$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa File: 64aa0337-4cf9-42c7-b236-4cd36e69005e.roa (raw, json) Hash identifier: FGXkTIHzyicfXR+VAFlQ3JOnwn9jQqw6vF2DMb7aTkM= Subject key identifier: 2F:0B:2D:E1:4B:2C:30:E7:BA:AF:92:DD:B2:08:83:3D:63:A9:4F:25 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2F293A61D1FFEBB7E842076CE2BF2EC50F029179 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa Signing time: Tue 20 May 2025 00:00:14 +0000 ROA not before: Tue 20 May 2025 00:00:14 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:29:3a:61:d1:ff:eb:b7:e8:42:07:6c:e2:bf:2e:c5:0f:02:91:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:14 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=687a6c8cececcbfa4901085bed6f3cac668e4e28b4911978c3d3922c965f68ba, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:f0:1a:3a:6f:d2:b5:9e:2e:39:c0:d7:bd:78: 6c:63:c2:55:db:8c:de:74:59:eb:d1:45:0d:86:c3: c6:89:bc:b8:7c:2f:43:9e:0f:d1:8a:15:be:69:65: 2d:67:bb:b4:4d:c0:9d:c6:4b:b8:2d:eb:cc:86:24: 5a:c4:c6:4d:23:2c:1e:9f:9a:ca:d7:ec:a4:47:3f: 48:53:51:8e:f3:a1:9b:2a:e6:11:cd:89:52:3c:e0: a9:4b:87:77:be:51:31:7e:ea:db:83:10:90:23:1b: ba:0d:f6:f2:fc:ea:52:bd:00:9e:8f:5c:2f:b5:0a: cb:df:b3:94:49:44:80:4d:16:d8:60:65:ca:c3:86: 77:66:92:8c:3e:32:dd:2e:02:ab:10:8b:5f:27:0e: 7b:d2:91:43:52:77:7c:55:b0:17:fb:50:ba:27:dc: fa:b6:8e:1a:33:f9:8f:2f:b6:82:7f:91:8a:f6:7a: 20:01:32:da:f7:0c:42:8b:da:35:23:d0:cc:54:a7: 50:e8:d2:c8:a2:03:1d:b5:c8:b7:87:bd:f4:e3:22: 19:74:d9:ef:a6:bd:d1:f1:72:97:f0:a5:11:ee:98: d9:f3:49:20:ee:60:af:f3:58:69:88:6c:8e:ef:9f: 99:74:20:33:3a:31:f3:cd:c3:4a:c9:bb:c3:c2:24: f8:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:0B:2D:E1:4B:2C:30:E7:BA:AF:92:DD:B2:08:83:3D:63:A9:4F:25 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f1::/32 Signature Algorithm: sha256WithRSAEncryption 25:d9:3f:97:62:50:ea:55:29:13:99:e3:cd:1d:af:85:2c:07: 06:0a:21:55:c2:1b:18:36:19:43:22:70:d0:80:9f:36:f1:87: 28:26:7f:b5:c9:cb:8d:5a:a2:11:35:f0:6e:d8:ef:33:98:36: a4:68:68:f4:e1:af:c0:84:94:1b:f2:04:7c:73:6b:bb:6d:2d: 1d:29:6b:43:2a:06:ae:50:51:74:38:12:dd:7a:3d:ff:ef:21: fd:73:82:81:24:5c:50:f8:86:d3:6c:67:53:33:f2:18:2a:fe: 4d:81:8c:f7:56:49:b9:22:48:09:8c:56:62:34:fd:3e:a8:ed: f4:89:4e:0e:c7:cf:fc:3c:48:c2:c8:2d:f5:ad:ef:f0:6c:72: 7e:3f:92:0d:12:38:29:65:fb:cb:0e:f6:96:11:f7:54:c5:c3: 99:32:0a:61:ea:bc:94:d3:a7:c3:92:ae:e6:f4:b5:9d:50:fa: 5a:b1:fe:5b:8d:8d:c1:ad:b3:45:41:3f:2f:f0:af:fe:ce:20: 8d:c3:e0:5a:8a:05:96:ab:a2:c4:2e:4a:0a:3d:e4:b6:d4:3c: 59:79:51:45:43:3f:5e:de:6c:25:d0:ce:8d:b3:9a:f6:9a:00: af:6b:3c:ab:0d:15:b7:1e:52:17:cf:a9:59:b2:bc:18:4c:83: b5:83:ae:61 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIULyk6YdH/67foQgds4r8uxQ8CkXkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDAxNFoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNANjg3YTZjOGNlY2VjY2JmYTQ5MDEw ODViZWQ2ZjNjYWM2NjhlNGUyOGI0OTExOTc4YzNkMzkyMmM5NjVmNjhiYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9PAaOm/StZ4uOcDXvXhsY8JV24ze dFnr0UUNhsPGiby4fC9Dng/RihW+aWUtZ7u0TcCdxku4LevMhiRaxMZNIywen5rK 1+ykRz9IU1GO86GbKuYRzYlSPOCpS4d3vlExfurbgxCQIxu6Dfby/OpSvQCej1wv tQrL37OUSUSATRbYYGXKw4Z3ZpKMPjLdLgKrEItfJw570pFDUnd8VbAX+1C6J9z6 to4aM/mPL7aCf5GK9nogATLa9wxCi9o1I9DMVKdQ6NLIogMdtci3h7304yIZdNnv pr3R8XKX8KUR7pjZ80kg7mCv81hpiGyO75+ZdCAzOjHzzcNKybvDwiT4RwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFC8LLeFLLDDnuq+S3bIIgz1jqU8lMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzY0YWEwMzM3LTRjZjktNDJjNy1iMjM2LTRjZDM2ZTY5MDA1ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8TANBgkqhkiG9w0BAQsFAAOCAQEAJdk/l2JQ6lUpE5njzR2v hSwHBgohVcIbGDYZQyJw0ICfNvGHKCZ/tcnLjVqiETXwbtjvM5g2pGho9OGvwISU G/IEfHNru20tHSlrQyoGrlBRdDgS3Xo9/+8h/XOCgSRcUPiG02xnUzPyGCr+TYGM 91ZJuSJICYxWYjT9Pqjt9IlODsfP/DxIwsgt9a3v8Gxyfj+SDRI4KWX7yw72lhH3 VMXDmTIKYeq8lNOnw5Ku5vS1nVD6WrH+W42Nwa2zRUE/L/Cv/s4gjcPgWooFlqui xC5KCj3kttQ8WXlRRUM/Xt5sJdDOjbOa9poAr2s8qw0Vtx5SF8+pWbK8GEyDtYOu YQ== -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:14 2025 by rpki-client