$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4340d3ab-0665-4d5d-b19f-2f3cef58b325.roa File: 4340d3ab-0665-4d5d-b19f-2f3cef58b325.roa (raw, json) Hash identifier: Q6nysYts/eCendvLCwbwgdBGQhVkwxFf+m2WNyv9gVo= Subject key identifier: D2:EC:CC:31:EA:B9:21:65:52:E2:59:87:DA:06:9A:6E:38:A1:79:28 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73E9CF9820C222DD16B2AB76883069ACCCC97741 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4340d3ab-0665-4d5d-b19f-2f3cef58b325.roa Signing time: Sat 19 Apr 2025 00:32:14 +0000 ROA not before: Sat 19 Apr 2025 00:32:14 +0000 ROA not after: Sat 24 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:e9:cf:98:20:c2:22:dd:16:b2:ab:76:88:30:69:ac:cc:c9:77:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 19 00:32:14 2025 GMT Not After : May 24 23:59:59 2025 GMT Subject: serialNumber=f3422fca328e53afea460355791b6d68a909a281f4083d5393d0d4db96d6501b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b6:ff:75:20:d2:f4:98:0a:9a:bb:8c:3b:33: 57:ce:cf:8b:c6:9e:8d:0d:50:6e:09:b1:4e:6e:7f: 1a:27:80:b1:90:43:4f:9a:30:a6:c3:fd:97:ec:3d: 64:24:a0:1d:9c:a2:ab:ee:65:1b:3f:cb:16:1d:28: 44:56:27:eb:3a:54:34:e1:80:69:44:7e:a2:b7:aa: 25:63:fd:2b:89:04:e2:d8:a8:20:28:92:a4:04:7a: 9d:21:6c:02:a3:4b:7a:fe:cc:5a:df:d5:1f:25:92: 2e:58:11:0f:07:83:f5:67:9a:b4:d3:51:06:20:ff: eb:02:4d:b2:02:b3:42:91:24:61:e3:cb:e1:2c:41: b2:b2:81:ce:5c:a3:f7:e0:e5:21:7c:db:01:1f:7b: 7c:31:0b:e6:f2:bd:d3:bb:dc:cc:52:59:91:db:89: b5:74:64:b2:3e:75:ad:df:6a:50:aa:6b:11:70:f6: a1:ca:a1:31:ff:20:ee:9e:be:49:68:c2:9b:0a:86: 1a:68:be:c1:8c:7c:c0:00:d6:09:fd:6d:f8:2a:3f: a8:b6:55:61:a1:57:ab:2f:fd:3c:7f:4d:f4:22:5f: 8f:16:c8:c0:99:9e:dc:31:83:fe:e0:09:e9:2f:4e: f9:a8:ed:8f:38:a0:ec:d3:6c:33:50:97:ac:37:c7: 66:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:EC:CC:31:EA:B9:21:65:52:E2:59:87:DA:06:9A:6E:38:A1:79:28 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4340d3ab-0665-4d5d-b19f-2f3cef58b325.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2840::/48 Signature Algorithm: sha256WithRSAEncryption 45:50:d0:62:ea:ba:75:27:0e:d2:31:4b:86:35:f7:80:63:ba: bd:91:3d:e9:bf:b9:50:15:d8:46:2b:e5:03:b9:5a:65:db:79: 88:4d:62:14:14:9c:82:b8:8d:8d:e6:40:93:d2:47:5e:15:62: ec:86:8f:0b:e6:33:0b:ec:05:c0:50:da:8c:31:95:1a:0c:14: dc:14:8a:4d:e7:08:df:54:a6:a2:a1:65:66:7b:e5:49:27:5d: eb:18:72:98:c8:92:91:b8:27:0f:95:4c:cf:a1:75:f9:df:e3: 94:8e:19:6e:00:2d:bc:a8:e9:c5:ec:04:8d:82:43:8e:83:7e: e4:5a:c1:c9:fb:0c:fa:9f:53:a4:51:0d:9a:be:33:07:8c:6e: 1e:47:3a:e0:5f:96:b3:61:ce:ca:4d:56:61:b7:f3:e2:51:02: 07:89:ec:b5:8b:f6:55:ec:62:cd:35:cf:b7:52:d3:a6:b0:cb: 74:cc:6f:65:6e:ca:e9:ec:19:d3:c8:72:7b:72:b3:a9:83:13: 89:0c:79:9b:5c:33:da:df:da:b4:53:d9:48:8f:4b:50:1c:3a: 2b:c3:a6:af:87:91:7b:e9:9a:be:bd:74:8e:c7:2e:f8:5d:fe: 76:92:4c:17:bd:e4:e7:01:05:e2:e1:91:cc:23:c8:7f:06:79: e4:a5:55:25 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUc+nPmCDCIt0Wsqt2iDBprMzJd0EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxOTAwMzIxNFoX DTI1MDUyNDIzNTk1OVowejFJMEcGA1UEBRNAZjM0MjJmY2EzMjhlNTNhZmVhNDYw MzU1NzkxYjZkNjhhOTA5YTI4MWY0MDgzZDUzOTNkMGQ0ZGI5NmQ2NTAxYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7b/dSDS9JgKmruMOzNXzs+Lxp6N DVBuCbFObn8aJ4CxkENPmjCmw/2X7D1kJKAdnKKr7mUbP8sWHShEVifrOlQ04YBp RH6it6olY/0riQTi2KggKJKkBHqdIWwCo0t6/sxa39UfJZIuWBEPB4P1Z5q001EG IP/rAk2yArNCkSRh48vhLEGysoHOXKP34OUhfNsBH3t8MQvm8r3Tu9zMUlmR24m1 dGSyPnWt32pQqmsRcPahyqEx/yDunr5JaMKbCoYaaL7BjHzAANYJ/W34Kj+otlVh oVerL/08f030Il+PFsjAmZ7cMYP+4AnpL075qO2POKDs02wzUJesN8dmAwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNLszDHquSFlUuJZh9oGmm44oXkoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQzNDBkM2FiLTA2NjUtNGQ1ZC1iMTlmLTJmM2NlZjU4YjMyNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yhAMA0GCSqGSIb3DQEBCwUAA4IBAQBFUNBi6rp1Jw7SMUuG NfeAY7q9kT3pv7lQFdhGK+UDuVpl23mITWIUFJyCuI2N5kCT0kdeFWLsho8L5jML 7AXAUNqMMZUaDBTcFIpN5wjfVKaioWVme+VJJ13rGHKYyJKRuCcPlUzPoXX53+OU jhluAC28qOnF7ASNgkOOg37kWsHJ+wz6n1OkUQ2avjMHjG4eRzrgX5azYc7KTVZh t/PiUQIHiey1i/ZV7GLNNc+3UtOmsMt0zG9lbsrp7BnTyHJ7crOpgxOJDHmbXDPa 39q0U9lIj0tQHDorw6avh5F76Zq+vXSOxy74Xf52kkwXveTnAQXi4ZHMI8h/Bnnk pVUl -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:43 2025 by rpki-client on console.sobornost.net