$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa File: 8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa (raw, json) Hash identifier: UsbTdAc6XEgCkQAlM35x6P7ALD6WyMTXo9KsIMx1FeM= Subject key identifier: AF:96:8D:3D:39:66:2F:AB:47:F9:FE:B3:64:5E:36:9C:16:05:8D:F2 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3524B545DCE0EB3C81A0A25F62EC9055A5EF6246 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa Signing time: Tue 20 May 2025 00:00:47 +0000 ROA not before: Tue 20 May 2025 00:00:47 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:24:b5:45:dc:e0:eb:3c:81:a0:a2:5f:62:ec:90:55:a5:ef:62:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:47 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=42d0971a3e9853fb5798fc4600f4b253463065288af9562529c02c7fe4234c8f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:62:21:38:9a:fc:eb:28:dc:31:14:9c:b6:8d: e9:32:57:50:29:25:60:3d:0c:69:c2:ce:bd:00:d9: b3:4e:1c:73:c2:87:7d:27:0d:d6:e8:48:c2:69:4d: 8a:a8:67:a3:80:31:99:35:20:f4:bc:86:f7:8d:bb: 47:db:4f:29:7c:70:2c:bf:fc:cb:83:73:27:c8:77: e8:52:82:d0:ae:35:ed:7a:bd:d8:a5:22:b5:a2:d0: 5c:02:04:44:2c:c7:e7:eb:07:b6:af:6f:29:62:16: 37:5e:00:28:c0:f6:ef:25:1c:62:f3:ff:13:b8:6c: f5:8f:f6:5e:e8:e2:6d:57:37:0a:b3:94:ba:5e:29: c0:a7:68:ff:ca:3a:3e:c8:06:4e:60:e3:f5:ef:7e: ed:99:db:cc:eb:7f:77:97:ac:27:a1:19:d2:23:45: 6d:05:24:57:44:1c:5d:95:cc:70:00:9b:3f:c0:a9: e2:ea:64:c8:6b:ff:05:a4:ee:18:91:b6:04:79:62: 46:62:d1:f7:12:c4:58:95:47:c7:c6:a0:10:0d:f0: 9a:1d:ac:87:94:77:0b:b1:c5:cd:83:97:01:ae:32: 9e:8a:b4:d9:9a:6b:09:7a:3a:ba:76:d8:76:d4:14: 26:bf:b1:a1:3b:32:a6:08:c5:ba:81:e7:e7:41:64: 84:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:96:8D:3D:39:66:2F:AB:47:F9:FE:B3:64:5E:36:9C:16:05:8D:F2 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:400::/38 Signature Algorithm: sha256WithRSAEncryption 59:5f:b0:24:6f:91:bc:b1:8b:81:e0:ae:0b:18:04:f2:41:e7: 3a:54:3f:c9:36:a6:cc:e6:01:66:e1:75:d9:3a:5c:04:5a:e6: 6d:8e:6a:c4:ed:f7:1d:ec:3f:ad:d3:66:09:55:22:3a:c9:a9: 9b:3d:d1:8e:b1:09:d9:9a:da:d9:cc:4e:17:fd:f1:ee:98:99: 8a:09:5c:3c:1b:35:4b:2d:e2:71:62:3b:b1:4a:d8:10:4d:7b: 8b:54:6c:36:26:65:b2:79:ec:4e:08:c1:66:f5:0f:a3:8b:e8: 26:34:b6:5b:bc:ca:7b:e4:fc:34:3d:d7:d8:2a:24:97:86:40: a9:15:b6:a5:cc:bc:f8:0f:9a:a0:a9:52:5e:45:f7:98:67:d2: b8:f1:d2:87:a8:1d:b8:9d:8c:a0:c1:4e:c9:6d:9b:bc:2b:ff: aa:77:49:b0:c8:31:eb:bd:7f:4a:10:f3:f9:55:14:a6:64:41: db:db:79:52:c6:14:b4:97:8e:9b:8c:56:1e:63:f3:3c:7a:85: e1:63:ed:b2:30:0d:06:50:dc:41:5e:ab:b9:d6:60:aa:07:dd: 75:03:d2:c8:ff:b4:e3:ad:a6:90:6c:a0:d9:21:06:38:44:53: f6:67:fe:7e:d0:ed:2a:1a:08:f6:39:9e:35:b5:50:e3:ee:b3: 2f:d0:63:85 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNSS1Rdzg6zyBoKJfYuyQVaXvYkYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDA0N1oX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNANDJkMDk3MWEzZTk4NTNmYjU3OThm YzQ2MDBmNGIyNTM0NjMwNjUyODhhZjk1NjI1MjljMDJjN2ZlNDIzNGM4ZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGIhOJr86yjcMRScto3pMldQKSVg PQxpws69ANmzThxzwod9Jw3W6EjCaU2KqGejgDGZNSD0vIb3jbtH208pfHAsv/zL g3MnyHfoUoLQrjXter3YpSK1otBcAgRELMfn6we2r28pYhY3XgAowPbvJRxi8/8T uGz1j/Ze6OJtVzcKs5S6XinAp2j/yjo+yAZOYOP1737tmdvM6393l6wnoRnSI0Vt BSRXRBxdlcxwAJs/wKni6mTIa/8FpO4YkbYEeWJGYtH3EsRYlUfHxqAQDfCaHayH lHcLscXNg5cBrjKeirTZmmsJejq6dth21BQmv7GhOzKmCMW6gefnQWSEmwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK+WjT05Zi+rR/n+s2ReNpwWBY3yMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzhiZjMxMWU5LWQyN2YtNDZmYS04ZjA1LTJlZDZiMTc2YjViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAQwDQYJKoZIhvcNAQELBQADggEBAFlfsCRvkbyxi4HgrgsY BPJB5zpUP8k2pszmAWbhddk6XARa5m2OasTt9x3sP63TZglVIjrJqZs90Y6xCdma 2tnMThf98e6YmYoJXDwbNUst4nFiO7FK2BBNe4tUbDYmZbJ57E4IwWb1D6OL6CY0 tlu8ynvk/DQ919gqJJeGQKkVtqXMvPgPmqCpUl5F95hn0rjx0oeoHbidjKDBTslt m7wr/6p3SbDIMeu9f0oQ8/lVFKZkQdvbeVLGFLSXjpuMVh5j8zx6heFj7bIwDQZQ 3EFeq7nWYKoH3XUD0sj/tOOtppBsoNkhBjhEU/Zn/n7Q7SoaCPY5njW1UOPusy/Q Y4U= -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:15 2025 by rpki-client