$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa File: 7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa (raw, json) Hash identifier: BQXG5aWUlzuQ96106Amoc2G7mQbLYe+6/8iF3OURXNQ= Subject key identifier: 2A:0B:7B:19:7B:BB:19:AA:99:9A:3B:00:70:BB:AD:7E:9D:00:04:7C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 22CB54719BB2060F67755C7DB626687A887FF864 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa Signing time: Tue 20 May 2025 00:00:33 +0000 ROA not before: Tue 20 May 2025 00:00:33 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:cb:54:71:9b:b2:06:0f:67:75:5c:7d:b6:26:68:7a:88:7f:f8:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:33 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=3699a5b7cb029c8d664d4c3a39e9598e330da642daaac3f800c1721179c4011a, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f6:fd:d4:69:e2:38:e0:b2:55:90:74:86:ee: 46:c6:76:87:9c:70:a8:57:3d:c7:b6:c0:1c:04:1f: 3c:d6:e0:3f:90:a6:b6:af:c7:d9:c3:00:8b:dd:10: db:4c:ad:6b:1a:7f:de:7a:58:6a:8c:39:6b:ae:d3: 1c:cf:ee:a8:4f:9e:cf:11:4d:0a:36:4d:66:9b:69: de:7c:a4:49:0c:b3:45:5b:ae:8a:b8:2d:32:34:6f: 38:32:d1:76:76:17:17:20:75:13:3d:57:c7:ae:57: b0:fb:06:64:4a:66:e9:bd:57:9f:be:7a:cd:cb:08: a4:27:68:6d:14:c3:2d:29:60:7f:a2:b5:2c:d2:75: fd:f8:ea:26:04:69:12:be:d5:ef:4b:84:75:9b:98: 87:db:34:e2:ee:7e:d5:c6:41:a7:d2:67:b7:3b:1e: 63:d1:69:80:a6:ab:b0:b4:3c:2e:54:a5:d4:99:f9: 02:f5:f7:bb:88:29:be:6f:1c:f8:a7:d5:39:4b:0d: 56:be:26:5b:64:4f:15:d5:11:37:bb:a6:60:4f:9f: 56:dc:ff:bb:29:1b:5d:22:d5:35:13:7c:cd:68:50: 0e:c9:2f:7b:1c:42:49:3a:05:13:32:0e:33:f8:b4: f4:ff:48:2a:32:56:8a:be:40:42:39:d6:4a:20:c5: 0a:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:0B:7B:19:7B:BB:19:AA:99:9A:3B:00:70:BB:AD:7E:9D:00:04:7C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cba22a5-dc61-4413-aed2-8fb4cc8e3a49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 4c:53:7f:3c:67:9e:10:d4:b5:f4:98:d4:1f:4f:7d:b0:78:07: aa:01:5b:2a:82:bc:40:ed:52:9e:cc:6f:ae:02:25:b1:bc:76: 8b:1d:0d:50:79:ab:d5:77:88:82:57:ec:76:57:4f:45:9c:f8: b9:d4:7f:a3:04:72:a3:01:6c:7d:df:ef:00:ab:75:6f:e9:78: 4b:65:b5:e5:86:ce:e6:6f:b5:79:19:08:77:1a:c5:9d:95:4e: f7:cd:a5:fb:95:a5:4a:f2:ff:47:c1:82:fd:49:99:2c:d2:1d: 01:d3:73:56:2d:f5:2d:87:91:b1:b5:4c:7d:56:01:18:e2:b2: 2e:52:45:3f:21:eb:bb:d7:f4:7f:4d:b8:65:db:6e:95:6b:39: 3f:c3:b8:1e:b1:69:cc:a2:32:e7:6b:b7:e5:93:37:9c:fe:00: ec:df:ff:5a:48:31:b1:50:a9:f6:d5:3e:fc:f1:6b:32:20:b1: 7c:c2:b3:33:b8:50:3e:1c:c0:90:d1:ea:96:64:00:e5:1a:72: 67:ff:5f:0b:7c:98:de:ac:24:05:79:4f:50:0e:7d:8c:85:ac: 4a:5e:59:d8:dc:57:64:4d:21:33:1b:b2:dd:a3:71:51:c5:b4: 1a:0e:0a:e8:66:f4:ba:0c:6a:09:ec:68:ed:e9:38:51:fb:ae: 2e:6d:fa:bd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIstUcZuyBg9ndVx9tiZoeoh/+GQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDAzM1oX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAMzY5OWE1YjdjYjAyOWM4ZDY2NGQ0 YzNhMzllOTU5OGUzMzBkYTY0MmRhYWFjM2Y4MDBjMTcyMTE3OWM0MDExYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfb91GniOOCyVZB0hu5GxnaHnHCo Vz3HtsAcBB881uA/kKa2r8fZwwCL3RDbTK1rGn/eelhqjDlrrtMcz+6oT57PEU0K Nk1mm2nefKRJDLNFW66KuC0yNG84MtF2dhcXIHUTPVfHrlew+wZkSmbpvVefvnrN ywikJ2htFMMtKWB/orUs0nX9+OomBGkSvtXvS4R1m5iH2zTi7n7VxkGn0me3Ox5j 0WmApquwtDwuVKXUmfkC9fe7iCm+bxz4p9U5Sw1WviZbZE8V1RE3u6ZgT59W3P+7 KRtdItU1E3zNaFAOyS97HEJJOgUTMg4z+LT0/0gqMlaKvkBCOdZKIMUKkQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCoLexl7uxmqmZo7AHC7rX6dAAR8MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjYmEyMmE1LWRjNjEtNDQxMy1hZWQyLThmYjRjYzhlM2E0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBAExTfzxnnhDUtfSY1B9P fbB4B6oBWyqCvEDtUp7Mb64CJbG8dosdDVB5q9V3iIJX7HZXT0Wc+LnUf6MEcqMB bH3f7wCrdW/peEtlteWGzuZvtXkZCHcaxZ2VTvfNpfuVpUry/0fBgv1JmSzSHQHT c1Yt9S2HkbG1TH1WARjisi5SRT8h67vX9H9NuGXbbpVrOT/DuB6xacyiMudrt+WT N5z+AOzf/1pIMbFQqfbVPvzxazIgsXzCszO4UD4cwJDR6pZkAOUacmf/Xwt8mN6s JAV5T1AOfYyFrEpeWdjcV2RNITMbst2jcVHFtBoOCuhm9LoMagnsaO3pOFH7ri5t +r0= -----END CERTIFICATE-----Generated at Mon Jun 2 04:42:53 2025 by rpki-client