$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: HL6vgNKtK78lomGWzep0sTIsa+X5gVFJGvMVb6dufwQ= Subject key identifier: 65:AB:B0:39:FE:B7:52:11:17:42:88:C1:D3:00:19:B6:E8:A9:8F:B9 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 59AC1C986AA07300A9A87DE765D4C270B6781E11 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Tue 20 May 2025 00:00:39 +0000 ROA not before: Tue 20 May 2025 00:00:39 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:ac:1c:98:6a:a0:73:00:a9:a8:7d:e7:65:d4:c2:70:b6:78:1e:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:39 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=2ed0f50c847436aba66dbb615e676169f70ebfc6414434a374d5074c93cb6c3a, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:b8:1f:1b:52:9b:01:d8:21:a1:6e:2a:7d:86: 2f:fc:a4:27:ea:b3:41:59:0d:11:58:ea:5a:8e:ab: d7:2b:9d:22:5c:2e:87:3c:b2:da:39:c4:44:3f:78: 8e:f0:9c:79:49:2a:6e:54:7c:ee:72:eb:2b:73:30: 64:51:01:86:1d:23:8f:9e:75:7d:45:5e:f6:d7:64: 82:50:0e:5a:ba:50:27:09:3a:92:83:02:4f:ea:c2: bf:31:c3:2b:82:74:0d:66:42:d5:aa:ea:f1:d9:d2: 58:2a:b8:e0:77:63:60:2e:17:bf:02:70:fa:31:04: 89:29:57:f4:4a:c0:1e:2a:88:51:bd:3c:ab:78:65: 49:65:cc:98:dd:93:41:70:ed:58:d1:a9:68:4d:ac: 26:09:9a:a2:99:11:a0:b4:3b:ec:c1:35:f3:1c:79: 47:2b:b5:5e:bc:23:ba:6c:98:8f:7b:cc:59:08:a3: 84:69:da:03:b9:44:89:be:68:c3:cf:10:6d:d0:ac: 38:c6:02:cc:0d:ce:09:ed:8d:f6:51:3b:65:2c:f9: 09:7a:46:2a:21:36:b5:f4:95:06:7d:70:06:e5:74: 2f:60:a3:68:71:b0:f3:be:a6:43:b3:1b:e2:8f:47: f1:23:e6:a6:8b:8b:20:ba:46:47:5c:a5:a2:a5:61: 06:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:AB:B0:39:FE:B7:52:11:17:42:88:C1:D3:00:19:B6:E8:A9:8F:B9 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption 63:0d:e0:14:f4:0c:32:4c:18:6b:d2:e8:e3:e9:07:88:5c:e6: 42:b7:fb:86:8c:56:e4:90:a1:e2:d9:1f:9c:94:00:8a:f4:60: 54:e9:24:29:7c:47:65:44:d4:ab:43:56:80:7c:62:b9:2b:f9: f9:c6:a8:f4:42:7b:88:35:46:56:aa:03:6a:92:a0:99:0f:f5: 67:c5:ef:89:f7:54:e7:28:05:d6:7a:45:4b:25:66:d6:9f:11: 12:d9:05:be:d1:13:a3:aa:73:cd:50:d1:ac:ed:85:bf:d1:18: 7b:01:fc:dc:b8:e4:f9:12:b7:0e:d7:b9:d7:eb:b6:e8:fd:a9: c8:80:1b:1a:ee:15:c7:75:49:b0:af:ce:64:95:b4:b8:a5:b0: b9:d7:80:ba:75:71:80:07:30:6c:3c:68:68:2f:44:d4:0a:4a: 02:fc:6f:ec:13:46:12:f9:ab:b9:69:53:d0:ef:54:a3:ec:4c: 6a:f8:4b:2a:b7:a1:68:8c:06:b2:35:83:55:27:d2:3e:26:67: 6a:c1:36:33:f8:78:4c:99:b6:ed:a8:d2:b9:39:a8:0c:9c:12: 11:3b:71:fa:38:7e:9b:64:9b:57:15:d4:2b:cf:9d:2e:ba:90: 60:2f:69:00:cf:29:9b:7a:b2:51:1f:1c:d9:53:85:d1:09:dc: 0a:af:1e:fa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWawcmGqgcwCpqH3nZdTCcLZ4HhEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDAzOVoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAMmVkMGY1MGM4NDc0MzZhYmE2NmRi YjYxNWU2NzYxNjlmNzBlYmZjNjQxNDQzNGEzNzRkNTA3NGM5M2NiNmMzYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LgfG1KbAdghoW4qfYYv/KQn6rNB WQ0RWOpajqvXK50iXC6HPLLaOcREP3iO8Jx5SSpuVHzucusrczBkUQGGHSOPnnV9 RV7212SCUA5aulAnCTqSgwJP6sK/McMrgnQNZkLVqurx2dJYKrjgd2NgLhe/AnD6 MQSJKVf0SsAeKohRvTyreGVJZcyY3ZNBcO1Y0aloTawmCZqimRGgtDvswTXzHHlH K7VevCO6bJiPe8xZCKOEadoDuUSJvmjDzxBt0Kw4xgLMDc4J7Y32UTtlLPkJekYq ITa19JUGfXAG5XQvYKNocbDzvqZDsxvij0fxI+ami4sgukZHXKWipWEGywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGWrsDn+t1IRF0KIwdMAGbboqY+5MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBAGMN4BT0DDJMGGvS6OPp B4hc5kK3+4aMVuSQoeLZH5yUAIr0YFTpJCl8R2VE1KtDVoB8Yrkr+fnGqPRCe4g1 RlaqA2qSoJkP9WfF74n3VOcoBdZ6RUslZtafERLZBb7RE6Oqc81Q0azthb/RGHsB /Ny45PkStw7Xudfrtuj9qciAGxruFcd1SbCvzmSVtLilsLnXgLp1cYAHMGw8aGgv RNQKSgL8b+wTRhL5q7lpU9DvVKPsTGr4Syq3oWiMBrI1g1Un0j4mZ2rBNjP4eEyZ tu2o0rk5qAycEhE7cfo4fptkm1cV1CvPnS66kGAvaQDPKZt6slEfHNlThdEJ3Aqv Hvo= -----END CERTIFICATE-----Generated at Mon Jun 2 04:44:34 2025 by rpki-client