$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04a90cf5-2de1-4992-9955-72ed2e3ba622.roa File: 04a90cf5-2de1-4992-9955-72ed2e3ba622.roa (raw, json) Hash identifier: kXZRz9tLbOEi/f/fS1tcxORHk5++zBg9cd7Va5/03Zc= Subject key identifier: 34:5F:05:B6:E4:5A:5B:12:F4:99:E6:E9:85:88:94:FB:7F:A8:34:44 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B895CED2967733DC172A997D34A946FB054EA80 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04a90cf5-2de1-4992-9955-72ed2e3ba622.roa Signing time: Mon 21 Apr 2025 16:00:21 +0000 ROA not before: Mon 21 Apr 2025 16:00:21 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:89:5c:ed:29:67:73:3d:c1:72:a9:97:d3:4a:94:6f:b0:54:ea:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 16:00:21 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=32f762977c843c91b40cc3044d1033b31e39119aa17c7830401f8b326b975647, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:1c:34:5f:f6:76:08:89:d8:2f:dd:5f:3e:c4: cb:ea:e3:94:06:fd:d7:54:b2:a6:a1:b8:d9:a5:c5: 73:d2:66:c9:44:ca:dd:67:88:17:1a:c3:28:3a:a5: 93:9f:e1:aa:03:04:c6:b6:e2:f8:88:da:15:e8:3c: c6:56:d7:46:f5:b6:8a:9c:6e:77:74:41:a9:49:5e: 12:8b:ab:90:6b:71:67:61:17:a7:ce:7a:7d:16:17: a9:c7:d7:d4:a7:7b:6e:33:d2:c4:5f:c1:86:b4:25: e7:c8:40:a3:8a:17:be:46:42:95:06:6b:7a:7b:bd: eb:3c:e6:50:60:db:40:e4:e2:8f:f9:77:08:a9:37: c0:cf:ee:7f:3c:ae:79:6b:1b:5d:96:80:a7:ff:df: d5:5f:2f:68:6a:5b:55:c5:c3:89:ba:81:f2:1f:fa: b5:0e:f6:ea:1f:19:b8:f4:95:47:5e:f4:32:d2:8d: 0a:5a:8f:9b:23:ae:b8:3c:76:89:05:94:40:1e:37: fd:22:9c:31:0b:c3:dd:58:bc:bf:a3:58:78:60:f4: 1b:93:bd:c0:bd:da:73:72:da:e1:44:12:02:29:4a: ce:7e:3a:e2:36:e7:c1:a5:3a:cc:5f:22:c7:36:ce: cc:5e:36:5e:f9:75:0a:a9:3f:da:91:69:dc:9c:94: 3b:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:5F:05:B6:E4:5A:5B:12:F4:99:E6:E9:85:88:94:FB:7F:A8:34:44 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04a90cf5-2de1-4992-9955-72ed2e3ba622.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:9000::/40 Signature Algorithm: sha256WithRSAEncryption 82:34:72:ac:31:17:69:0b:30:a5:b7:c2:39:1e:5f:5d:ae:9b: e7:30:fa:0d:e9:23:d1:94:f5:e0:13:8c:41:ec:33:69:db:0d: 74:57:db:c6:af:7f:a8:86:b2:8f:5a:4b:52:20:b1:5f:4c:34: 99:2f:e9:ca:c4:67:ff:59:fb:c4:36:6a:7d:bd:d7:66:63:7e: 83:d5:c6:9a:8a:31:f2:df:d6:31:5e:2b:8a:41:d7:f8:9c:59: 75:ef:bf:08:16:a5:a0:d4:8a:38:1f:b6:18:07:cf:7b:a2:ea: 12:42:6e:33:6a:03:3d:10:f2:35:47:8a:9d:95:62:a8:b6:4e: b4:cc:33:44:02:d4:77:c0:2c:fa:55:3f:92:ee:3b:e3:50:0d: cf:bd:39:7e:cf:fe:54:ee:bc:d4:1a:78:e4:6e:df:5d:b6:21: e3:8b:5c:8a:65:68:d8:72:24:3e:eb:6b:ba:a1:19:aa:d2:a9: 2e:e8:23:77:4d:3c:72:6e:60:23:f6:4c:5a:b9:e4:6d:8e:50: ac:7b:fe:f4:a3:a3:82:f3:74:e9:ed:46:e9:59:3b:8f:e1:ee: d3:1f:b2:c0:5b:4e:30:a8:60:0a:72:ad:7c:f8:56:df:03:08: af:87:f2:e8:a7:86:37:2f:b3:8d:d7:0b:e7:ff:15:bf:68:9f: 36:a8:6c:0b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG4lc7Slncz3BcqmX00qUb7BU6oAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE2MDAyMVoX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMzJmNzYyOTc3Yzg0M2M5MWI0MGNj MzA0NGQxMDMzYjMxZTM5MTE5YWExN2M3ODMwNDAxZjhiMzI2Yjk3NTY0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Bw0X/Z2CInYL91fPsTL6uOUBv3X VLKmobjZpcVz0mbJRMrdZ4gXGsMoOqWTn+GqAwTGtuL4iNoV6DzGVtdG9baKnG53 dEGpSV4Si6uQa3FnYRenznp9Fhepx9fUp3tuM9LEX8GGtCXnyECjihe+RkKVBmt6 e73rPOZQYNtA5OKP+XcIqTfAz+5/PK55axtdloCn/9/VXy9oaltVxcOJuoHyH/q1 DvbqHxm49JVHXvQy0o0KWo+bI664PHaJBZRAHjf9IpwxC8PdWLy/o1h4YPQbk73A vdpzctrhRBICKUrOfjriNufBpTrMXyLHNs7MXjZe+XUKqT/akWncnJQ7lQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDRfBbbkWlsS9Jnm6YWIlPt/qDREMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA0YTkwY2Y1LTJkZTEtNDk5Mi05OTU1LTcyZWQyZTNiYTYyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMpAwDQYJKoZIhvcNAQELBQADggEBAII0cqwxF2kLMKW3wjke X12um+cw+g3pI9GU9eATjEHsM2nbDXRX28avf6iGso9aS1IgsV9MNJkv6crEZ/9Z +8Q2an2912ZjfoPVxpqKMfLf1jFeK4pB1/icWXXvvwgWpaDUijgfthgHz3ui6hJC bjNqAz0Q8jVHip2VYqi2TrTMM0QC1HfALPpVP5LuO+NQDc+9OX7P/lTuvNQaeORu 3122IeOLXIplaNhyJD7ra7qhGarSqS7oI3dNPHJuYCP2TFq55G2OUKx7/vSjo4Lz dOntRulZO4/h7tMfssBbTjCoYApyrXz4Vt8DCK+H8uinhjcvs43XC+f/Fb9onzao bAs= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:40 2025 by rpki-client on console.sobornost.net