$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa File: 5663bf34-10ed-4309-a236-7466afd6f02f.roa (raw, json) Hash identifier: vcYpD8xHxdj3eXvZnhy2RP03Uyb0uZ02CK9BSZn2HzE= Subject key identifier: B9:BA:5A:B0:93:81:16:37:04:24:BF:8C:C2:D5:2F:41:E5:27:BA:C2 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 20C28D4BD0E01335AB9F0B93F413B0D37530372D Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa Signing time: Wed 30 Apr 2025 00:00:05 +0000 ROA not before: Wed 30 Apr 2025 00:00:05 +0000 ROA not after: Wed 04 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 10 May 2025 00:01:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:c2:8d:4b:d0:e0:13:35:ab:9f:0b:93:f4:13:b0:d3:75:30:37:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 30 00:00:05 2025 GMT Not After : Jun 4 23:59:59 2025 GMT Subject: serialNumber=240e7b9c1c65cd15c673c93bb689f1131e31480e105d3ee5ac1b7f78345aaad4, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:91:1c:dc:27:54:81:c2:b8:e7:a7:03:5f:6e: a9:61:bd:7d:fe:f7:1f:ac:47:2f:70:72:ab:5a:74: 41:53:26:f8:d3:97:2d:ea:a5:2e:0d:77:f4:63:03: 56:29:f9:d2:84:d3:25:74:41:8e:1f:8a:fa:45:49: 65:79:f2:25:2b:4b:c3:b0:58:28:f9:0f:0b:aa:4f: 6b:4d:87:30:5a:21:b2:ee:e7:c7:0a:1b:6a:56:e9: 70:97:02:c5:3c:a8:7c:ab:04:69:6e:60:2c:4b:db: f8:87:58:e9:5b:17:b6:0a:e0:bb:2e:7c:83:39:ff: 0f:31:44:51:68:2a:06:04:5b:da:ee:2d:c0:23:97: 73:2c:f8:e5:f8:84:88:25:51:d5:1a:55:ff:45:db: 7b:1c:c1:c7:9e:6c:2d:3b:4b:f4:7b:8f:16:97:87: 02:7f:ed:ae:e9:93:e5:fa:e5:8e:29:d4:ee:0e:cc: a2:de:33:cc:e9:92:67:8c:ee:c4:1d:b5:83:89:aa: 94:ab:61:40:c4:e2:ea:77:c8:c5:56:05:e3:61:bd: 64:68:ee:f9:e9:08:60:41:9f:d8:e6:53:45:ef:b2: f5:cf:9e:96:2a:96:6d:90:d7:51:c2:e8:27:a3:b9: f3:01:4d:4a:ca:ab:d8:4d:86:ea:19:8d:ee:01:f2: b5:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:BA:5A:B0:93:81:16:37:04:24:BF:8C:C2:D5:2F:41:E5:27:BA:C2 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/5663bf34-10ed-4309-a236-7466afd6f02f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 1a:c2:59:3a:fb:10:91:8e:bd:26:3f:53:e0:99:cc:79:75:16: ba:85:98:8c:a3:42:dc:cd:7c:5a:9d:02:0e:1e:56:16:e6:b0: 1f:88:16:b7:41:0c:d0:53:31:4b:db:ed:d6:ec:79:1b:0a:82: 36:79:18:71:76:3c:84:f3:e8:68:81:3f:a2:dd:90:3b:3e:f5: 89:40:0f:91:44:67:27:1b:6f:86:5d:05:d4:50:4d:20:e8:f0: b0:77:fa:da:8c:47:8b:ca:ee:b4:d5:08:0c:0d:c8:e9:b4:b3: bf:4f:90:e3:3a:51:4e:93:0e:33:8a:20:23:3c:5f:d6:78:08: ef:f8:2d:20:86:2b:a0:87:e4:d1:ea:71:11:7e:af:8b:fa:6a: d1:99:a0:fd:2f:f9:0a:8f:5c:fa:ef:3e:19:77:86:cf:43:bc: 59:d7:58:42:a2:5a:55:4a:46:84:30:de:bc:ce:36:fb:02:5f: 8a:e8:3e:5a:67:15:8d:d7:21:46:17:19:e2:77:95:1d:24:7e: 14:86:7e:1c:62:ed:b7:6b:1c:35:96:e4:9f:74:c6:2c:3a:7b: cb:c2:d4:ad:2c:c9:43:c3:39:3d:61:d1:39:e7:0a:6e:04:c4: 4d:4c:54:41:e3:3b:1f:5b:be:03:93:d7:99:54:d0:6b:6a:f4: 43:ee:9c:29 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIMKNS9DgEzWrnwuT9BOw03UwNy0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDQzMDAwMDAwNVoX DTI1MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAMjQwZTdiOWMxYzY1Y2QxNWM2NzNj OTNiYjY4OWYxMTMxZTMxNDgwZTEwNWQzZWU1YWMxYjdmNzgzNDVhYWFkNDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpEc3CdUgcK456cDX26pYb19/vcf rEcvcHKrWnRBUyb405ct6qUuDXf0YwNWKfnShNMldEGOH4r6RUllefIlK0vDsFgo +Q8Lqk9rTYcwWiGy7ufHChtqVulwlwLFPKh8qwRpbmAsS9v4h1jpWxe2CuC7LnyD Of8PMURRaCoGBFva7i3AI5dzLPjl+ISIJVHVGlX/Rdt7HMHHnmwtO0v0e48Wl4cC f+2u6ZPl+uWOKdTuDsyi3jPM6ZJnjO7EHbWDiaqUq2FAxOLqd8jFVgXjYb1kaO75 6QhgQZ/Y5lNF77L1z56WKpZtkNdRwugno7nzAU1KyqvYTYbqGY3uAfK1eQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLm6WrCTgRY3BCS/jMLVL0HlJ7rCMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU2NjNiZjM0LTEwZWQtNDMwOS1hMjM2LTc0NjZhZmQ2ZjAyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAOzAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAawlk6+xCRjr0mP1Pg mcx5dRa6hZiMo0LczXxanQIOHlYW5rAfiBa3QQzQUzFL2+3W7HkbCoI2eRhxdjyE 8+hogT+i3ZA7PvWJQA+RRGcnG2+GXQXUUE0g6PCwd/rajEeLyu601QgMDcjptLO/ T5DjOlFOkw4ziiAjPF/WeAjv+C0ghiugh+TR6nERfq+L+mrRmaD9L/kKj1z67z4Z d4bPQ7xZ11hColpVSkaEMN68zjb7Al+K6D5aZxWN1yFGFxnid5UdJH4Uhn4cYu23 axw1luSfdMYsOnvLwtStLMlDwzk9YdE55wpuBMRNTFRB4zsfW74Dk9eZVNBravRD 7pwp -----END CERTIFICATE-----Generated at Tue May 6 01:42:15 2025 by rpki-client