$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json) Hash identifier: jy/HYyD2YSRR5in9QKLvKpoZjcVSqKcxXwF72nuwnAk= Subject key identifier: 82:F5:E8:B9:79:A9:AE:02:6B:3B:A8:8B:B2:B8:BC:62:29:5A:C2:66 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5ABFDA3E8B62BB3055F8820B060966F238EBC051 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa Signing time: Tue 22 Apr 2025 00:00:05 +0000 ROA not before: Tue 22 Apr 2025 00:00:05 +0000 ROA not after: Tue 27 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 00:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:bf:da:3e:8b:62:bb:30:55:f8:82:0b:06:09:66:f2:38:eb:c0:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 22 00:00:05 2025 GMT Not After : May 27 23:59:59 2025 GMT Subject: serialNumber=2bcbab6d200847ccbdffa2726dd04ba1018bbf499e5241d2f971555e2df9123f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d3:40:5d:e2:36:a0:84:14:66:66:97:c3:7e: 37:5e:9b:16:e8:fd:9c:da:ae:75:0c:a6:77:12:2b: 91:46:26:01:23:11:6e:15:3b:d1:e9:3c:a3:54:cc: 15:ac:fa:f5:76:e5:60:b7:6c:a5:c9:97:60:35:ac: 16:d9:36:28:eb:d5:31:37:40:5a:3d:42:44:c8:b7: 49:37:ee:9c:92:b3:b6:3d:36:38:73:ca:68:2c:e4: 10:f9:75:cc:0b:92:c9:98:ab:2a:f0:e4:45:4b:fb: a7:66:a7:1b:b7:b4:6d:ba:1d:a2:90:c2:27:5a:0a: ea:c3:a7:77:a2:57:10:e2:7f:34:f0:ee:ac:68:f6: 02:ab:a5:5f:c1:49:57:d4:53:e8:d4:93:20:1a:c0: 0f:94:66:87:61:e8:00:a1:05:ec:47:5b:03:7a:ca: 9d:1d:d1:f4:07:42:35:81:10:1f:03:aa:4d:25:38: 50:66:b6:0f:55:48:09:a1:2d:75:72:01:2b:85:6a: 7d:28:b0:2a:76:c7:15:38:62:46:12:3e:13:32:9f: c0:d4:63:c7:f5:6f:bf:e4:e7:ec:2c:39:74:65:8e: 64:c4:8d:46:3c:ca:fd:b0:60:7c:5f:ed:64:71:ac: 66:70:ac:02:00:0a:f4:69:c0:c1:a1:a1:21:1f:eb: 52:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:F5:E8:B9:79:A9:AE:02:6B:3B:A8:8B:B2:B8:BC:62:29:5A:C2:66 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 4d:18:ca:52:e7:d4:c8:c5:1c:a2:96:b4:b3:bb:c6:dd:63:9a: f8:f5:58:5d:ce:08:f1:d8:ee:d1:ef:54:cc:b9:97:be:16:10: 81:1b:78:c4:5f:a8:cb:38:16:9b:6b:e8:59:7f:a8:c7:38:71: 8d:b6:37:75:2a:9e:60:93:7a:33:1d:c5:9e:2a:cd:5b:c7:ce: d2:8c:d2:f6:3c:ff:26:19:ea:21:cd:37:ed:60:fd:b1:a3:52: 0a:07:ef:ab:07:47:1b:d6:68:6a:f6:9d:10:e7:db:bc:61:11: ea:63:57:e8:55:ba:6e:2b:e7:e5:42:c3:36:a1:42:98:1f:1f: 27:be:67:59:b8:82:a0:b5:ab:93:d3:12:7f:08:6f:3a:e8:9f: 2a:59:4a:53:10:d9:6d:6f:19:c0:dd:3f:4e:2d:c2:9c:2d:2f: 8f:89:4e:cb:ff:dd:b7:c4:2e:c7:bb:58:3a:70:54:93:e0:75: b4:8d:e6:72:60:bc:03:65:47:62:50:bc:ee:e6:c4:d4:d3:0d: bc:26:08:25:d4:fc:59:ca:1e:97:75:7f:0b:a6:1d:ae:c6:21: 12:cc:0f:02:6e:38:d1:cb:a1:cb:7b:ec:6f:3c:1e:3c:1a:40: c5:4c:2e:56:c6:70:d5:52:13:79:d5:fb:ac:43:9f:b0:d8:b8: 22:fd:b9:8e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWr/aPotiuzBV+IILBglm8jjrwFEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDQyMjAwMDAwNVoX DTI1MDUyNzIzNTk1OVowejFJMEcGA1UEBRNAMmJjYmFiNmQyMDA4NDdjY2JkZmZh MjcyNmRkMDRiYTEwMThiYmY0OTllNTI0MWQyZjk3MTU1NWUyZGY5MTIzZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdNAXeI2oIQUZmaXw343XpsW6P2c 2q51DKZ3EiuRRiYBIxFuFTvR6TyjVMwVrPr1duVgt2ylyZdgNawW2TYo69UxN0Ba PUJEyLdJN+6ckrO2PTY4c8poLOQQ+XXMC5LJmKsq8ORFS/unZqcbt7Rtuh2ikMIn Wgrqw6d3olcQ4n808O6saPYCq6VfwUlX1FPo1JMgGsAPlGaHYegAoQXsR1sDesqd HdH0B0I1gRAfA6pNJThQZrYPVUgJoS11cgErhWp9KLAqdscVOGJGEj4TMp/A1GPH 9W+/5OfsLDl0ZY5kxI1GPMr9sGB8X+1kcaxmcKwCAAr0acDBoaEhH+tSHQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIL16Ll5qa4Cazuoi7K4vGIpWsJmMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBAE0YylLn1MjFHKKWtLO7 xt1jmvj1WF3OCPHY7tHvVMy5l74WEIEbeMRfqMs4Fptr6Fl/qMc4cY22N3UqnmCT ejMdxZ4qzVvHztKM0vY8/yYZ6iHNN+1g/bGjUgoH76sHRxvWaGr2nRDn27xhEepj V+hVum4r5+VCwzahQpgfHye+Z1m4gqC1q5PTEn8IbzronypZSlMQ2W1vGcDdP04t wpwtL4+JTsv/3bfELse7WDpwVJPgdbSN5nJgvANlR2JQvO7mxNTTDbwmCCXU/FnK Hpd1fwumHa7GIRLMDwJuONHLoct77G88HjwaQMVMLlbGcNVSE3nV+6xDn7DYuCL9 uY4= -----END CERTIFICATE-----Generated at Fri May 9 08:33:39 2025 by rpki-client