$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87ba4a57-b2b9-43cc-9a6f-a0d705c2a0d4.roa File: 87ba4a57-b2b9-43cc-9a6f-a0d705c2a0d4.roa (raw, json) Hash identifier: IT3n5Ecy467iv62wzOP19MBYKw1I86vXJnvhpNh8VTs= Subject key identifier: 36:7D:A6:40:E6:AF:00:D5:AE:BB:27:A0:F1:04:51:02:34:06:77:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 25201F10DD5CCB43EC6FE0264470A58F3090B852 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87ba4a57-b2b9-43cc-9a6f-a0d705c2a0d4.roa Signing time: Mon 21 Apr 2025 16:20:11 +0000 ROA not before: Mon 21 Apr 2025 16:20:11 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:20:1f:10:dd:5c:cb:43:ec:6f:e0:26:44:70:a5:8f:30:90:b8:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 16:20:11 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=869114cba2b17ee0b163116f2fa9bda8c7dc3657a7a862c18b9e8d5c8acc71eb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:48:4d:4c:a4:b2:bd:76:5c:e5:e2:d4:d9:da: e0:c7:00:dd:cb:41:84:8b:f1:78:00:d5:75:92:86: 5e:f2:1d:1c:71:96:37:a2:f4:5c:27:82:0a:c5:f4: fa:d2:ba:11:21:68:41:1a:d6:5d:7e:49:a8:97:6c: f8:37:77:d1:52:b5:34:f9:f6:98:e3:8b:fb:a5:7e: ba:58:a8:15:bb:55:ca:2c:45:17:b7:92:2a:41:f2: 96:86:c3:4f:e9:cf:7e:59:70:34:6c:84:58:97:83: a9:56:c6:84:67:f8:3b:c3:20:05:0f:9e:9e:e8:16: e5:2b:f7:1e:35:45:86:c5:ef:53:20:ea:a6:cf:76: f2:2a:41:77:00:37:3a:29:e2:f8:de:8c:d9:72:03: 5c:1b:c2:d5:c3:41:07:f5:e8:07:99:cb:bc:26:57: 02:a3:4a:d3:c0:1f:af:46:11:07:7b:0e:3a:13:18: aa:db:f4:e9:b8:18:75:bc:b1:33:41:66:d5:21:f0: 8c:95:aa:4d:22:ce:c0:e0:c0:da:29:89:19:5a:b7: e9:a6:62:ba:53:e3:a5:a9:4f:34:33:02:4d:ec:3a: 24:a5:3f:46:c2:bf:6d:b6:27:df:e7:f6:9c:8b:54: eb:95:04:9c:d8:84:2b:90:b4:6f:db:b2:f0:ca:56: 75:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:7D:A6:40:E6:AF:00:D5:AE:BB:27:A0:F1:04:51:02:34:06:77:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87ba4a57-b2b9-43cc-9a6f-a0d705c2a0d4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:6000::/40 Signature Algorithm: sha256WithRSAEncryption 4a:d9:f4:2d:24:69:be:e7:67:ee:4b:56:93:4a:2a:af:a0:c1: 6e:bc:fa:29:2e:b3:82:91:16:b2:f6:bb:80:99:dd:2f:9a:23: 07:3a:8b:69:12:ae:1f:11:18:f5:e7:7d:8a:b4:1a:b0:81:34: df:cb:72:ae:85:ac:e8:a1:dc:67:f8:0c:75:26:66:50:f0:c0: 28:39:63:90:15:bf:ef:7b:09:0b:6d:c8:33:5c:3b:5d:2f:e6: 45:1e:39:be:5c:2d:19:85:76:63:04:af:f5:f0:59:52:eb:44: 8e:1f:75:b5:c8:26:1f:7d:0e:9d:de:b5:1d:aa:8a:f5:bb:ec: 91:ff:76:d5:af:69:e0:7b:ad:41:fa:e6:5b:0a:d1:ed:ad:78: ea:bf:52:dc:8e:a0:58:a8:33:a4:4e:ed:60:83:9d:6f:b8:59: 4e:9a:32:ff:93:31:41:ae:eb:42:4c:79:ba:62:0a:80:33:7f: ae:f7:4c:3d:2b:4e:35:8c:ae:58:73:2c:3c:c7:b3:49:3e:bd: b8:00:2c:15:69:3c:7a:e1:85:21:b3:5a:1b:07:d8:6f:b6:4e: 05:51:6d:15:35:44:80:17:b0:6b:6c:0e:1d:9b:a7:7d:d5:88: aa:99:55:05:16:e5:2d:80:3a:35:c2:a9:fd:94:a3:27:74:93: e6:9e:a3:52 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJSAfEN1cy0Psb+AmRHCljzCQuFIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE2MjAxMVoX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAODY5MTE0Y2JhMmIxN2VlMGIxNjMx MTZmMmZhOWJkYThjN2RjMzY1N2E3YTg2MmMxOGI5ZThkNWM4YWNjNzFlYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkhNTKSyvXZc5eLU2drgxwDdy0GE i/F4ANV1koZe8h0ccZY3ovRcJ4IKxfT60roRIWhBGtZdfkmol2z4N3fRUrU0+faY 44v7pX66WKgVu1XKLEUXt5IqQfKWhsNP6c9+WXA0bIRYl4OpVsaEZ/g7wyAFD56e 6BblK/ceNUWGxe9TIOqmz3byKkF3ADc6KeL43ozZcgNcG8LVw0EH9egHmcu8JlcC o0rTwB+vRhEHew46Exiq2/TpuBh1vLEzQWbVIfCMlapNIs7A4MDaKYkZWrfppmK6 U+OlqU80MwJN7DokpT9Gwr9ttiff5/aci1TrlQSc2IQrkLRv27LwylZ1fwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDZ9pkDmrwDVrrsnoPEEUQI0BneaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg3YmE0YTU3LWIyYjktNDNjYy05YTZmLWEwZDcwNWMyYTBkNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacGAwDQYJKoZIhvcNAQELBQADggEBAErZ9C0kab7nZ+5LVpNK Kq+gwW68+ikus4KRFrL2u4CZ3S+aIwc6i2kSrh8RGPXnfYq0GrCBNN/Lcq6FrOih 3Gf4DHUmZlDwwCg5Y5AVv+97CQttyDNcO10v5kUeOb5cLRmFdmMEr/XwWVLrRI4f dbXIJh99Dp3etR2qivW77JH/dtWvaeB7rUH65lsK0e2teOq/UtyOoFioM6RO7WCD nW+4WU6aMv+TMUGu60JMebpiCoAzf673TD0rTjWMrlhzLDzHs0k+vbgALBVpPHrh hSGzWhsH2G+2TgVRbRU1RIAXsGtsDh2bp33ViKqZVQUW5S2AOjXCqf2Uoyd0k+ae o1I= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:47 2025 by rpki-client on console.sobornost.net