$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa File: b0c7485a-6d94-4adf-ad68-d031efad9d50.roa (raw, json) Hash identifier: 3OF2uqyFE0+9xtNoenhcuyOuv/lu+KeJNhupmuNuOSc= Subject key identifier: 7C:7C:E6:1A:A4:5D:7F:4E:36:00:63:1C:AF:10:58:09:9E:FF:EB:0B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5875F0AD1E43178E91DB25F37FF020A14607F202 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa Signing time: Sat 19 Apr 2025 00:40:17 +0000 ROA not before: Sat 19 Apr 2025 00:40:17 +0000 ROA not after: Sat 24 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:75:f0:ad:1e:43:17:8e:91:db:25:f3:7f:f0:20:a1:46:07:f2:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 19 00:40:17 2025 GMT Not After : May 24 23:59:59 2025 GMT Subject: serialNumber=2848fc5f719b24c676c91cdb93e552788867d8348122fed3551929b0f8281946, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:49:37:9c:9c:4c:0c:8c:62:2f:c6:54:ec:73: f3:0d:f2:ed:a7:02:78:13:d9:68:b2:b8:e1:92:01: eb:0d:b6:fb:ac:5e:39:a5:da:94:f7:1d:8f:b6:c2: 23:5a:a3:1f:ec:7b:d4:e7:a0:32:e6:ce:6a:22:35: d4:0b:f8:fc:71:55:ec:33:5b:74:9b:f8:5c:27:a1: c9:b6:9b:2f:67:dd:95:23:f7:92:bc:70:8b:1d:66: be:5e:11:c4:45:89:08:05:fe:f4:e3:43:d4:f5:97: c5:78:24:ba:a6:2c:36:7f:5e:06:9d:09:77:40:53: 89:78:76:1a:d9:cc:76:3b:9c:04:d2:42:ac:b9:13: 55:41:89:b3:89:89:a9:5b:cf:aa:64:be:38:dc:0e: 72:92:74:d0:50:43:a6:df:3a:b5:dd:38:a4:b6:29: e7:a0:65:1a:60:d4:b4:b9:84:00:4c:0e:34:04:46: db:83:3c:79:6b:75:8c:ab:2f:7e:a3:1f:80:7d:bb: 91:6d:44:6c:d3:f4:a8:e9:cf:ce:c3:fb:90:d9:1e: 27:a5:72:1a:98:e1:39:18:59:c1:3c:63:c9:7a:08: 1c:76:52:10:6e:d2:68:61:9f:35:69:b4:b0:7a:68: 7b:91:72:78:ed:a7:ef:70:48:c6:e4:d1:dd:ce:7b: cc:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:7C:E6:1A:A4:5D:7F:4E:36:00:63:1C:AF:10:58:09:9E:FF:EB:0B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9080::/48 Signature Algorithm: sha256WithRSAEncryption 94:e3:47:3e:21:35:3d:6d:c5:58:94:53:58:ae:76:ea:61:dc: d7:78:f5:e5:99:6c:7c:99:9f:15:33:a6:58:7f:31:ad:24:c4: c8:4f:1b:1d:c5:2e:b0:2a:e5:fe:02:07:8f:af:92:7d:97:a0: 8f:99:3b:9f:a3:77:6e:1d:35:99:15:51:d7:61:4d:e5:dd:cd: bd:34:ee:43:9a:f5:4b:d7:57:d6:9f:86:e4:d9:a0:24:23:b3: 31:6e:83:3b:68:88:83:a4:67:16:72:53:87:02:b5:65:fe:bc: 0f:dd:b4:86:6c:ac:c1:45:32:90:a3:e5:62:02:ad:4d:09:62: 2a:d4:0a:d8:f6:f3:23:d5:f5:8b:ba:dd:6c:70:4f:48:07:a4: fe:24:66:6c:7b:94:c9:2d:76:d9:6c:90:70:ac:61:bd:89:7a: 08:56:bd:3c:de:0f:ea:59:b8:2f:70:f7:d2:70:d2:85:a3:02: b6:55:dd:5a:a5:64:70:c8:43:d8:44:12:12:cd:22:98:96:2d: 96:60:a5:7c:3c:b5:df:6c:d1:86:5f:34:48:e0:5b:8f:53:93: 4b:24:d5:2b:12:12:c6:d7:bd:32:b0:65:8f:d7:ac:a4:c3:45: 8c:96:c9:b3:41:8e:a6:93:9c:90:07:27:d5:bf:19:fc:c1:a8: 8a:50:54:15 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWHXwrR5DF46R2yXzf/AgoUYH8gIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxOTAwNDAxN1oX DTI1MDUyNDIzNTk1OVowejFJMEcGA1UEBRNAMjg0OGZjNWY3MTliMjRjNjc2Yzkx Y2RiOTNlNTUyNzg4ODY3ZDgzNDgxMjJmZWQzNTUxOTI5YjBmODI4MTk0NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0k3nJxMDIxiL8ZU7HPzDfLtpwJ4 E9losrjhkgHrDbb7rF45pdqU9x2PtsIjWqMf7HvU56Ay5s5qIjXUC/j8cVXsM1t0 m/hcJ6HJtpsvZ92VI/eSvHCLHWa+XhHERYkIBf7040PU9ZfFeCS6piw2f14GnQl3 QFOJeHYa2cx2O5wE0kKsuRNVQYmziYmpW8+qZL443A5yknTQUEOm3zq13Tiktinn oGUaYNS0uYQATA40BEbbgzx5a3WMqy9+ox+AfbuRbURs0/So6c/Ow/uQ2R4npXIa mOE5GFnBPGPJeggcdlIQbtJoYZ81abSwemh7kXJ47afvcEjG5NHdznvM+wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHx85hqkXX9ONgBjHK8QWAme/+sLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwYzc0ODVhLTZkOTQtNGFkZi1hZDY4LWQwMzFlZmFkOWQ1MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJCAMA0GCSqGSIb3DQEBCwUAA4IBAQCU40c+ITU9bcVYlFNY rnbqYdzXePXlmWx8mZ8VM6ZYfzGtJMTITxsdxS6wKuX+AgePr5J9l6CPmTufo3du HTWZFVHXYU3l3c29NO5DmvVL11fWn4bk2aAkI7MxboM7aIiDpGcWclOHArVl/rwP 3bSGbKzBRTKQo+ViAq1NCWIq1ArY9vMj1fWLut1scE9IB6T+JGZse5TJLXbZbJBw rGG9iXoIVr083g/qWbgvcPfScNKFowK2Vd1apWRwyEPYRBISzSKYli2WYKV8PLXf bNGGXzRI4FuPU5NLJNUrEhLG170ysGWP16ykw0WMlsmzQY6mk5yQByfVvxn8waiK UFQV -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:49 2025 by rpki-client on console.sobornost.net