$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9725a002-ebcc-4b84-98d3-40c085343993.roa File: 9725a002-ebcc-4b84-98d3-40c085343993.roa (raw, json) Hash identifier: AIM3CPUcIhhJxvvvwaY0XOZ2cIb4iIOx1pVYrHpNIeM= Subject key identifier: 18:77:B8:8A:E6:48:85:9A:32:9E:62:0C:3D:97:B0:55:76:02:8C:47 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3117501D41F19958636478827C7E6CBA721E87B7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9725a002-ebcc-4b84-98d3-40c085343993.roa Signing time: Mon 21 Apr 2025 16:10:27 +0000 ROA not before: Mon 21 Apr 2025 16:10:27 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:17:50:1d:41:f1:99:58:63:64:78:82:7c:7e:6c:ba:72:1e:87:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 16:10:27 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=45e0c226797fc6844151f5d4a45293f92d54c0618f9c2c7f034228d9cac2c891, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:0a:ff:df:a1:68:ab:b1:9f:8a:b7:a0:bb:f9: 3a:b7:cf:70:9f:f4:45:9d:26:ec:7f:9c:5e:47:12: e3:21:2b:c0:1f:02:02:cc:c8:24:21:7f:12:30:ab: de:0c:90:ee:91:ee:f8:68:2b:45:67:b8:42:66:df: ea:b1:e8:3b:ae:03:82:3c:81:2a:36:c8:5d:e9:5d: c6:1c:25:11:e2:3d:91:73:38:b3:c6:f2:3f:e5:ec: 9f:45:ca:fa:58:01:d8:36:90:1c:b3:73:31:b8:84: 56:c8:42:0a:c6:7e:63:24:c0:a3:d6:26:69:51:c9: db:4f:05:a7:38:2d:db:0d:77:c5:4c:30:d1:f6:44: c2:65:79:43:32:ab:48:d0:5f:2f:6c:3c:ae:ce:c1: 23:fe:58:21:0b:19:20:9b:6c:85:01:a2:8f:a4:1b: ae:67:32:5c:94:8d:25:01:eb:40:83:56:db:75:c3: 1c:f0:fd:a7:3a:8a:6a:46:7e:a5:8b:bc:1b:8a:d3: 01:19:db:7a:32:77:ca:20:48:78:29:63:64:f7:d0: 08:9d:92:eb:db:7c:3a:fd:5d:b9:a9:db:fb:ef:4a: 58:27:37:bd:95:e4:fd:fe:9d:b7:09:e7:c0:1c:c4: f4:e1:6a:1f:ef:de:dd:b9:d5:bb:d2:b6:14:6e:f4: 08:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:77:B8:8A:E6:48:85:9A:32:9E:62:0C:3D:97:B0:55:76:02:8C:47 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9725a002-ebcc-4b84-98d3-40c085343993.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:f000::/40 Signature Algorithm: sha256WithRSAEncryption 36:70:81:2a:cf:a9:53:cf:30:68:d2:fa:06:72:29:5e:61:11: 3b:d5:c5:de:87:b4:35:8b:2e:07:27:9f:82:f1:be:94:db:56: d9:1c:b9:f5:5d:b1:a7:97:22:ff:bc:72:fc:01:39:fa:a0:16: 56:34:ea:55:f2:cd:d1:1a:6a:67:68:f2:39:79:83:b6:98:66: 8b:f2:5a:0f:94:5f:de:4c:cd:f5:6f:fd:97:4d:07:60:89:2f: af:55:d7:b6:be:08:d3:74:b9:c0:f6:49:49:9b:cd:f1:ce:63: ff:2f:0a:3d:6b:cd:22:7f:b6:5a:9c:e4:89:9c:25:92:8b:19: 1e:c6:00:b6:ea:12:58:1e:7c:1a:fa:8b:e4:8c:67:07:27:be: 8a:99:b1:5a:b5:ba:32:58:b6:61:44:e0:9c:42:11:87:e7:de: 5f:cc:4a:66:21:54:a4:2c:af:87:8a:f3:33:42:ba:69:0d:fb: e3:97:2d:77:b1:8a:99:35:fe:83:44:8b:c2:2f:4c:8a:f1:43: 7a:f3:6e:15:ca:b5:f2:0a:a2:49:3e:db:5e:0e:81:6a:d5:25: 07:bb:70:c5:c2:1a:f1:6a:29:bd:ba:48:57:c8:51:86:7b:72: b9:00:32:37:1f:25:f7:58:ae:2f:3e:65:73:c1:e1:99:f0:e0: 18:ed:86:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMRdQHUHxmVhjZHiCfH5sunIeh7cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE2MTAyN1oX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNANDVlMGMyMjY3OTdmYzY4NDQxNTFm NWQ0YTQ1MjkzZjkyZDU0YzA2MThmOWMyYzdmMDM0MjI4ZDljYWMyYzg5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwr/36Foq7Gfiregu/k6t89wn/RF nSbsf5xeRxLjISvAHwICzMgkIX8SMKveDJDuke74aCtFZ7hCZt/qseg7rgOCPIEq Nshd6V3GHCUR4j2RczizxvI/5eyfRcr6WAHYNpAcs3MxuIRWyEIKxn5jJMCj1iZp UcnbTwWnOC3bDXfFTDDR9kTCZXlDMqtI0F8vbDyuzsEj/lghCxkgm2yFAaKPpBuu ZzJclI0lAetAg1bbdcMc8P2nOopqRn6li7wbitMBGdt6MnfKIEh4KWNk99AInZLr 23w6/V25qdv770pYJze9leT9/p23CefAHMT04Wof797dudW70rYUbvQIzQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBh3uIrmSIWaMp5iDD2XsFV2AoxHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk3MjVhMDAyLWViY2MtNGI4NC05OGQzLTQwYzA4NTM0Mzk5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMvAwDQYJKoZIhvcNAQELBQADggEBADZwgSrPqVPPMGjS+gZy KV5hETvVxd6HtDWLLgcnn4LxvpTbVtkcufVdsaeXIv+8cvwBOfqgFlY06lXyzdEa amdo8jl5g7aYZovyWg+UX95MzfVv/ZdNB2CJL69V17a+CNN0ucD2SUmbzfHOY/8v Cj1rzSJ/tlqc5ImcJZKLGR7GALbqElgefBr6i+SMZwcnvoqZsVq1ujJYtmFE4JxC EYfn3l/MSmYhVKQsr4eK8zNCumkN++OXLXexipk1/oNEi8IvTIrxQ3rzbhXKtfIK okk+214OgWrVJQe7cMXCGvFqKb26SFfIUYZ7crkAMjcfJfdYri8+ZXPB4Znw4Bjt hvU= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:48 2025 by rpki-client on console.sobornost.net