$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eba370b-504c-4cec-9df7-1704d28e1c93.roa File: 4eba370b-504c-4cec-9df7-1704d28e1c93.roa (raw, json) Hash identifier: CJVHkOW+kWB5Mcpsonzl08KNIMcymmOlqeBSsL/Eiyw= Subject key identifier: F9:2B:36:FF:3A:5C:2B:A7:B5:7C:68:32:C8:BB:9F:C6:13:7D:F2:94 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2B2085225C31A8074E412BA4B5D3E7866E88FBD2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eba370b-504c-4cec-9df7-1704d28e1c93.roa Signing time: Wed 23 Apr 2025 00:00:10 +0000 ROA not before: Wed 23 Apr 2025 00:00:10 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da10::/28 maxlen: 28 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:20:85:22:5c:31:a8:07:4e:41:2b:a4:b5:d3:e7:86:6e:88:fb:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:10 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=f2157200fbbdd8e95168e0cbc1e1de4193d0492d21fa209f4405192b65fc9435, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:46:af:90:9e:de:d8:12:13:cf:e9:9d:0e:d5: 8e:bd:ac:b8:37:b7:ae:06:f7:47:77:a8:ed:d3:e2: 62:c2:8f:35:89:f4:d1:b9:2b:b2:ff:2a:ac:71:f7: c8:bb:f1:44:1f:03:bd:be:83:5e:df:2f:41:4f:ab: b0:c0:9b:3d:ce:33:e3:dd:66:2c:3c:b1:cf:02:92: 76:a1:f9:8b:c0:02:fc:c5:9b:86:6d:1a:79:60:4b: f3:50:b9:e3:b4:a1:68:20:b5:1d:a7:8d:3a:b1:5b: ab:29:0f:ac:ce:2f:84:09:95:78:59:12:1f:ee:6a: 0e:78:36:24:ec:ce:6a:c6:1d:09:a1:d9:ab:44:51: c4:97:99:82:9e:c8:ab:2a:15:fa:37:9d:63:71:fd: 79:80:c6:6b:d1:76:28:89:75:c0:e7:4d:c2:d2:5f: f6:51:9b:b1:22:f0:ac:6c:05:c7:f5:36:60:27:7b: 5d:c1:38:f3:a5:7b:07:bd:31:78:81:93:75:d5:7a: cf:4e:d2:fe:2b:37:45:ba:13:9a:44:d5:69:85:f4: 65:82:08:08:b8:6d:74:43:9d:a1:1d:86:b6:0a:99: fa:dc:24:49:b4:17:d7:69:23:12:54:d5:71:05:71: 3b:2a:bd:17:7e:83:0f:74:d5:1e:2e:19:76:c1:10: ae:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:2B:36:FF:3A:5C:2B:A7:B5:7C:68:32:C8:BB:9F:C6:13:7D:F2:94 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4eba370b-504c-4cec-9df7-1704d28e1c93.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da10::/28 Signature Algorithm: sha256WithRSAEncryption 7c:97:c4:7b:6f:54:52:69:6d:3e:94:75:cc:77:1b:32:91:11: 70:26:be:53:c0:08:ac:38:80:3d:ea:58:12:21:d8:9a:ef:1d: 7b:35:a9:f7:f4:7b:78:ca:58:b1:79:26:a9:65:26:94:26:e3: f7:34:01:3c:dc:58:c3:ca:02:fd:4b:02:1b:6e:e5:50:c3:89: 60:c5:dc:fe:f9:3c:b1:f5:50:93:53:0d:6e:ea:ae:92:25:cd: 3b:22:d0:24:c2:a2:f0:21:9c:55:c0:53:a6:e8:6c:73:01:43: f0:34:3c:cb:08:51:b8:23:6f:79:3e:0c:cd:20:a5:78:01:03: 9f:7c:c6:4b:9f:9f:83:e9:b2:2e:a7:55:a0:da:8a:84:3d:00: a8:02:30:c6:9a:bb:4a:c6:db:cd:c8:f3:e7:22:57:75:75:bf: b5:d1:90:47:15:4d:3f:77:96:b7:a2:c8:5b:b9:3d:20:8f:29: d5:70:34:46:54:1e:3c:17:de:4d:ef:e8:24:bc:dc:e2:bb:66: f3:1b:c0:78:4c:bd:44:cf:3c:e0:fb:ea:05:c6:4e:d7:d6:b1: 7c:97:84:10:66:03:eb:f8:1a:bb:86:dd:1c:20:56:eb:9b:e1: e3:55:07:46:aa:a7:01:c5:42:07:04:a7:64:c5:d2:02:34:fe: 39:0c:38:f2 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUKyCFIlwxqAdOQSuktdPnhm6I+9IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMzAwMDAxMFoX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNAZjIxNTcyMDBmYmJkZDhlOTUxNjhl MGNiYzFlMWRlNDE5M2QwNDkyZDIxZmEyMDlmNDQwNTE5MmI2NWZjOTQzNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UavkJ7e2BITz+mdDtWOvay4N7eu BvdHd6jt0+Jiwo81ifTRuSuy/yqscffIu/FEHwO9voNe3y9BT6uwwJs9zjPj3WYs PLHPApJ2ofmLwAL8xZuGbRp5YEvzULnjtKFoILUdp406sVurKQ+szi+ECZV4WRIf 7moOeDYk7M5qxh0JodmrRFHEl5mCnsirKhX6N51jcf15gMZr0XYoiXXA503C0l/2 UZuxIvCsbAXH9TZgJ3tdwTjzpXsHvTF4gZN11XrPTtL+KzdFuhOaRNVphfRlgggI uG10Q52hHYa2Cpn63CRJtBfXaSMSVNVxBXE7Kr0XfoMPdNUeLhl2wRCuowIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFPkrNv86XCuntXxoMsi7n8YTffKUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlYmEzNzBiLTUwNGMtNGNlYy05ZGY3LTE3MDRkMjhlMWM5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUEJAbaEDANBgkqhkiG9w0BAQsFAAOCAQEAfJfEe29UUmltPpR1zHcb MpERcCa+U8AIrDiAPepYEiHYmu8dezWp9/R7eMpYsXkmqWUmlCbj9zQBPNxYw8oC /UsCG27lUMOJYMXc/vk8sfVQk1MNbuqukiXNOyLQJMKi8CGcVcBTpuhscwFD8DQ8 ywhRuCNveT4MzSCleAEDn3zGS5+fg+myLqdVoNqKhD0AqAIwxpq7Ssbbzcjz5yJX dXW/tdGQRxVNP3eWt6LIW7k9II8p1XA0RlQePBfeTe/oJLzc4rtm8xvAeEy9RM88 4PvqBcZO19axfJeEEGYD6/gau4bdHCBW65vh41UHRqqnAcVCBwSnZMXSAjT+OQw4 8g== -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:44 2025 by rpki-client on console.sobornost.net