$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json) Hash identifier: igYxd942gTSEptnz2KoNznOeJQLJZmW1W+DsL8kVLio= Subject key identifier: 7D:C8:FA:4F:27:D5:C2:39:69:AC:B2:9F:4E:0F:43:1E:B6:79:76:01 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 43854290DD515C12C1080BC2E8F5382AA656FCA5 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa Signing time: Fri 16 May 2025 16:00:09 +0000 ROA not before: Fri 16 May 2025 16:00:09 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:85:42:90:dd:51:5c:12:c1:08:0b:c2:e8:f5:38:2a:a6:56:fc:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 16 16:00:09 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=9bbb193a47038e4cca4db055158784e1417173cca2604d33e00f60ef0065ff75, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:2a:b5:ce:17:7a:bd:3f:eb:24:16:13:e0:46: 7c:2e:94:cc:79:10:fa:84:a8:fe:ed:61:63:cc:90: 63:27:5e:d8:96:2c:7e:49:21:3c:e6:68:60:ad:24: a0:c3:49:68:08:6a:b4:e0:9b:58:96:73:e0:db:25: be:c4:af:2e:26:38:14:d0:82:5d:70:e7:04:c9:96: 46:d8:21:4d:aa:59:19:cc:bc:81:d1:a5:ee:cc:d1: 1e:32:1e:d7:3f:be:80:55:92:ff:05:ea:a3:10:c2: 01:f7:c8:9b:7b:01:1c:e8:0c:fd:1a:91:77:85:75: 98:f8:c7:55:52:c0:fa:f5:2f:56:cf:0a:94:e3:31: 73:9d:ec:e0:69:76:eb:3d:74:d0:69:85:fc:90:88: 3b:a7:d8:86:5e:48:7b:f6:58:f5:b8:ba:17:00:4a: 69:e3:de:ca:ef:a8:ae:ab:84:4d:3d:a5:99:ab:f5: 14:f9:35:9b:bb:cc:79:dc:c7:d7:df:8e:4c:74:bf: 2f:95:8d:ee:7a:d0:34:20:23:9b:ed:b6:13:f3:70: b2:3e:b3:14:76:35:b8:e1:9f:ac:2a:9f:bf:ad:02: a9:78:3a:46:1a:14:22:33:84:05:40:d1:11:00:90: 0d:84:79:f5:2a:12:47:56:43:5e:4e:17:b8:21:97: f0:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:C8:FA:4F:27:D5:C2:39:69:AC:B2:9F:4E:0F:43:1E:B6:79:76:01 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fe:4000::/40 Signature Algorithm: sha256WithRSAEncryption ac:fa:c6:a1:bb:86:d5:0f:7f:0a:29:a1:b4:ed:37:91:2a:9c: 4f:28:cd:d6:ac:3e:d1:9e:d5:3a:7f:b4:a4:3e:b0:38:1a:5f: 41:66:40:04:4b:fb:03:4c:98:60:0a:6a:3b:b1:d5:f2:e7:f5: 91:d7:5d:e7:c6:1d:f3:38:fa:db:34:91:16:25:e5:f3:cf:bd: 7e:4d:5f:72:cc:31:62:0c:e3:19:1e:51:79:47:e2:ce:43:f1: 54:6a:45:4c:ab:73:03:c2:3c:90:2e:25:91:ec:85:d4:9e:f2: c5:e3:df:b0:81:8d:74:00:7e:55:1b:ef:5e:80:3c:af:fd:08: ab:a0:dd:46:e2:d5:9b:58:97:bb:12:7b:03:b1:8c:f4:84:1d: fc:39:bb:6f:f7:ba:d4:6e:e9:62:86:94:36:27:98:7a:6d:14: c9:40:78:45:12:e7:6f:dc:cf:ab:39:29:a8:b4:07:94:1f:16: 29:b4:41:fd:1b:63:4a:18:b6:8e:00:8b:32:69:bf:74:ab:01: d4:55:85:e7:22:52:74:39:eb:87:46:81:0f:85:90:16:94:1e: 44:1b:6b:c6:3b:3c:59:ce:59:40:61:d5:19:d9:b9:0c:a7:5d: 52:2b:ef:23:2b:6e:89:c2:15:e8:e9:54:9d:d0:74:dd:d1:c3: 32:6c:da:ea -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ4VCkN1RXBLBCAvC6PU4KqZW/KUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUxNjE2MDAwOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAOWJiYjE5M2E0NzAzOGU0Y2NhNGRi MDU1MTU4Nzg0ZTE0MTcxNzNjY2EyNjA0ZDMzZTAwZjYwZWYwMDY1ZmY3NTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCq1zhd6vT/rJBYT4EZ8LpTMeRD6 hKj+7WFjzJBjJ17Ylix+SSE85mhgrSSgw0loCGq04JtYlnPg2yW+xK8uJjgU0IJd cOcEyZZG2CFNqlkZzLyB0aXuzNEeMh7XP76AVZL/BeqjEMIB98ibewEc6Az9GpF3 hXWY+MdVUsD69S9WzwqU4zFznezgaXbrPXTQaYX8kIg7p9iGXkh79lj1uLoXAEpp 497K76iuq4RNPaWZq/UU+TWbu8x53MfX345MdL8vlY3uetA0ICOb7bYT83CyPrMU djW44Z+sKp+/rQKpeDpGGhQiM4QFQNERAJANhHn1KhJHVkNeThe4IZfwhwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH3I+k8n1cI5aayyn04PQx62eXYBMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBAKz6xqG7htUPfwopobTt N5EqnE8ozdasPtGe1Tp/tKQ+sDgaX0FmQARL+wNMmGAKajux1fLn9ZHXXefGHfM4 +ts0kRYl5fPPvX5NX3LMMWIM4xkeUXlH4s5D8VRqRUyrcwPCPJAuJZHshdSe8sXj 37CBjXQAflUb716APK/9CKug3Ubi1ZtYl7sSewOxjPSEHfw5u2/3utRu6WKGlDYn mHptFMlAeEUS52/cz6s5Kai0B5QfFim0Qf0bY0oYto4AizJpv3SrAdRVheciUnQ5 64dGgQ+FkBaUHkQba8Y7PFnOWUBh1RnZuQynXVIr7yMrbonCFejpVJ3QdN3RwzJs 2uo= -----END CERTIFICATE-----Generated at Mon Jun 2 04:42:55 2025 by rpki-client