$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa File: 0f308446-71c0-4da7-9488-837b94b0ca9c.roa (raw, json) Hash identifier: Zw/swggK0gsZeg7TeWeX/F0PV8OdCTjEewXE1hAsaqE= Subject key identifier: 27:37:B6:47:4F:24:5C:65:4D:E5:7A:51:2B:F7:6C:0B:8F:03:E2:A1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5269D1D0E788788899E53C91CD4A96D43035D057 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa Signing time: Sat 19 Apr 2025 00:40:58 +0000 ROA not before: Sat 19 Apr 2025 00:40:58 +0000 ROA not after: Sat 24 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:69:d1:d0:e7:88:78:88:99:e5:3c:91:cd:4a:96:d4:30:35:d0:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 19 00:40:58 2025 GMT Not After : May 24 23:59:59 2025 GMT Subject: serialNumber=cd7e20709a2af4c279d2aec4dd8371928c78ffc815e6228a814f967192d0e807, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:18:86:98:bc:a6:44:bb:34:f4:f4:06:df:51: fb:ea:27:75:37:1a:53:82:b6:21:80:74:a4:0a:b2: 2f:1c:ec:15:7d:bf:bf:cf:8b:7f:79:74:15:51:3c: 2f:8b:d2:c6:e5:46:37:fe:48:bf:60:6e:41:94:52: 67:94:7e:27:ee:1a:ad:df:b3:08:b3:a6:8a:34:c1: 5e:34:db:b0:0f:58:3a:d6:88:ca:59:ec:df:44:e1: 14:12:36:94:8d:70:67:51:89:44:e2:6a:ff:bc:80: da:9f:1d:0e:6f:e3:f5:31:d0:98:e0:a2:ab:2a:c4: 65:f9:b8:23:99:98:ed:08:cb:0a:c9:f5:53:09:ff: a9:30:00:f5:54:d7:66:96:a5:55:34:0a:18:1f:28: 25:b3:a2:8d:b9:6f:81:b4:ea:77:d6:b1:13:91:6c: c6:c6:68:e7:7d:da:87:4c:b3:83:51:a0:96:83:53: e9:f9:28:ef:e5:91:19:81:77:39:d8:49:3e:db:55: 14:1a:72:7d:79:6a:03:5c:9c:2f:df:a7:10:00:71: 0d:b0:3f:08:68:c6:7f:66:65:1e:69:30:e8:eb:bc: 48:b0:72:86:a6:13:b5:c2:20:f5:a5:24:49:62:18: 05:be:36:3f:57:4f:52:6e:60:2b:a5:73:cc:9b:de: 19:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:37:B6:47:4F:24:5C:65:4D:E5:7A:51:2B:F7:6C:0B:8F:03:E2:A1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4080::/48 Signature Algorithm: sha256WithRSAEncryption 3d:8f:95:eb:6f:91:04:46:da:62:0a:81:4d:0f:87:4e:0b:58: 79:d5:a3:ff:37:a4:89:1c:f0:73:83:7a:ca:ae:3d:55:b6:de: e9:18:c9:45:2d:ee:16:ac:fe:3d:b5:23:97:31:21:40:41:b4: 4e:1a:d4:d0:69:ed:68:e3:6e:22:9f:0c:eb:02:1c:3c:13:e5: 12:b8:56:06:16:ba:20:09:f5:d5:1e:c9:1d:68:ab:aa:e1:82: 42:b1:af:41:a0:b8:e6:c4:82:8e:f0:57:af:25:ef:b6:f4:14: 18:99:71:03:d8:8a:90:90:c1:09:8a:88:a6:1c:33:e4:06:fc: 4b:9d:40:a5:aa:4e:5a:de:24:65:72:61:ad:f0:06:7b:ca:82: 85:f2:0d:85:72:84:b9:71:4b:dc:78:e8:a5:01:45:95:5b:85: e8:16:6b:9c:e1:cf:8b:15:f6:19:e6:6b:df:77:64:8a:b7:58: f3:40:73:04:03:b1:0e:ca:56:78:06:b0:ef:f1:de:a3:dd:a2: b1:0e:2d:a5:bc:60:fa:76:c3:bd:81:39:ec:1e:67:83:9a:2a: 12:9c:fc:a9:81:0f:ec:77:45:c4:16:f7:4e:07:62:48:0c:ed: 4f:0a:85:8f:7a:c7:db:9d:8f:46:d4:f0:cf:dc:3d:24:c8:ad: 2e:e0:3e:43 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUmnR0OeIeIiZ5TyRzUqW1DA10FcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxOTAwNDA1OFoX DTI1MDUyNDIzNTk1OVowejFJMEcGA1UEBRNAY2Q3ZTIwNzA5YTJhZjRjMjc5ZDJh ZWM0ZGQ4MzcxOTI4Yzc4ZmZjODE1ZTYyMjhhODE0Zjk2NzE5MmQwZTgwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhiGmLymRLs09PQG31H76id1NxpT grYhgHSkCrIvHOwVfb+/z4t/eXQVUTwvi9LG5UY3/ki/YG5BlFJnlH4n7hqt37MI s6aKNMFeNNuwD1g61ojKWezfROEUEjaUjXBnUYlE4mr/vIDanx0Ob+P1MdCY4KKr KsRl+bgjmZjtCMsKyfVTCf+pMAD1VNdmlqVVNAoYHygls6KNuW+BtOp31rETkWzG xmjnfdqHTLODUaCWg1Pp+Sjv5ZEZgXc52Ek+21UUGnJ9eWoDXJwv36cQAHENsD8I aMZ/ZmUeaTDo67xIsHKGphO1wiD1pSRJYhgFvjY/V09SbmArpXPMm94ZiwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCc3tkdPJFxlTeV6USv3bAuPA+KhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmMzA4NDQ2LTcxYzAtNGRhNy05NDg4LTgzN2I5NGIwY2E5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8kCAMA0GCSqGSIb3DQEBCwUAA4IBAQA9j5Xrb5EERtpiCoFN D4dOC1h51aP/N6SJHPBzg3rKrj1Vtt7pGMlFLe4WrP49tSOXMSFAQbROGtTQae1o 424inwzrAhw8E+USuFYGFrogCfXVHskdaKuq4YJCsa9BoLjmxIKO8FevJe+29BQY mXED2IqQkMEJioimHDPkBvxLnUClqk5a3iRlcmGt8AZ7yoKF8g2FcoS5cUvceOil AUWVW4XoFmuc4c+LFfYZ5mvfd2SKt1jzQHMEA7EOylZ4BrDv8d6j3aKxDi2lvGD6 dsO9gTnsHmeDmioSnPypgQ/sd0XEFvdOB2JIDO1PCoWPesfbnY9G1PDP3D0kyK0u 4D5D -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:41 2025 by rpki-client on console.sobornost.net