$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa File: 565f9740-389f-45ac-956e-b96e19889315.roa (raw, json) Hash identifier: NE4YcS6sz7tgbgjIM7v+TB5zJs9jeWphU4dmzb8xoDE= Subject key identifier: EB:02:8B:E7:F3:88:C2:BA:D4:D9:76:47:AA:98:81:34:A4:41:18:E6 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 2F59BA16C9F372F65A7E49CAC9B80307FEDD3FB1 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa Signing time: Mon 31 Mar 2025 15:01:05 +0000 ROA not before: Mon 31 Mar 2025 15:01:05 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:03:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:59:ba:16:c9:f3:72:f6:5a:7e:49:ca:c9:b8:03:07:fe:dd:3f:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Mar 31 15:01:05 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: serialNumber=2ee0ba54466d46ad52565e8a817c40781eec421fe741184709d0ad853f3740d5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:0b:ba:3f:e3:34:30:dd:e1:5b:36:b2:0a:b5: e4:27:19:60:90:88:a0:50:f0:d2:22:63:f3:96:c7: 2f:d5:0d:fb:be:4a:ce:d3:46:2b:0d:be:f4:58:cf: 71:37:a1:f2:ab:9c:4b:00:78:46:0b:66:9b:f2:f7: 75:df:77:e4:bd:20:1f:c5:2a:56:6b:bc:97:54:5d: b5:1e:a6:f3:ba:6d:b4:d8:1b:b5:89:19:41:64:57: 2d:87:03:1c:fd:66:d8:3e:33:e1:31:5f:f6:e3:50: 20:ad:9e:ee:23:a9:07:4a:1e:c2:c6:11:de:b3:c8: bf:2c:f9:7f:fe:1a:9d:fd:9c:84:c4:95:35:c1:31: 6d:c4:8d:93:aa:fb:16:15:db:7f:71:cb:72:de:03: 8f:1e:77:38:c0:94:ce:bb:19:22:48:31:94:02:69: 53:0b:16:1e:8d:61:45:98:78:f4:c9:69:43:d4:27: 13:e3:39:a1:78:3f:9d:3a:88:0d:96:8b:b3:2d:d6: fe:6d:4b:17:fc:ee:5b:41:08:2b:58:79:93:75:7b: 2d:81:19:b5:c0:63:b4:8b:21:98:c7:37:d1:b9:85: f2:de:76:88:0c:f3:5e:50:c2:5e:b8:ee:55:99:d1: 82:10:b5:4b:b5:23:ae:b2:7f:a8:70:2d:85:5c:45: 2a:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:02:8B:E7:F3:88:C2:BA:D4:D9:76:47:AA:98:81:34:A4:41:18:E6 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/565f9740-389f-45ac-956e-b96e19889315.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 84:38:ba:7d:54:ef:44:f5:20:64:c5:ae:5e:6f:85:83:8f:66: 4c:d3:e1:a2:47:35:cd:af:54:32:eb:8d:90:0f:98:83:92:bb: 27:c3:d6:db:da:4c:0d:45:04:c0:c0:cb:a2:25:06:d3:e2:0b: 93:b7:0e:01:6b:f0:64:51:3b:7e:22:a4:75:8d:58:96:dc:fd: df:a8:15:0d:7f:da:77:40:ea:e0:67:e7:b8:99:98:ce:db:cb: 54:1f:d8:4b:5b:59:be:3b:e6:e0:a0:a7:61:eb:18:14:b9:7e: e8:a9:17:35:32:2d:cf:4c:3b:4e:4b:ee:6b:e3:0b:3f:c7:28: 3e:4e:c4:5c:3b:e5:21:7b:99:e1:f8:12:4f:90:08:07:02:97: cc:c4:2b:5e:a7:4c:d8:11:68:76:e9:df:5f:31:3c:05:3b:2e: ff:23:f0:de:86:09:a4:b4:05:de:d9:55:5d:12:7d:0a:fc:5c: 76:07:cf:5c:d9:db:d4:48:28:dc:d5:e2:03:96:ad:c5:e0:85: b1:e6:22:07:51:e9:e3:fe:92:84:55:5e:d5:5a:58:e3:57:29: f1:20:7f:a4:77:03:10:dd:49:75:a2:9b:0c:e8:e6:26:fc:f5: 73:f6:0e:7f:9d:ee:b8:5c:11:9b:3a:fb:e1:aa:ec:77:70:a9: 75:9f:34:7e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUL1m6FsnzcvZafknKybgDB/7dP7EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDMzMTE1MDEwNVoX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAMmVlMGJhNTQ0NjZkNDZhZDUyNTY1 ZThhODE3YzQwNzgxZWVjNDIxZmU3NDExODQ3MDlkMGFkODUzZjM3NDBkNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogu6P+M0MN3hWzayCrXkJxlgkIig UPDSImPzlscv1Q37vkrO00YrDb70WM9xN6Hyq5xLAHhGC2ab8vd133fkvSAfxSpW a7yXVF21Hqbzum202Bu1iRlBZFcthwMc/WbYPjPhMV/241AgrZ7uI6kHSh7CxhHe s8i/LPl//hqd/ZyExJU1wTFtxI2TqvsWFdt/ccty3gOPHnc4wJTOuxkiSDGUAmlT CxYejWFFmHj0yWlD1CcT4zmheD+dOogNlouzLdb+bUsX/O5bQQgrWHmTdXstgRm1 wGO0iyGYxzfRuYXy3naIDPNeUMJeuO5VmdGCELVLtSOusn+ocC2FXEUqkQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOsCi+fziMK61Nl2R6qYgTSkQRjmMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2NWY5NzQwLTM4OWYtNDVhYy05NTZlLWI5NmUxOTg4OTMxNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jgMA0GCSqGSIb3DQEBCwUAA4IBAQCEOLp9VO9E9SBkxa5eb4WD j2ZM0+GiRzXNr1Qy642QD5iDkrsnw9bb2kwNRQTAwMuiJQbT4guTtw4Ba/BkUTt+ IqR1jViW3P3fqBUNf9p3QOrgZ+e4mZjO28tUH9hLW1m+O+bgoKdh6xgUuX7oqRc1 Mi3PTDtOS+5r4ws/xyg+TsRcO+Uhe5nh+BJPkAgHApfMxCtep0zYEWh26d9fMTwF Oy7/I/DehgmktAXe2VVdEn0K/Fx2B89c2dvUSCjc1eIDlq3F4IWx5iIHUenj/pKE VV7VWljjVynxIH+kdwMQ3Ul1opsM6OYm/PVz9g5/ne64XBGbOvvhqux3cKl1nzR+ -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:45 2025 by rpki-client on console.sobornost.net