$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: CRf4mEMVjxT8vUmu3UDlE0f/ZC21vh/ntfkjDXZs3Z4= Subject key identifier: 40:9E:D0:3E:A9:42:DC:A9:DB:CE:73:F1:69:E0:7A:A4:BA:AA:50:B7 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 46CCDE8CF5C126A0FFAC9BB7DFE73B44E6E535CF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Fri 16 May 2025 16:00:05 +0000 ROA not before: Fri 16 May 2025 16:00:05 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:cc:de:8c:f5:c1:26:a0:ff:ac:9b:b7:df:e7:3b:44:e6:e5:35:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 16 16:00:05 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=bbdaff7dedf2bd308d9c9412c20fc9944945ed45b8d6c0cbf7090c4828592169, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:41:75:46:96:2e:5a:d1:a2:b6:bd:4d:bc:bb: b0:d0:6e:39:52:d5:8c:88:53:b4:93:29:ff:89:1b: a2:29:7f:00:35:b1:96:4f:72:62:8b:3c:c9:3e:aa: 8e:9c:d5:e4:ec:03:36:0f:e1:3f:6c:52:10:3d:95: cb:bd:da:bb:83:d2:96:14:d2:bd:6b:81:91:11:47: 85:27:89:b8:fb:8a:00:35:75:50:d3:30:29:7c:22: 07:19:f4:f6:93:95:d1:a6:97:94:58:04:5d:47:ba: 61:a7:c2:03:76:6f:78:3f:9f:da:99:c1:f9:3a:5b: e6:f9:dc:48:b3:67:0c:98:4d:92:51:07:ca:bb:fc: 8b:a6:98:ae:c9:e6:eb:c5:41:1d:80:af:a1:be:06: 19:99:13:6f:9c:5a:ca:2a:5f:5f:b6:ed:39:24:e6: b1:7c:f7:b8:57:60:6e:7f:4b:9e:90:0e:f6:04:26: 0e:42:28:e0:ef:5b:9c:f3:2c:a1:ec:ab:55:09:f8: e3:da:87:8a:2c:8d:ad:90:bc:bd:f6:f3:c3:4d:4f: 0c:d6:b1:38:af:6a:b9:5c:f0:e4:78:17:92:44:60: cb:9e:db:04:79:86:a8:bd:d4:24:4e:56:69:48:1b: ff:73:99:27:49:7b:69:bc:27:de:54:06:e8:b0:26: 71:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:9E:D0:3E:A9:42:DC:A9:DB:CE:73:F1:69:E0:7A:A4:BA:AA:50:B7 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 7f:74:1f:c5:93:e9:94:3b:6e:5b:10:00:a3:0d:25:92:fa:4c: bf:c5:d7:d5:2f:02:62:d3:76:39:93:41:88:07:f7:d6:78:1a: 47:88:76:18:0d:ab:b0:ec:70:cb:87:ea:6a:46:63:41:89:ec: d6:23:ad:c0:c8:1c:9d:3f:a5:1a:40:8c:77:d5:a6:54:b9:ec: 66:aa:ee:63:66:85:d1:cc:77:1b:ed:13:78:90:76:ed:da:52: 85:7f:c4:15:ba:e5:a0:9c:38:ff:17:37:23:e8:b7:d2:6b:ad: 83:6f:ba:1c:a8:d5:01:e3:8b:e3:0b:bd:51:4e:f8:5e:af:92: 84:d5:26:c3:6c:60:2f:3e:c2:a3:ed:fb:31:ba:60:93:37:d4: f2:fa:9f:e0:1b:59:e6:02:1a:93:cb:9d:e4:5c:91:36:e0:2c: 61:da:61:9f:6e:7a:0a:4a:e2:e1:f5:93:78:70:16:48:02:e7: 50:7e:9f:4f:1a:f7:54:b1:a0:b6:c9:5d:a1:72:6a:c8:71:67: 0e:7e:71:22:20:53:78:a6:d7:b5:04:12:45:54:6d:44:8e:be: cf:df:ac:42:07:17:3b:3d:33:c2:64:a7:ce:7c:91:79:ce:6c: 04:2f:28:dd:1c:71:84:6e:a0:71:b5:61:42:a4:5e:39:02:ad: 62:42:3f:a8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURszejPXBJqD/rJu33+c7ROblNc8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUxNjE2MDAwNVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYmJkYWZmN2RlZGYyYmQzMDhkOWM5 NDEyYzIwZmM5OTQ0OTQ1ZWQ0NWI4ZDZjMGNiZjcwOTBjNDgyODU5MjE2OTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30F1RpYuWtGitr1NvLuw0G45UtWM iFO0kyn/iRuiKX8ANbGWT3JiizzJPqqOnNXk7AM2D+E/bFIQPZXLvdq7g9KWFNK9 a4GREUeFJ4m4+4oANXVQ0zApfCIHGfT2k5XRppeUWARdR7php8IDdm94P5/amcH5 Olvm+dxIs2cMmE2SUQfKu/yLppiuyebrxUEdgK+hvgYZmRNvnFrKKl9ftu05JOax fPe4V2Buf0uekA72BCYOQijg71uc8yyh7KtVCfjj2oeKLI2tkLy99vPDTU8M1rE4 r2q5XPDkeBeSRGDLntsEeYaovdQkTlZpSBv/c5knSXtpvCfeVAbosCZxJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFECe0D6pQtyp285z8WngeqS6qlC3MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBAH90H8WT6ZQ7blsQAKMN JZL6TL/F19UvAmLTdjmTQYgH99Z4GkeIdhgNq7DscMuH6mpGY0GJ7NYjrcDIHJ0/ pRpAjHfVplS57Gaq7mNmhdHMdxvtE3iQdu3aUoV/xBW65aCcOP8XNyPot9JrrYNv uhyo1QHji+MLvVFO+F6vkoTVJsNsYC8+wqPt+zG6YJM31PL6n+AbWeYCGpPLneRc kTbgLGHaYZ9uegpK4uH1k3hwFkgC51B+n08a91SxoLbJXaFyashxZw5+cSIgU3im 17UEEkVUbUSOvs/frEIHFzs9M8Jkp858kXnObAQvKN0ccYRuoHG1YUKkXjkCrWJC P6g= -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:13 2025 by rpki-client