$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa File: 977f90e2-d257-4dde-9740-b0391458d8ed.roa (raw, json) Hash identifier: LE41KbBR5iWWZqSVqWUcsccVgWALrXyvWZ+e7BpvDTg= Subject key identifier: 41:2D:45:B5:75:47:2B:A7:E3:41:D9:AC:FD:D3:31:B2:33:A1:E8:97 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 65FBD9DAC94719E17775249F5F4A86D60BED1D50 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa Signing time: Tue 20 May 2025 00:00:32 +0000 ROA not before: Tue 20 May 2025 00:00:32 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000::/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:fb:d9:da:c9:47:19:e1:77:75:24:9f:5f:4a:86:d6:0b:ed:1d:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:32 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=db2780a22865d7bae800bf4ec189c6582e73fd5f3ef2534969d2d70e348a4044, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:fe:20:c8:22:59:4c:01:b5:33:28:46:af:ed: b6:0c:83:d2:6c:c1:5f:75:e1:ef:37:3c:1f:ce:08: 57:d4:a1:ce:d7:d4:7e:0d:2b:55:84:90:42:20:14: 1d:fd:e4:cf:29:f8:ee:9e:8c:52:e9:e4:45:ef:24: fe:84:71:6e:64:cb:43:47:18:49:89:b9:34:f7:97: b0:ba:84:58:40:3d:7c:6e:f4:36:62:94:7d:d8:82: 38:4e:fe:f1:2f:ec:80:eb:69:1d:50:d3:c9:54:32: bb:cd:32:fe:62:97:da:eb:e8:d0:34:df:0c:22:d4: 79:c7:e0:4e:90:12:66:df:48:79:fb:b0:a3:e5:48: 81:01:24:7a:e3:70:ba:2c:24:cf:60:51:5e:b9:31: c8:86:2b:56:14:a6:d1:f5:c2:25:43:af:3c:c3:63: ec:0b:c2:4f:be:c1:d8:35:2c:47:03:c1:90:d3:a4: 98:aa:32:a9:11:c4:8f:73:a7:e8:90:40:d1:21:55: 3c:27:64:be:47:5f:d0:77:47:1a:bb:9d:30:15:ce: 5a:74:7a:05:b0:1c:43:f9:8b:bd:e7:19:3a:78:45: 12:9e:01:a0:85:02:78:d9:81:d4:44:93:c3:6a:72: b6:a7:68:9c:25:76:07:97:e4:da:c8:db:46:3a:e4: 05:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:2D:45:B5:75:47:2B:A7:E3:41:D9:AC:FD:D3:31:B2:33:A1:E8:97 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/977f90e2-d257-4dde-9740-b0391458d8ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000::/24 Signature Algorithm: sha256WithRSAEncryption 44:dd:a6:1f:1f:27:80:60:ce:7b:77:48:94:18:dc:9d:f5:4d: b3:81:51:4a:8b:d0:8f:10:c7:65:b6:7c:79:90:a6:a8:a3:24: 9c:61:46:c9:86:b6:63:1e:f3:c4:53:72:4b:fa:e7:25:5e:9b: 31:28:6e:ad:f2:50:09:08:28:b0:34:bb:0c:27:8b:2f:f7:56: ad:3e:3f:d0:4d:63:cc:e3:c2:ed:6d:21:7d:2d:3e:3e:46:a6: b6:1a:7a:d6:f4:1d:76:47:f4:39:88:d4:53:ac:0d:e5:ce:cc: 2e:36:ca:9a:b3:b0:a4:b0:a0:3c:ca:78:51:11:1f:13:ae:3c: 72:3e:91:59:af:70:35:93:f5:d2:83:28:e4:ef:c5:b0:7f:89: c2:9b:ce:b7:77:ba:86:2a:fe:7c:07:17:cf:eb:dc:32:37:9c: 17:85:dc:21:66:94:8e:4a:28:54:31:cb:14:f8:a9:0d:40:c1: 4a:38:70:82:56:30:74:af:b7:70:9a:84:8b:a5:8e:67:f1:d3: cb:31:64:d5:e9:ad:fb:46:89:18:3b:f6:48:6a:41:42:67:d4: 92:f3:1d:55:b5:5f:c9:dc:8a:fe:08:63:34:a9:ec:62:75:87: 9b:89:7d:b1:0f:60:e4:d3:ce:b4:d0:5f:b1:44:17:72:9e:a5: d9:dd:ab:dd -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZfvZ2slHGeF3dSSfX0qG1gvtHVAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDAzMloX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAZGIyNzgwYTIyODY1ZDdiYWU4MDBi ZjRlYzE4OWM2NTgyZTczZmQ1ZjNlZjI1MzQ5NjlkMmQ3MGUzNDhhNDA0NDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4f4gyCJZTAG1MyhGr+22DIPSbMFf deHvNzwfzghX1KHO19R+DStVhJBCIBQd/eTPKfjunoxS6eRF7yT+hHFuZMtDRxhJ ibk095ewuoRYQD18bvQ2YpR92II4Tv7xL+yA62kdUNPJVDK7zTL+Ypfa6+jQNN8M ItR5x+BOkBJm30h5+7Cj5UiBASR643C6LCTPYFFeuTHIhitWFKbR9cIlQ688w2Ps C8JPvsHYNSxHA8GQ06SYqjKpEcSPc6fokEDRIVU8J2S+R1/Qd0cau50wFc5adHoF sBxD+Yu95xk6eEUSngGghQJ42YHURJPDanK2p2icJXYHl+TayNtGOuQFrwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEEtRbV1Ryun40HZrP3TMbIzoeiXMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 Lzk3N2Y5MGUyLWQyNTctNGRkZS05NzQwLWIwMzkxNDU4ZDhlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAAjAGAwQAJA+AMA0GCSqGSIb3DQEBCwUAA4IBAQBE3aYfHyeAYM57d0iUGNyd 9U2zgVFKi9CPEMdltnx5kKaooyScYUbJhrZjHvPEU3JL+uclXpsxKG6t8lAJCCiw NLsMJ4sv91atPj/QTWPM48LtbSF9LT4+Rqa2GnrW9B12R/Q5iNRTrA3lzswuNsqa s7CksKA8ynhRER8TrjxyPpFZr3A1k/XSgyjk78Wwf4nCm863d7qGKv58BxfP69wy N5wXhdwhZpSOSihUMcsU+KkNQMFKOHCCVjB0r7dwmoSLpY5n8dPLMWTV6a37RokY O/ZIakFCZ9SS8x1VtV/J3Ir+CGM0qexidYebiX2xD2Dk08600F+xRBdynqXZ3avd -----END CERTIFICATE-----Generated at Mon Jun 2 04:42:54 2025 by rpki-client