$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7974622f-4ca2-41cf-a120-c997e94d7512.roa File: 7974622f-4ca2-41cf-a120-c997e94d7512.roa (raw, json) Hash identifier: BROBUx5T+dtTuuQAkpRsV01GkMim2vbViTOLBFpd294= Subject key identifier: B3:BB:AA:AE:44:B0:FF:1D:66:68:91:1B:07:36:EF:99:F8:EF:69:9B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E5B5CBBCE1D215FC5A9169BD5EB9D9DBBBDD576 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7974622f-4ca2-41cf-a120-c997e94d7512.roa Signing time: Mon 21 Apr 2025 15:21:32 +0000 ROA not before: Mon 21 Apr 2025 15:21:32 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:b040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:5b:5c:bb:ce:1d:21:5f:c5:a9:16:9b:d5:eb:9d:9d:bb:bd:d5:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 15:21:32 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=2432912993199d504ad4d24e31ad904b1818819b00431efbe89aa178f0f03982, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f8:20:03:3a:13:9f:4e:19:2c:e2:8a:1e:eb: cb:70:f8:3b:f6:21:45:5f:d8:00:5b:84:19:f3:54: f7:d4:c1:a1:12:5e:b3:5d:1a:d2:67:e0:38:27:36: 01:9c:b7:5a:8d:22:28:2a:3d:da:30:83:b6:0c:c8: ea:48:ec:e9:01:a3:3f:e6:65:0d:a9:64:a9:ad:01: 21:ed:9f:84:d9:b0:aa:93:12:92:89:a4:7e:ca:80: ee:c5:74:28:05:47:36:1a:af:6e:2b:15:47:10:8c: f7:fa:e7:f0:09:b8:67:bc:5d:e5:64:b8:4e:c0:e6: 63:35:1a:7a:38:3a:dd:03:1f:12:ef:4e:08:18:a0: 24:1f:56:a2:07:a1:a3:d0:6e:7a:a7:59:f1:3b:6a: 49:34:3b:cd:73:71:d6:f4:48:5a:23:1d:0b:b8:9c: 6a:36:ef:20:95:c5:9c:88:bd:23:c7:d3:16:06:bc: 3a:8a:9f:cc:6a:ca:fe:34:8b:61:b8:3f:91:6e:57: 9b:c5:90:28:da:b8:e3:be:9d:d9:db:db:fb:f5:bd: 9b:ac:22:11:9a:b8:ef:8b:02:52:05:c3:ae:93:cd: f2:0c:42:68:8a:21:49:d8:ae:c3:a9:e0:ed:0b:1c: 61:d3:dc:97:a9:01:13:a9:99:06:b0:d0:24:d1:83: 81:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:BB:AA:AE:44:B0:FF:1D:66:68:91:1B:07:36:EF:99:F8:EF:69:9B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7974622f-4ca2-41cf-a120-c997e94d7512.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:b040::/46 Signature Algorithm: sha256WithRSAEncryption 53:08:4b:1a:4f:82:a2:61:86:f1:2b:89:30:14:47:6d:e7:35: ce:54:80:a7:bd:2a:99:31:47:64:0c:22:00:69:52:31:70:86: c8:26:52:27:0d:80:57:40:ff:49:31:a7:31:d4:df:9c:45:b9: e5:ed:90:26:9d:91:45:fa:c0:be:6b:78:7a:18:0e:71:d9:ae: cf:08:fa:5e:b5:fc:3d:f2:94:3c:bd:c9:d2:76:33:56:98:de: c8:cf:9e:71:ea:9e:76:70:15:64:8a:18:7c:41:32:aa:d6:84: d4:5a:68:df:37:06:31:ce:e1:d2:1d:e8:b6:c4:e3:3d:ce:62: 3a:11:2d:91:88:6c:02:b3:b3:cb:55:fb:19:42:57:d1:2b:e8: a6:25:fe:f1:d2:64:a2:12:17:f0:04:0b:0a:c4:7b:d1:ff:77: f6:af:b0:56:97:84:f9:0b:af:4b:e7:d6:4b:53:a5:e2:91:5a: ca:3a:ea:08:6f:2c:37:8c:76:38:d7:93:48:fa:35:a7:1e:17: 4c:47:c6:8c:79:7b:87:25:66:6b:7c:23:78:bd:56:b6:e2:da: 2f:7c:04:56:a1:58:dc:d2:7c:35:32:65:11:3a:f1:6b:d2:ab: e7:d0:d3:43:75:3c:d6:cb:ab:f4:3f:e5:f1:f4:9e:99:65:f4: d9:05:0b:9b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbltcu84dIV/FqRab1eudnbu91XYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE1MjEzMloX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMjQzMjkxMjk5MzE5OWQ1MDRhZDRk MjRlMzFhZDkwNGIxODE4ODE5YjAwNDMxZWZiZTg5YWExNzhmMGYwMzk4MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfggAzoTn04ZLOKKHuvLcPg79iFF X9gAW4QZ81T31MGhEl6zXRrSZ+A4JzYBnLdajSIoKj3aMIO2DMjqSOzpAaM/5mUN qWSprQEh7Z+E2bCqkxKSiaR+yoDuxXQoBUc2Gq9uKxVHEIz3+ufwCbhnvF3lZLhO wOZjNRp6ODrdAx8S704IGKAkH1aiB6Gj0G56p1nxO2pJNDvNc3HW9EhaIx0LuJxq Nu8glcWciL0jx9MWBrw6ip/Masr+NIthuD+RblebxZAo2rjjvp3Z29v79b2brCIR mrjviwJSBcOuk83yDEJoiiFJ2K7DqeDtCxxh09yXqQETqZkGsNAk0YOBkQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLO7qq5EsP8dZmiRGwc275n472mbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5NzQ2MjJmLTRjYTItNDFjZi1hMTIwLWM5OTdlOTRkNzUxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaabBAMA0GCSqGSIb3DQEBCwUAA4IBAQBTCEsaT4KiYYbxK4kw FEdt5zXOVICnvSqZMUdkDCIAaVIxcIbIJlInDYBXQP9JMacx1N+cRbnl7ZAmnZFF +sC+a3h6GA5x2a7PCPpetfw98pQ8vcnSdjNWmN7Iz55x6p52cBVkihh8QTKq1oTU WmjfNwYxzuHSHei2xOM9zmI6ES2RiGwCs7PLVfsZQlfRK+imJf7x0mSiEhfwBAsK xHvR/3f2r7BWl4T5C69L59ZLU6XikVrKOuoIbyw3jHY415NI+jWnHhdMR8aMeXuH JWZrfCN4vVa24tovfARWoVjc0nw1MmUROvFr0qvn0NNDdTzWy6v0P+Xx9J6ZZfTZ BQub -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:46 2025 by rpki-client on console.sobornost.net