$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: kbM0fe54RQa+TgOkXCYrHIogqoQ+b1assSFnkkUos9w= Subject key identifier: FC:42:BF:9A:0A:3A:DB:45:08:5E:C7:8A:ED:4D:B3:4A:9A:3D:0B:F4 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 42BF37510EB976218405C1C9C10307B2B84D699A Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Wed 30 Apr 2025 00:00:32 +0000 ROA not before: Wed 30 Apr 2025 00:00:32 +0000 ROA not after: Wed 04 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 00:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:bf:37:51:0e:b9:76:21:84:05:c1:c9:c1:03:07:b2:b8:4d:69:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 30 00:00:32 2025 GMT Not After : Jun 4 23:59:59 2025 GMT Subject: serialNumber=94d71fec002ebdc45646e40b6ea3b046d1f7ddaef4214eaf95cbe75783363293, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:90:6a:d5:cf:da:cc:54:b5:b3:9b:81:06:cf: 98:a6:1c:e7:ca:bb:73:38:74:24:92:b4:2b:46:f0: f1:64:73:df:92:e3:22:25:e4:59:ae:af:8e:13:9e: 52:df:76:9d:8d:db:19:15:c0:00:aa:0e:a1:d3:3b: 91:00:5b:24:47:f7:67:74:82:8f:44:19:f0:7c:0c: cb:b8:c1:43:9d:30:94:a0:63:73:b3:9d:5f:b2:27: 81:d2:e9:bc:bc:67:8d:07:7e:3c:fc:8d:52:60:ea: 80:9f:d6:75:e1:65:06:13:fe:43:39:08:41:a9:5b: 3a:77:84:16:65:10:d3:ec:df:59:62:27:43:a4:a7: 2c:68:97:15:0c:99:46:bd:90:5e:52:09:33:29:cd: f7:e1:10:60:e3:df:18:ff:aa:e1:0e:e6:29:ff:ca: f7:8e:5a:a9:52:8d:22:f7:55:70:be:90:4a:1b:c3: 36:4d:e3:d6:7a:f4:bc:b5:a7:b5:57:72:bd:6d:39: 59:ee:72:da:11:00:b0:6b:0e:cb:5f:52:89:8d:bb: 9b:e6:87:57:d5:b9:2a:23:c2:ca:cb:10:e7:df:be: 83:21:db:64:fe:91:bd:58:f3:d2:bc:38:8b:41:8b: c3:b2:4f:d1:f7:ab:fd:6f:b6:30:58:31:0e:e4:99: 57:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:42:BF:9A:0A:3A:DB:45:08:5E:C7:8A:ED:4D:B3:4A:9A:3D:0B:F4 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 36:9b:99:44:25:62:0a:be:8e:e8:b2:56:5e:86:25:9d:07:43: 85:86:37:5c:fa:d1:eb:c0:3a:a3:71:31:f8:75:b7:2f:0b:51: 71:30:1e:c2:33:2e:c4:5e:51:19:7b:e8:60:a9:74:bb:99:fd: b6:93:43:39:57:39:f0:8e:ba:b1:ba:5b:e3:d8:c6:ee:96:f9: 4f:fb:e6:f8:69:ab:26:b2:fe:a0:27:22:b6:30:31:32:e1:62: a3:e1:ac:09:a7:48:b3:3d:8e:97:ff:c5:01:72:9b:39:4d:f7: 63:6d:87:5a:b7:9c:da:9d:99:3f:38:e9:56:e6:55:df:5e:50: 28:e3:bb:db:4a:45:29:31:87:ce:29:11:61:17:4b:af:97:28: 72:7b:ca:28:f8:0f:2b:41:1e:d4:a5:80:40:17:5c:9b:e3:64: dd:1a:22:2c:6e:6e:e0:95:96:5a:32:94:f4:9f:64:38:a5:49: c2:1b:19:88:d0:c5:db:2b:ef:d5:cb:6d:e6:03:db:cd:8a:5a: f3:dd:31:30:7a:6c:ff:d9:b8:8a:d0:69:dc:a2:6f:64:06:61: 21:fa:6c:11:27:e4:42:52:2e:cd:1e:ac:66:af:93:1e:d8:51: 48:51:35:f3:4f:a7:68:0f:98:2b:70:b3:95:16:b0:70:79:62: 23:4d:59:a5 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUQr83UQ65diGEBcHJwQMHsrhNaZowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDQzMDAwMDAzMloX DTI1MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAOTRkNzFmZWMwMDJlYmRjNDU2NDZl NDBiNmVhM2IwNDZkMWY3ZGRhZWY0MjE0ZWFmOTVjYmU3NTc4MzM2MzI5MzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpBq1c/azFS1s5uBBs+Yphznyrtz OHQkkrQrRvDxZHPfkuMiJeRZrq+OE55S33adjdsZFcAAqg6h0zuRAFskR/dndIKP RBnwfAzLuMFDnTCUoGNzs51fsieB0um8vGeNB348/I1SYOqAn9Z14WUGE/5DOQhB qVs6d4QWZRDT7N9ZYidDpKcsaJcVDJlGvZBeUgkzKc334RBg498Y/6rhDuYp/8r3 jlqpUo0i91VwvpBKG8M2TePWevS8tae1V3K9bTlZ7nLaEQCwaw7LX1KJjbub5odX 1bkqI8LKyxDn376DIdtk/pG9WPPSvDiLQYvDsk/R96v9b7YwWDEO5JlXGwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFPxCv5oKOttFCF7Hiu1Ns0qaPQv0MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEANpuZRCViCr6O6LJWXoYl nQdDhYY3XPrR68A6o3Ex+HW3LwtRcTAewjMuxF5RGXvoYKl0u5n9tpNDOVc58I66 sbpb49jG7pb5T/vm+GmrJrL+oCcitjAxMuFio+GsCadIsz2Ol//FAXKbOU33Y22H Wrec2p2ZPzjpVuZV315QKOO720pFKTGHzikRYRdLr5cocnvKKPgPK0Ee1KWAQBdc m+Nk3RoiLG5u4JWWWjKU9J9kOKVJwhsZiNDF2yvv1ctt5gPbzYpa890xMHps/9m4 itBp3KJvZAZhIfpsESfkQlIuzR6sZq+THthRSFE180+naA+YK3CzlRawcHliI01Z pQ== -----END CERTIFICATE-----Generated at Mon May 5 11:40:24 2025 by rpki-client