$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa File: cc671c79-21f0-4fff-b898-595966ecd1a9.roa (raw, json) Hash identifier: 2nINrmuyvKIL7x4TEPXOcwzcpVTRnH3cAnehM0NodbY= Subject key identifier: BE:53:35:5F:8F:D2:B8:D0:64:F2:23:F1:3C:33:9F:57:1B:85:2E:AC Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 227C6E5D11828435CE6068C1192B6A21FA20B9EA Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa Signing time: Wed 30 Apr 2025 00:00:30 +0000 ROA not before: Wed 30 Apr 2025 00:00:30 +0000 ROA not after: Wed 04 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 00:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:7c:6e:5d:11:82:84:35:ce:60:68:c1:19:2b:6a:21:fa:20:b9:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 30 00:00:30 2025 GMT Not After : Jun 4 23:59:59 2025 GMT Subject: serialNumber=8be341d69798f4730e878944596eae37596d8814eb4328c3524ac294a4c73653, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:55:76:2b:1d:93:89:25:22:e8:44:97:a0:6f: 6e:e7:b2:d5:a1:96:b2:68:0c:30:ed:ca:39:f9:5f: 4c:e1:45:a1:2c:ba:4b:ab:b5:98:0b:b9:5f:88:a0: 9c:ca:b6:4d:fd:f0:02:83:c7:a8:f6:25:3e:ea:45: a7:14:d3:6b:53:a0:49:c9:34:38:a9:88:0a:b0:bc: 67:92:4c:6f:47:96:45:c3:32:ed:d5:d2:b8:f0:9e: 6e:27:87:69:11:1d:32:33:65:f2:6d:7a:24:5a:1d: 2c:cc:73:b5:cd:2a:94:c5:1b:18:e0:e5:28:a8:9e: 66:50:17:a7:20:c6:df:8c:fa:a6:a3:c6:f9:2a:66: e9:e7:af:97:bd:7c:d6:06:bd:92:fb:e6:e8:ee:ad: 3f:fe:e3:26:6e:7d:bb:64:eb:a1:7f:9e:c3:0f:46: a6:cf:c9:17:12:fe:fe:c0:15:48:42:37:91:7e:aa: 2f:0c:9b:8d:3c:ca:37:3b:f6:f3:1b:a8:38:97:cf: b2:5b:bc:fb:cf:81:13:56:e1:c5:a4:f5:e5:b0:71: dd:f8:88:90:fd:b4:d2:18:32:43:2c:31:e2:56:94: 9b:b6:52:12:5a:0c:f4:bb:c0:ef:4f:9e:20:9e:f0: f0:c0:5d:1d:04:ae:3f:d7:53:8a:5f:92:66:00:b8: 48:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:53:35:5F:8F:D2:B8:D0:64:F2:23:F1:3C:33:9F:57:1B:85:2E:AC X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/cc671c79-21f0-4fff-b898-595966ecd1a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 82:cd:05:92:d2:57:dc:98:8a:13:e5:c2:8e:7b:7c:5f:95:7a: 58:03:69:2a:e5:49:a6:35:7f:73:0d:09:c3:0f:27:14:c5:8b: a6:62:51:f6:0e:9a:c1:30:ac:5d:19:47:00:4f:0f:18:52:bb: da:4a:5e:53:44:02:0b:6f:10:1b:1c:c3:34:bf:cc:f3:1b:25: 1e:8d:b7:92:7e:4c:e9:77:d6:4c:6d:14:41:30:a1:6c:a1:ed: f2:ce:30:9a:90:c8:bd:fe:20:57:ad:52:c2:96:e3:eb:11:d4: 30:60:4d:99:a8:38:66:1d:41:d1:21:ef:14:e0:a6:82:dd:b3: 92:25:37:86:40:70:7b:1c:69:ab:30:79:38:b2:d3:1f:f6:a3: 63:c7:3f:53:e2:04:1d:f7:8e:15:fa:6a:b5:21:e5:e0:52:1b: f5:d4:37:9a:45:f3:42:9f:a8:ee:95:d3:7d:3d:27:ec:ba:d8: 38:e9:68:6b:3a:c4:74:aa:4e:c2:b4:6f:93:76:9e:25:2d:c4: 28:35:66:ee:aa:43:bd:4b:0c:ec:fa:ac:60:62:dc:2e:75:56: 0b:53:dc:01:e4:c4:04:00:08:71:1e:0a:0c:d3:1e:b9:0a:ff: 70:9c:15:ec:ca:10:c2:ab:37:6e:46:f2:71:9f:c2:ba:68:f8: 9b:5b:bb:79 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUInxuXRGChDXOYGjBGStqIfogueowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDQzMDAwMDAzMFoX DTI1MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAOGJlMzQxZDY5Nzk4ZjQ3MzBlODc4 OTQ0NTk2ZWFlMzc1OTZkODgxNGViNDMyOGMzNTI0YWMyOTRhNGM3MzY1MzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FV2Kx2TiSUi6ESXoG9u57LVoZay aAww7co5+V9M4UWhLLpLq7WYC7lfiKCcyrZN/fACg8eo9iU+6kWnFNNrU6BJyTQ4 qYgKsLxnkkxvR5ZFwzLt1dK48J5uJ4dpER0yM2XybXokWh0szHO1zSqUxRsY4OUo qJ5mUBenIMbfjPqmo8b5Kmbp56+XvXzWBr2S++bo7q0//uMmbn27ZOuhf57DD0am z8kXEv7+wBVIQjeRfqovDJuNPMo3O/bzG6g4l8+yW7z7z4ETVuHFpPXlsHHd+IiQ /bTSGDJDLDHiVpSbtlISWgz0u8DvT54gnvDwwF0dBK4/11OKX5JmALhILwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL5TNV+P0rjQZPIj8Twzn1cbhS6sMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2NjNjcxYzc5LTIxZjAtNGZmZi1iODk4LTU5NTk2NmVjZDFhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCCzQWS0lfcmIoT5cKO e3xflXpYA2kq5UmmNX9zDQnDDycUxYumYlH2DprBMKxdGUcATw8YUrvaSl5TRAIL bxAbHMM0v8zzGyUejbeSfkzpd9ZMbRRBMKFsoe3yzjCakMi9/iBXrVLCluPrEdQw YE2ZqDhmHUHRIe8U4KaC3bOSJTeGQHB7HGmrMHk4stMf9qNjxz9T4gQd944V+mq1 IeXgUhv11DeaRfNCn6juldN9PSfsutg46WhrOsR0qk7CtG+Tdp4lLcQoNWbuqkO9 Swzs+qxgYtwudVYLU9wB5MQEAAhxHgoM0x65Cv9wnBXsyhDCqzduRvJxn8K6aPib W7t5 -----END CERTIFICATE-----Generated at Mon May 5 04:54:33 2025 by rpki-client