$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: fCdAmCoD2XGi7hkZBe0R5/xxnDGN0Kqn0Nnm4OP1vQM= Subject key identifier: 21:35:B3:8A:06:1C:48:CF:1B:44:84:71:F0:3A:01:6A:85:DB:AB:CF Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7E24722B0F537C236872A12CDB03C382DFE3746C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Tue 20 May 2025 00:00:41 +0000 ROA not before: Tue 20 May 2025 00:00:41 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:24:72:2b:0f:53:7c:23:68:72:a1:2c:db:03:c3:82:df:e3:74:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:41 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=79b21b462d229aaeaf882d50a4de328d55b65431c82cc787873ff951b0983a76, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:37:0c:18:33:7c:f6:e8:18:ee:75:2c:dd:4d: be:0e:06:77:02:51:78:5e:8c:09:bb:1d:41:8f:62: bc:d2:3d:6b:fc:16:84:60:d6:7c:7c:5b:28:5e:fd: 24:d6:7b:07:87:88:25:6f:c7:d0:c5:9a:11:47:17: 47:cb:76:bb:de:6b:07:d4:fe:cf:d5:43:7e:80:8f: 63:b5:c6:85:c3:89:e6:f9:2b:f8:0f:ae:e6:22:f9: 99:d5:c0:a8:ac:52:87:a0:f3:d5:5a:45:4f:68:b3: 62:a1:e8:70:0c:24:84:49:9d:bd:62:8d:11:58:2d: 7d:65:bd:1c:e7:21:03:71:e0:e3:49:bc:2b:52:31: be:0a:cb:c9:c8:42:8c:49:b3:5e:ed:be:d9:a8:14: 65:de:f9:4c:22:f1:53:40:b6:92:bd:a8:5f:d7:d9: 17:67:7e:dd:48:94:7c:8a:93:14:37:48:43:ca:37: 78:21:5f:bb:69:e4:bb:45:33:e0:53:5a:a7:a2:dd: 74:d1:58:45:93:f0:92:68:ed:17:fb:f2:f5:1f:e5: 60:9c:0e:90:fc:87:9f:cd:9b:0c:cb:e5:97:95:61: 86:0a:5c:8c:d9:e6:77:2b:56:0b:a4:f1:2a:8f:42: 9e:37:c6:a0:8a:3f:42:46:d1:cb:a4:d4:3d:27:d9: db:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:35:B3:8A:06:1C:48:CF:1B:44:84:71:F0:3A:01:6A:85:DB:AB:CF X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 49:14:77:9f:17:03:c8:09:a9:35:b6:98:ce:f4:9e:53:73:0c: 33:a9:f9:ec:21:8a:d9:c2:0f:0b:01:8c:bf:28:92:50:34:d3: 3f:7c:01:08:41:9f:1a:d5:52:49:ce:fe:f9:37:55:26:05:a1: d0:8a:91:98:e1:34:4c:ac:7a:6a:bc:53:59:44:7e:6c:5c:c7: 9f:45:dd:99:ab:4f:71:22:e8:a1:a4:92:24:70:76:75:ff:1e: 15:7f:84:45:8c:02:00:8e:9a:4a:b8:c9:88:e2:1a:c3:12:da: 0d:48:20:b9:90:ed:9e:47:c7:64:03:0d:65:43:0e:06:46:d5: b1:69:ac:cb:fa:b0:02:f4:3c:91:f3:d2:97:74:55:94:15:44: 26:22:80:67:dd:2b:32:a6:ec:d0:fa:9e:f4:8c:80:93:a2:ce: 5c:67:08:02:7f:e1:37:7d:08:20:50:1b:b2:e8:d1:72:65:bc: 0b:62:59:eb:4c:b3:c1:75:af:5f:d6:68:38:f0:1a:78:a0:1e: 8c:2b:d4:14:a4:19:66:d3:d1:90:e5:46:6d:0b:71:b7:42:f3: b9:b6:08:2b:9c:ca:8b:89:59:5b:e1:2f:96:c8:a9:28:fc:4f: 11:8a:65:ba:93:88:df:da:f5:db:52:07:d3:3b:15:11:b6:3b: b5:a4:5e:bc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfiRyKw9TfCNocqEs2wPDgt/jdGwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDA0MVoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNANzliMjFiNDYyZDIyOWFhZWFmODgy ZDUwYTRkZTMyOGQ1NWI2NTQzMWM4MmNjNzg3ODczZmY5NTFiMDk4M2E3NjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzcMGDN89ugY7nUs3U2+DgZ3AlF4 XowJux1Bj2K80j1r/BaEYNZ8fFsoXv0k1nsHh4glb8fQxZoRRxdHy3a73msH1P7P 1UN+gI9jtcaFw4nm+Sv4D67mIvmZ1cCorFKHoPPVWkVPaLNioehwDCSESZ29Yo0R WC19Zb0c5yEDceDjSbwrUjG+CsvJyEKMSbNe7b7ZqBRl3vlMIvFTQLaSvahf19kX Z37dSJR8ipMUN0hDyjd4IV+7aeS7RTPgU1qnot100VhFk/CSaO0X+/L1H+VgnA6Q /IefzZsMy+WXlWGGClyM2eZ3K1YLpPEqj0KeN8agij9CRtHLpNQ9J9nb5wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCE1s4oGHEjPG0SEcfA6AWqF26vPMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAEkUd58XA8gJqTW2mM70 nlNzDDOp+ewhitnCDwsBjL8oklA00z98AQhBnxrVUknO/vk3VSYFodCKkZjhNEys emq8U1lEfmxcx59F3ZmrT3Ei6KGkkiRwdnX/HhV/hEWMAgCOmkq4yYjiGsMS2g1I ILmQ7Z5Hx2QDDWVDDgZG1bFprMv6sAL0PJHz0pd0VZQVRCYigGfdKzKm7ND6nvSM gJOizlxnCAJ/4Td9CCBQG7Lo0XJlvAtiWetMs8F1r1/WaDjwGnigHowr1BSkGWbT 0ZDlRm0LcbdC87m2CCucyouJWVvhL5bIqSj8TxGKZbqTiN/a9dtSB9M7FRG2O7Wk Xrw= -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:15 2025 by rpki-client