQg5SfLMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU3Zjg0MzNjLWYxNjItNGIxMC04NTI3LWZiZjdjZGJiNmFhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+IAwDQYJKoZIhvcNAQELBQADggEBAHxafT/A73YSiT9+/dfA pMSO7piPzdxGpm/pxZZcbpZaxfVNJg8PswgR32+kzejXDkPkJth5lqZ7e9zeUvMd XtUIwMy0QaHam5d/U+ePlAyBDQrbCjtT7+TACFION39S2B2Sl3IfH245Ie0tXHPn Mq47/ZX/AFmbAuJlbn3HaFjCh4ItBgK9RrRtgfJvDd+4p8iOE9SGQlo/YRIOLLoR MmGVH7GQPJLvgsSTFAwk9BaT73/we9ZfvRmT3UZFeCfQFyVmmnKGJHM45MW50kIX d288sa54KrX/3ofc5I1y/y9uRnyN1UvaQX9n/qwnk6pCglEzlykRwbyZA3neBYR7 Rcw= -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:15 2025 by rpki-client