$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa File: c7b491e4-76ae-4305-8132-a670b41c66fd.roa (raw, json) Hash identifier: LUE5J6RJ7GS1Ye+xmNRzL8lTfjbOUNmUedpP5Ttd8sM= Subject key identifier: DA:D8:22:5B:69:62:00:A9:37:4E:5B:45:4E:2B:D7:4A:FD:D5:8B:AA Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 726029C159703E23F23E0B61353A292C2338E327 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa Signing time: Tue 20 May 2025 00:00:35 +0000 ROA not before: Tue 20 May 2025 00:00:35 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:60:29:c1:59:70:3e:23:f2:3e:0b:61:35:3a:29:2c:23:38:e3:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:35 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=63a36966f876d84774c5d49f829da04b54d61ab36dbed6a53951489255db51bc, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:92:bc:a6:80:fd:d5:33:5c:96:f6:17:06:ff: cc:2c:c8:0c:2f:1a:9b:6b:3d:7e:8b:e8:1e:4b:70: 8b:41:8d:df:25:94:bd:1c:9f:4c:0d:92:e2:c0:79: 4e:13:8e:0e:ec:b7:64:5a:33:fd:db:4b:cb:a8:1f: f7:fb:6d:83:3d:d5:ae:d8:7f:8c:45:b7:30:b9:96: 93:ef:4b:ca:59:01:1f:fc:66:8c:1b:d9:46:80:24: e5:e3:1f:ef:ea:64:0d:e5:f8:f5:e6:4e:e8:9b:66: b8:23:9c:71:b2:44:45:12:fe:81:a8:e0:95:0b:a7: 1f:ca:c5:17:4f:9a:cf:e6:31:b3:dd:c2:24:a3:09: 18:10:9c:25:46:eb:b0:24:02:b3:b0:82:f0:2a:8c: 6b:4b:10:15:d0:ef:da:10:b0:52:1e:e2:e9:9a:8a: 11:f8:e6:c0:50:14:bb:73:9a:29:4b:c7:4d:20:9f: c5:3b:2d:20:97:41:36:da:20:48:6e:4a:2d:9b:57: 88:46:7f:b5:75:18:bd:74:67:a3:c7:4b:c1:40:41: 75:c6:29:c0:05:5b:d3:32:04:8e:85:f5:c3:8c:bd: 10:aa:74:65:00:ce:d9:ee:e4:4d:d4:e4:37:3a:58: 82:1b:d5:cf:85:68:88:2d:43:d4:6e:62:af:92:0c: 4a:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:D8:22:5B:69:62:00:A9:37:4E:5B:45:4E:2B:D7:4A:FD:D5:8B:AA X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c7b491e4-76ae-4305-8132-a670b41c66fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4000::/40 Signature Algorithm: sha256WithRSAEncryption 0a:41:c5:e2:a0:11:08:98:bb:4f:b3:55:73:6f:bb:42:bd:63: 14:cc:1b:ab:98:b9:fb:ac:f5:7b:89:db:df:db:6e:75:9e:8b: 21:e2:d6:8d:ad:2c:0f:4b:65:39:4a:3e:fd:4a:6a:35:ed:6a: ce:9f:80:94:66:6f:b1:66:09:45:3f:19:78:46:76:09:16:7a: b1:f1:3d:8a:9a:5a:d0:3b:56:ae:8d:c8:f0:69:ea:88:92:8e: 0d:cb:1b:b4:f8:ac:ff:c8:84:63:b2:87:b5:cf:5e:8b:ad:16: 86:be:20:e0:6b:95:29:6a:fc:84:05:24:b4:5b:00:4a:fe:dd: 4e:32:2c:5c:39:59:62:48:ea:78:59:16:ee:6a:ad:fb:79:3a: 5e:8a:03:7b:94:b3:73:1b:46:13:8f:f3:3e:38:d5:c4:a9:e8: 18:1f:09:18:01:18:02:2c:6e:e3:77:b2:a1:15:dd:6f:d7:54: 1c:4d:6f:8a:01:fd:3b:60:d1:35:1a:d0:27:c8:6e:74:45:d4: f2:e3:5b:17:48:f3:e8:e2:1c:d8:3e:a3:42:23:08:7c:c2:39: b8:15:c4:0d:72:24:94:c5:3d:6b:55:02:20:89:e0:bf:8e:e2: 1a:1d:d4:52:95:b1:a7:b5:d3:2f:9d:d4:2c:13:b9:11:1e:cc: 94:29:f4:9b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcmApwVlwPiPyPgthNTopLCM44ycwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDAzNVoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNANjNhMzY5NjZmODc2ZDg0Nzc0YzVk NDlmODI5ZGEwNGI1NGQ2MWFiMzZkYmVkNmE1Mzk1MTQ4OTI1NWRiNTFiYzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZK8poD91TNclvYXBv/MLMgMLxqb az1+i+geS3CLQY3fJZS9HJ9MDZLiwHlOE44O7LdkWjP920vLqB/3+22DPdWu2H+M RbcwuZaT70vKWQEf/GaMG9lGgCTl4x/v6mQN5fj15k7om2a4I5xxskRFEv6BqOCV C6cfysUXT5rP5jGz3cIkowkYEJwlRuuwJAKzsILwKoxrSxAV0O/aELBSHuLpmooR +ObAUBS7c5opS8dNIJ/FOy0gl0E22iBIbkotm1eIRn+1dRi9dGejx0vBQEF1xinA BVvTMgSOhfXDjL0QqnRlAM7Z7uRN1OQ3OliCG9XPhWiILUPUbmKvkgxKDwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNrYIltpYgCpN05bRU4r10r91YuqMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3YjQ5MWU0LTc2YWUtNDMwNS04MTMyLWE2NzBiNDFjNjZmZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBAApBxeKgEQiYu0+zVXNv u0K9YxTMG6uYufus9XuJ29/bbnWeiyHi1o2tLA9LZTlKPv1KajXtas6fgJRmb7Fm CUU/GXhGdgkWerHxPYqaWtA7Vq6NyPBp6oiSjg3LG7T4rP/IhGOyh7XPXoutFoa+ IOBrlSlq/IQFJLRbAEr+3U4yLFw5WWJI6nhZFu5qrft5Ol6KA3uUs3MbRhOP8z44 1cSp6BgfCRgBGAIsbuN3sqEV3W/XVBxNb4oB/Ttg0TUa0CfIbnRF1PLjWxdI8+ji HNg+o0IjCHzCObgVxA1yJJTFPWtVAiCJ4L+O4hod1FKVsae10y+d1CwTuREezJQp 9Js= -----END CERTIFICATE-----Generated at Mon Jun 2 04:45:33 2025 by rpki-client