$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68f22ed7-c8a5-4cae-956a-e93f94070791.roa File: 68f22ed7-c8a5-4cae-956a-e93f94070791.roa (raw, json) Hash identifier: U4PP6IpCs2ecnK8fAEh4PdELwxK8wCAb/UsHx2/YRtQ= Subject key identifier: DE:61:BC:9E:60:D1:95:2C:86:DD:A8:10:17:9C:FF:45:1B:F8:B2:0B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36B7E7B93C31D4F03A9A52180A86018BA020F84B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68f22ed7-c8a5-4cae-956a-e93f94070791.roa Signing time: Sat 19 Apr 2025 00:01:34 +0000 ROA not before: Sat 19 Apr 2025 00:01:34 +0000 ROA not after: Sat 24 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:b7:e7:b9:3c:31:d4:f0:3a:9a:52:18:0a:86:01:8b:a0:20:f8:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 19 00:01:34 2025 GMT Not After : May 24 23:59:59 2025 GMT Subject: serialNumber=804a05c221e776d0255ef94ce0f4b6f0cb525b70f3946326aa7bb5fad2156c98, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4c:1c:18:2a:a5:e7:02:66:24:e5:1d:00:c4: b0:1f:14:d8:54:f2:c2:54:4d:8d:e3:45:35:03:8b: 7c:63:e5:2f:ce:f3:64:a9:89:4e:86:94:da:10:9b: 3b:93:25:92:5e:b9:46:90:30:70:a1:f6:b1:9a:00: 6d:91:86:c5:bc:98:8c:90:4a:be:7e:5e:2d:4f:5d: ea:0c:2b:5e:2f:ca:31:be:a7:61:42:5d:34:76:d8: 59:53:47:1d:2f:a0:4e:d0:03:c6:fd:64:c0:83:61: f7:0a:66:e8:6e:d6:0b:0b:56:44:ca:cd:e3:21:4d: f1:82:d1:ca:1a:33:cd:2e:41:de:04:37:88:a1:59: 8e:40:ad:da:da:3a:cf:3e:73:c4:69:27:37:ac:83: 74:13:24:81:a4:ec:eb:00:8e:90:38:8a:2e:da:dc: 30:10:bb:58:8b:f9:d9:f9:6a:7d:32:b0:1d:64:aa: 21:bb:42:a6:06:bb:3f:48:84:4b:0d:50:3a:cf:a3: 44:80:5b:b8:33:8e:8b:d4:45:67:6b:a8:a7:dd:5f: 45:1e:d2:51:06:42:b3:0a:e5:f4:ff:dc:3a:99:75: db:a7:ef:8c:3d:15:33:f7:cd:9d:36:26:0f:22:9c: 85:48:3c:af:2a:c1:3e:aa:ea:d3:c7:19:91:58:2b: fa:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:61:BC:9E:60:D1:95:2C:86:DD:A8:10:17:9C:FF:45:1B:F8:B2:0B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68f22ed7-c8a5-4cae-956a-e93f94070791.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e080::/48 Signature Algorithm: sha256WithRSAEncryption 36:f3:9d:29:c3:e8:65:e3:5d:db:cb:5d:5f:c1:9a:0e:18:44: 4b:bc:fd:75:26:08:9e:26:8f:15:c8:c4:63:eb:3e:36:67:f0: 29:98:71:a8:3f:9e:8b:42:38:b7:17:1d:ff:30:8e:34:3b:c2: 8e:2f:ea:69:f9:81:2e:be:ed:db:ec:f7:e0:87:9a:59:88:fa: 21:a4:6f:d2:03:5c:3b:19:01:5c:d2:fa:fe:f4:a3:75:34:54: 5e:94:3d:8b:09:b6:a3:fc:8d:bf:b5:2a:33:2b:d3:8c:53:c5: 49:f6:5e:cc:45:01:5e:51:71:8c:b8:cd:00:19:fe:bc:f2:5d: 52:cc:14:00:b5:13:c6:fd:4c:98:86:4f:cb:45:dd:ea:f5:fd: ad:82:d6:18:c6:62:dc:75:fe:1d:6b:86:03:0b:86:e9:41:08: 93:b6:62:dc:c4:9a:56:b5:b8:5c:50:98:7a:cb:3c:84:e7:f9: a7:2f:dc:0f:d4:84:25:05:48:43:a5:4d:59:0d:94:3c:6c:a1: a4:f0:81:98:94:cb:30:d2:e0:31:db:a8:92:79:f2:65:51:f9: e1:df:2c:68:a0:a8:95:59:72:71:ae:4f:d9:01:a3:b3:0d:c7: 70:cf:b0:84:3a:ed:09:07:70:6c:b4:b6:94:22:c3:e0:58:fb: 45:f8:63:13 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNrfnuTwx1PA6mlIYCoYBi6Ag+EswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxOTAwMDEzNFoX DTI1MDUyNDIzNTk1OVowejFJMEcGA1UEBRNAODA0YTA1YzIyMWU3NzZkMDI1NWVm OTRjZTBmNGI2ZjBjYjUyNWI3MGYzOTQ2MzI2YWE3YmI1ZmFkMjE1NmM5ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0wcGCql5wJmJOUdAMSwHxTYVPLC VE2N40U1A4t8Y+UvzvNkqYlOhpTaEJs7kyWSXrlGkDBwofaxmgBtkYbFvJiMkEq+ fl4tT13qDCteL8oxvqdhQl00dthZU0cdL6BO0APG/WTAg2H3CmbobtYLC1ZEys3j IU3xgtHKGjPNLkHeBDeIoVmOQK3a2jrPPnPEaSc3rIN0EySBpOzrAI6QOIou2tww ELtYi/nZ+Wp9MrAdZKohu0KmBrs/SIRLDVA6z6NEgFu4M46L1EVna6in3V9FHtJR BkKzCuX0/9w6mXXbp++MPRUz982dNiYPIpyFSDyvKsE+qurTxxmRWCv6cwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN5hvJ5g0ZUsht2oEBec/0Ub+LILMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY4ZjIyZWQ3LWM4YTUtNGNhZS05NTZhLWU5M2Y5NDA3MDc5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8uCAMA0GCSqGSIb3DQEBCwUAA4IBAQA2850pw+hl413by11f wZoOGERLvP11JgieJo8VyMRj6z42Z/ApmHGoP56LQji3Fx3/MI40O8KOL+pp+YEu vu3b7Pfgh5pZiPohpG/SA1w7GQFc0vr+9KN1NFRelD2LCbaj/I2/tSozK9OMU8VJ 9l7MRQFeUXGMuM0AGf688l1SzBQAtRPG/UyYhk/LRd3q9f2tgtYYxmLcdf4da4YD C4bpQQiTtmLcxJpWtbhcUJh6yzyE5/mnL9wP1IQlBUhDpU1ZDZQ8bKGk8IGYlMsw 0uAx26iSefJlUfnh3yxooKiVWXJxrk/ZAaOzDcdwz7CEOu0JB3BstLaUIsPgWPtF +GMT -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:45 2025 by rpki-client on console.sobornost.net