$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa File: 289cedd6-78dc-4ef5-9358-e95987fd7c36.roa (raw, json) Hash identifier: lLgf+SjPUAiy2oT8nxTvpc7nNki4ZBcZ8+m4uzUTSG0= Subject key identifier: 6F:65:38:0E:0A:DB:FC:FE:D9:22:46:79:9D:BE:12:B1:A5:36:CD:8B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3F50DDE50AE5D8311826AC3502D2FC0AE5C34D19 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa Signing time: Mon 21 Apr 2025 16:00:39 +0000 ROA not before: Mon 21 Apr 2025 16:00:39 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:2080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:50:dd:e5:0a:e5:d8:31:18:26:ac:35:02:d2:fc:0a:e5:c3:4d:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 16:00:39 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=a2d958e860ba649d7c5dd729ef3a8674190c4fcd543f9ca201fef0bc02a0d6f7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e0:1c:ac:69:ae:70:dc:7e:51:af:f2:66:af: f8:eb:48:aa:33:9b:49:d0:cc:7d:00:e6:31:65:7b: 96:58:f4:2d:d0:2f:f5:51:42:27:f8:16:4d:bd:54: 22:26:ed:a7:e8:a6:6b:ac:ba:73:f0:bf:d3:a5:32: 9a:d9:75:c8:81:2f:e5:23:34:0f:3f:fc:9f:e0:b0: ae:84:63:0d:71:fa:a5:eb:23:7a:0d:02:10:93:f9: f6:7c:d8:f6:aa:73:62:2f:fb:13:ad:a6:b2:f3:51: 51:36:75:13:53:a9:bc:d4:c3:fe:80:65:50:fa:bd: b6:1b:9a:8c:8a:0e:4f:10:b5:24:9f:4c:91:33:67: ee:65:5a:28:aa:16:c8:80:fc:5d:d4:74:ce:28:99: 08:82:00:95:06:d7:af:46:5a:df:f7:98:4e:57:db: 69:b1:d5:03:61:40:52:18:56:fd:af:37:45:41:87: a2:e1:f7:e9:91:d0:28:47:47:84:76:e8:18:37:b2: 96:f8:29:ae:ac:fd:fd:11:04:63:f2:97:89:9d:50: d9:92:58:2e:13:76:a8:b0:41:07:d3:e9:51:5e:35: ba:4a:1d:dc:8a:56:25:34:6f:83:f0:bf:c5:31:b2: 6b:ea:e4:2b:be:e6:ec:bc:5b:c3:b3:5b:4e:3f:97: 6c:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:65:38:0E:0A:DB:FC:FE:D9:22:46:79:9D:BE:12:B1:A5:36:CD:8B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:2080::/46 Signature Algorithm: sha256WithRSAEncryption 27:69:4b:a6:4b:e3:d1:1e:34:a4:9b:30:1a:0c:a1:c9:63:3f: 74:37:d3:0d:9e:d6:2f:ef:83:0d:aa:f3:16:37:99:5c:de:3a: 24:86:db:c6:bd:93:36:db:ad:1c:a0:e8:da:89:12:3c:d8:b8: 62:05:bd:e2:88:05:20:ff:17:5f:64:48:20:91:76:06:b4:31: 9b:eb:2a:f9:95:f6:de:38:4b:35:29:0c:50:0d:26:44:0c:f8: 38:6c:46:4d:d5:96:bb:12:02:11:f9:b8:10:ba:b6:01:c2:ff: fb:a8:37:3a:fb:23:7f:d7:58:43:d4:93:70:35:95:df:4e:36: 7e:cc:ae:38:40:6e:4b:f3:0f:9e:36:4b:53:d8:a7:ae:97:e9: 3a:de:da:59:f0:72:98:00:19:39:3c:b2:f1:a0:71:ae:cc:a5: 8b:94:69:6f:f9:fd:48:ed:cd:51:3c:15:12:2b:04:de:7f:af: 2b:05:7b:79:16:1c:7a:9f:27:e1:c7:05:70:1a:48:98:78:32: 81:cd:6b:c1:fd:d5:36:a9:78:7a:5f:92:fa:f0:bd:2e:b5:a9: 29:2c:16:7c:28:ab:fb:51:83:3c:45:8d:22:3e:d7:ce:0c:61: 33:7a:99:e4:d2:df:b7:eb:91:a1:af:06:97:91:8b:b2:c0:27: c7:d5:c5:a5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUP1Dd5Qrl2DEYJqw1AtL8CuXDTRkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE2MDAzOVoX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAYTJkOTU4ZTg2MGJhNjQ5ZDdjNWRk NzI5ZWYzYTg2NzQxOTBjNGZjZDU0M2Y5Y2EyMDFmZWYwYmMwMmEwZDZmNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOAcrGmucNx+Ua/yZq/460iqM5tJ 0Mx9AOYxZXuWWPQt0C/1UUIn+BZNvVQiJu2n6KZrrLpz8L/TpTKa2XXIgS/lIzQP P/yf4LCuhGMNcfql6yN6DQIQk/n2fNj2qnNiL/sTraay81FRNnUTU6m81MP+gGVQ +r22G5qMig5PELUkn0yRM2fuZVooqhbIgPxd1HTOKJkIggCVBtevRlrf95hOV9tp sdUDYUBSGFb9rzdFQYei4ffpkdAoR0eEdugYN7KW+CmurP39EQRj8peJnVDZklgu E3aosEEH0+lRXjW6Sh3cilYlNG+D8L/FMbJr6uQrvubsvFvDs1tOP5dsBQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFG9lOA4K2/z+2SJGeZ2+ErGlNs2LMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI4OWNlZGQ2LTc4ZGMtNGVmNS05MzU4LWU5NTk4N2ZkN2MzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+yCAMA0GCSqGSIb3DQEBCwUAA4IBAQAnaUumS+PRHjSkmzAa DKHJYz90N9MNntYv74MNqvMWN5lc3jokhtvGvZM2260coOjaiRI82LhiBb3iiAUg /xdfZEggkXYGtDGb6yr5lfbeOEs1KQxQDSZEDPg4bEZN1Za7EgIR+bgQurYBwv/7 qDc6+yN/11hD1JNwNZXfTjZ+zK44QG5L8w+eNktT2Keul+k63tpZ8HKYABk5PLLx oHGuzKWLlGlv+f1I7c1RPBUSKwTef68rBXt5Fhx6nyfhxwVwGkiYeDKBzWvB/dU2 qXh6X5L68L0utakpLBZ8KKv7UYM8RY0iPtfODGEzepnk0t+365GhrwaXkYuywCfH 1cWl -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:42 2025 by rpki-client on console.sobornost.net