$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa File: baa1273d-7883-4b5d-8e1c-23ebac490846.roa (raw, json) Hash identifier: vbnKwHGUSqIypDT+YsTFAXzEVcesYFLptNRQWZaWMCw= Subject key identifier: A3:15:45:3A:AA:44:43:A2:A5:83:C2:3F:D4:0A:9C:B6:B2:35:F6:70 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7D7BBB3AB02DA7160E3A3E5671FADE0E7B43C50B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa Signing time: Tue 20 May 2025 00:00:37 +0000 ROA not before: Tue 20 May 2025 00:00:37 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:7b:bb:3a:b0:2d:a7:16:0e:3a:3e:56:71:fa:de:0e:7b:43:c5:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:37 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=1e4c0d154f2f45149eb9fae587e07343d114dd3affb93970909e7bbefd1b4571, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:e7:96:fc:6f:48:7d:e5:dc:cd:e8:f6:a5:df: fe:dc:f7:df:92:d7:18:78:ec:09:df:78:b1:74:23: aa:a1:ef:c8:7a:c3:51:f1:89:ca:df:b3:92:42:1c: 7c:2e:ed:46:8e:77:31:df:5e:f0:06:ba:97:63:6e: e0:3f:d2:d6:4d:9b:3b:0f:26:a4:29:75:35:05:53: 40:58:d4:7d:fc:02:6b:84:74:e5:02:95:e0:62:62: 15:a4:e2:32:1b:50:7b:6c:b8:e8:b3:6d:22:82:00: 9d:e6:fe:02:4a:a3:aa:20:cb:34:af:22:4f:ec:4c: f0:41:51:6b:4d:37:9f:7d:ab:73:67:15:a1:64:ea: f9:67:28:f7:0d:ed:c1:90:1a:76:4e:7d:4f:49:19: a3:9e:fa:d4:30:48:ba:db:15:db:d8:6e:68:04:c9: a1:c0:81:52:ec:65:0c:be:36:21:24:30:f7:70:02: ac:b7:c6:68:b5:ee:7f:1e:94:f1:2a:94:2b:ab:bf: 76:97:5f:31:24:7b:5d:28:b3:7f:06:a0:96:85:de: b9:08:ac:c9:e2:b2:41:70:13:1d:dc:11:3e:a8:7a: 27:c2:ec:37:5c:5e:d1:5b:a9:23:4a:49:99:4e:df: 4a:54:01:00:ad:d0:b9:a3:cc:32:d0:e6:81:c3:58: 08:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:15:45:3A:AA:44:43:A2:A5:83:C2:3F:D4:0A:9C:B6:B2:35:F6:70 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4040::/48 Signature Algorithm: sha256WithRSAEncryption 90:b1:98:8a:28:c6:da:b4:e7:e6:14:d5:17:f1:14:84:ee:fa: d1:1a:a4:1f:7e:e0:75:94:ce:7e:f4:af:83:53:61:ba:ff:34: 4b:4e:69:e9:d1:9b:09:b8:1d:e2:26:5d:b2:8e:5b:46:57:ef: 79:b2:c7:ac:c4:29:bc:a4:d2:9f:c3:fe:a5:e3:ea:f9:4d:91: dc:8e:2b:6b:03:5f:c0:ef:a8:d9:fb:04:ac:0a:6d:61:9a:43: 68:a4:62:3a:d3:86:04:bb:10:46:5e:1d:6c:10:67:2a:1a:c3: 9d:bd:49:11:d2:75:5b:87:01:41:dd:6a:9d:5d:a3:38:a1:f2: 6a:f1:8e:59:00:a0:fa:83:19:c2:27:a2:4a:c6:98:72:2f:2c: ee:aa:50:03:f4:10:aa:b5:60:2e:3f:ad:74:81:4c:35:aa:48: a4:a9:0f:90:47:e4:c8:fc:68:94:82:36:b7:5f:7e:9a:1d:99: cd:f1:89:92:4b:ae:75:be:cd:14:f7:66:cd:2a:49:21:a1:d2: c4:5f:65:5f:f1:85:59:aa:60:07:02:93:5c:6c:95:6d:14:c0: da:d3:fe:52:e0:40:43:7c:da:c2:a7:9b:ec:b3:3f:e8:b6:e9: 00:73:3a:78:f4:75:7b:e7:c6:df:06:c9:cb:fa:aa:7f:66:55: 22:4b:23:d8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfXu7OrAtpxYOOj5WcfreDntDxQswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDAzN1oX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAMWU0YzBkMTU0ZjJmNDUxNDllYjlm YWU1ODdlMDczNDNkMTE0ZGQzYWZmYjkzOTcwOTA5ZTdiYmVmZDFiNDU3MTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8OeW/G9IfeXczej2pd/+3PffktcY eOwJ33ixdCOqoe/IesNR8YnK37OSQhx8Lu1Gjncx317wBrqXY27gP9LWTZs7Dyak KXU1BVNAWNR9/AJrhHTlApXgYmIVpOIyG1B7bLjos20iggCd5v4CSqOqIMs0ryJP 7EzwQVFrTTeffatzZxWhZOr5Zyj3De3BkBp2Tn1PSRmjnvrUMEi62xXb2G5oBMmh wIFS7GUMvjYhJDD3cAKst8Zote5/HpTxKpQrq792l18xJHtdKLN/BqCWhd65CKzJ 4rJBcBMd3BE+qHonwuw3XF7RW6kjSkmZTt9KVAEArdC5o8wy0OaBw1gIYQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKMVRTqqREOipYPCP9QKnLayNfZwMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2JhYTEyNzNkLTc4ODMtNGI1ZC04ZTFjLTIzZWJhYzQ5MDg0Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0BAMA0GCSqGSIb3DQEBCwUAA4IBAQCQsZiKKMbatOfmFNUX 8RSE7vrRGqQffuB1lM5+9K+DU2G6/zRLTmnp0ZsJuB3iJl2yjltGV+95ssesxCm8 pNKfw/6l4+r5TZHcjitrA1/A76jZ+wSsCm1hmkNopGI604YEuxBGXh1sEGcqGsOd vUkR0nVbhwFB3WqdXaM4ofJq8Y5ZAKD6gxnCJ6JKxphyLyzuqlAD9BCqtWAuP610 gUw1qkikqQ+QR+TI/GiUgja3X36aHZnN8YmSS651vs0U92bNKkkhodLEX2Vf8YVZ qmAHApNcbJVtFMDa0/5S4EBDfNrCp5vssz/otukAczp49HV758bfBsnL+qp/ZlUi SyPY -----END CERTIFICATE-----Generated at Mon Jun 2 04:44:34 2025 by rpki-client